Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AIYNbQpukfYzG5o_dvmm4inq2z0.roa
File: AIYNbQpukfYzG5o_dvmm4inq2z0.roa (raw, json)
Hash identifier: N3oiRoWOLSQnPtP6u0583zRPsYJ3a2Ekliym8K65a9k=
Subject key identifier: 00:86:0D:6D:0A:6E:91:F6:33:1B:9A:3F:76:F9:A6:E2:29:EA:DB:3D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA80D2AB9540A6533828F1521466180
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AIYNbQpukfYzG5o_dvmm4inq2z0.roa
Signing time: Tue 06 Feb 2024 18:22:16 +0000
ROA not before: Tue 06 Feb 2024 18:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199680
IP address blocks: 2a0f:b241:8b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:0d:2a:b9:54:0a:65:33:82:8f:15:21:46:61:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00860d6d0a6e91f6331b9a3f76f9a6e229eadb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:79:98:82:ef:07:e4:9d:09:21:a2:a3:41:
85:45:5d:be:96:32:01:2e:ad:2c:35:2d:b1:0d:f9:
11:3d:14:b5:28:18:b5:15:ac:27:7a:a5:b6:a6:36:
0c:f2:da:44:c4:08:65:e3:ed:08:45:8f:20:dd:fd:
1a:df:30:07:6b:17:97:0d:10:af:d5:c9:91:67:85:
ed:fd:6b:0b:72:0e:bc:60:b2:63:c6:6b:98:72:61:
13:ee:5d:b9:a3:96:5f:56:aa:bb:6e:1c:48:2c:08:
c9:34:44:f1:2e:a3:3f:b6:ce:0a:7b:cf:af:b7:5e:
5d:3d:ff:74:c7:06:2a:ef:f3:22:72:77:7c:e4:fd:
6e:7a:74:bf:0b:5c:e3:05:f6:5c:4e:fa:95:d4:27:
42:33:8a:21:b6:ae:db:dd:5b:dc:a6:c5:90:1e:d4:
e9:28:bd:53:63:1a:22:98:ec:be:f5:14:94:af:6f:
53:ba:d6:9b:c8:35:b3:eb:9e:d3:a0:30:19:2d:f0:
d5:f1:4a:52:93:4a:c4:3a:c8:26:a3:cb:0e:dc:da:
c1:62:39:7d:74:fe:63:d0:e5:9b:7d:7a:d9:01:40:
20:cc:4b:f2:5b:9d:ca:c6:38:7c:c2:8a:28:ae:a8:
3e:14:24:ec:e3:21:2d:de:c2:ab:d3:08:be:64:70:
5b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:86:0D:6D:0A:6E:91:F6:33:1B:9A:3F:76:F9:A6:E2:29:EA:DB:3D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AIYNbQpukfYzG5o_dvmm4inq2z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8b::/48
Signature Algorithm: sha256WithRSAEncryption
35:97:b6:0e:55:66:0b:34:79:29:51:1b:fc:5b:91:cd:71:c4:
25:f6:23:7b:8e:37:d7:51:74:9a:1a:1b:fc:99:57:09:80:49:
ba:8a:21:0e:c4:f9:f4:7b:aa:00:5b:6c:2d:65:bb:8f:db:b0:
ac:5d:9d:71:77:e6:58:df:df:1e:27:28:ee:b8:fa:07:fb:53:
7d:eb:8d:79:20:0e:22:62:e1:63:5c:a9:e6:fb:1a:3f:c7:e7:
0a:98:31:f9:d1:0a:9a:27:51:27:d8:4f:66:c1:15:a2:e6:1a:
71:f3:7d:6f:05:5d:9e:61:de:c1:af:0a:52:d6:91:27:a7:82:
4b:ad:6e:bc:a2:62:54:d0:6e:d1:d2:05:b1:5d:8e:7e:a1:6e:
51:c3:9f:fb:43:7c:1e:76:5c:e8:5f:d6:a0:ba:20:ad:b3:8e:
86:9c:cd:2e:cb:d3:a6:ae:85:aa:91:28:47:2b:c2:73:cb:33:
89:9f:7f:1a:e8:0e:b0:35:de:ba:ad:df:f1:6b:0c:4b:15:80:
ce:24:63:e9:8a:da:ee:4f:70:eb:3c:7c:7b:7b:55:bc:99:8c:
13:f7:90:d9:27:d9:62:98:c9:0e:e9:bb:a3:6e:45:17:32:75:
03:a1:23:16:75:bc:4f:a2:36:b1:6f:eb:ed:64:04:63:c0:1d:
a5:ad:d2:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qA0quVQKZTOCjxUhRmGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg2MGQ2ZDBhNmU5MWY2MzMxYjlhM2Y3NmY5YTZlMjI5ZWFkYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtN5mILvB+SdCSGio0GFRV2+ljIB
Lq0sNS2xDfkRPRS1KBi1FawneqW2pjYM8tpExAhl4+0IRY8g3f0a3zAHaxeXDRCv
1cmRZ4Xt/WsLcg68YLJjxmuYcmET7l25o5ZfVqq7bhxILAjJNETxLqM/ts4Ke8+v
t15dPf90xwYq7/Micnd85P1uenS/C1zjBfZcTvqV1CdCM4ohtq7b3VvcpsWQHtTp
KL1TYxoimOy+9RSUr29TutabyDWz657ToDAZLfDV8UpSk0rEOsgmo8sO3NrBYjl9
dP5j0OWbfXrZAUAgzEvyW53Kxjh8wooorqg+FCTs4yEt3sKr0wi+ZHBbyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFACGDW0KbpH2MxuaP3b5puIp6ts9MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQUlZTmJRcHVrZll6RzVvX2R2bW00aW5xMnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCL
MA0GCSqGSIb3DQEBCwUAA4IBAQA1l7YOVWYLNHkpURv8W5HNccQl9iN7jjfXUXSa
Ghv8mVcJgEm6iiEOxPn0e6oAW2wtZbuP27CsXZ1xd+ZY398eJyjuuPoH+1N96415
IA4iYuFjXKnm+xo/x+cKmDH50QqaJ1En2E9mwRWi5hpx831vBV2eYd7BrwpS1pEn
p4JLrW68omJU0G7R0gWxXY5+oW5Rw5/7Q3wedlzoX9aguiCts46GnM0uy9OmroWq
kShHK8JzyzOJn38a6A6wNd66rd/xawxLFYDOJGPpitruT3DrPHx7e1W8mYwT95DZ
J9limMkO6bujbkUXMnUDoSMWdbxPojaxb+vtZARjwB2lrdJu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org