Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AftiuLssyiOX5l4PxlsrQV6emkM.roa
File: AftiuLssyiOX5l4PxlsrQV6emkM.roa (raw, json)
Hash identifier: KwU9K7obajgHaPhFxsoT5Ky4nD1fQ5I/UwgOQnibfIo=
Subject key identifier: 01:FB:62:B8:BB:2C:CA:23:97:E6:5E:0F:C6:5B:2B:41:5E:9E:9A:43
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA8FA1041E4BAABC1E219B997D80200
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AftiuLssyiOX5l4PxlsrQV6emkM.roa
Signing time: Tue 06 Feb 2024 18:23:16 +0000
ROA not before: Tue 06 Feb 2024 18:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200255
IP address blocks: 2a0f:b241:a4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:fa:10:41:e4:ba:ab:c1:e2:19:b9:97:d8:02:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01fb62b8bb2cca2397e65e0fc65b2b415e9e9a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:14:db:8b:b6:66:0f:f9:f9:c5:21:16:60:95:
66:e8:56:12:c4:29:e7:ea:a4:e0:3c:2e:55:07:c5:
ec:7e:c0:bf:a2:21:32:90:81:8d:7b:cb:e4:a8:42:
5d:2a:0e:d0:e1:ab:c7:7e:ad:4c:d7:c2:80:84:45:
03:f3:97:a8:80:b2:56:6f:8d:25:8b:14:b7:50:32:
2a:c1:ae:92:13:ed:b9:97:b5:ff:8e:2c:e2:d5:1e:
7b:a4:67:30:da:f3:e7:3e:a0:ef:62:f3:76:60:8f:
cc:82:03:b1:32:d3:5f:8b:db:90:4b:b1:65:b6:f6:
85:9e:82:26:3c:e8:44:34:d3:e9:ce:e0:2d:78:1c:
de:2a:6c:29:d8:95:3f:65:c0:ce:2c:a5:07:d7:90:
bd:b8:23:f0:e5:d2:e4:97:34:b3:d5:7e:a8:d1:58:
31:ec:56:fa:26:e0:ef:a6:0f:19:bb:6e:e6:9e:02:
63:74:e9:d3:51:c8:8e:f7:3f:a0:ef:18:8c:6b:2a:
7b:99:5d:eb:dd:1f:6b:7d:cb:0c:84:85:18:c6:a4:
13:8d:f8:59:98:5f:cd:59:d5:fc:be:8a:f8:50:59:
77:bb:69:d2:cb:03:96:fa:1d:24:e4:01:b0:5b:ce:
1d:6b:7e:0c:dd:f9:01:36:98:2f:60:bf:d0:96:70:
84:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FB:62:B8:BB:2C:CA:23:97:E6:5E:0F:C6:5B:2B:41:5E:9E:9A:43
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AftiuLssyiOX5l4PxlsrQV6emkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:a4::/48
Signature Algorithm: sha256WithRSAEncryption
7f:9d:bd:52:e0:6d:a1:51:3a:f0:ae:87:d0:20:67:c4:f1:e1:
94:67:a4:d2:dc:6f:6f:22:7e:b7:52:61:f3:f7:87:9c:06:56:
c7:be:5d:bb:b5:41:cd:95:97:dd:ca:01:46:d2:29:6b:ce:3b:
27:bd:51:91:90:7b:6b:24:89:d0:7d:c3:53:aa:e0:e0:6e:86:
2e:e6:34:c6:e8:e8:42:fb:5f:f9:16:23:45:f8:5f:8d:bf:61:
73:ec:6b:f5:05:4e:bb:a9:22:92:c4:27:a7:a0:3c:78:df:b4:
85:27:52:32:54:5e:42:94:d5:e4:75:9c:3c:15:b3:9c:fd:8e:
29:fa:85:eb:6a:ae:3b:cd:ce:7b:d1:a6:51:75:e6:61:e3:aa:
33:0c:56:ea:9d:fd:dc:6c:37:d7:9e:fe:ed:f3:c5:98:72:88:
62:ae:85:1c:c5:a8:14:15:4b:41:ad:91:93:cc:c2:56:cb:f5:
43:17:ec:93:09:27:af:43:58:7c:6b:59:be:64:7d:5e:82:ee:
ac:1d:d6:28:53:dc:0a:c4:0e:db:51:28:d0:f2:26:2c:89:4a:
bf:f7:2c:d6:0b:ff:94:92:4e:54:ee:4c:7b:12:42:35:70:20:
3a:e9:5e:91:95:08:0b:4c:52:da:41:a6:ab:8b:03:ec:0b:c8:
7a:bb:99:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qPoQQeS6q8HiGbmX2AIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZiNjJiOGJiMmNjYTIzOTdlNjVlMGZjNjViMmI0MTVlOWU5YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRTbi7ZmD/n5xSEWYJVm6FYSxCnn
6qTgPC5VB8XsfsC/oiEykIGNe8vkqEJdKg7Q4avHfq1M18KAhEUD85eogLJWb40l
ixS3UDIqwa6SE+25l7X/jizi1R57pGcw2vPnPqDvYvN2YI/MggOxMtNfi9uQS7Fl
tvaFnoImPOhENNPpzuAteBzeKmwp2JU/ZcDOLKUH15C9uCPw5dLklzSz1X6o0Vgx
7Fb6JuDvpg8Zu27mngJjdOnTUciO9z+g7xiMayp7mV3r3R9rfcsMhIUYxqQTjfhZ
mF/NWdX8vor4UFl3u2nSywOW+h0k5AGwW84da34M3fkBNpgvYL/QlnCEKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAH7Yri7LMojl+ZeD8ZbK0FenppDMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQWZ0aXVMc3N5aU9YNWw0UHhsc3JRVjZlbWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCk
MA0GCSqGSIb3DQEBCwUAA4IBAQB/nb1S4G2hUTrwrofQIGfE8eGUZ6TS3G9vIn63
UmHz94ecBlbHvl27tUHNlZfdygFG0ilrzjsnvVGRkHtrJInQfcNTquDgboYu5jTG
6OhC+1/5FiNF+F+Nv2Fz7Gv1BU67qSKSxCenoDx437SFJ1IyVF5ClNXkdZw8FbOc
/Y4p+oXraq47zc570aZRdeZh46ozDFbqnf3cbDfXnv7t88WYcohiroUcxagUFUtB
rZGTzMJWy/VDF+yTCSevQ1h8a1m+ZH1egu6sHdYoU9wKxA7bUSjQ8iYsiUq/9yzW
C/+Ukk5U7kx7EkI1cCA66V6RlQgLTFLaQaariwPsC8h6u5ma
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org