Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Aiqt8ISoNaNqEQVfom53ApO0WM4.roa
File: Aiqt8ISoNaNqEQVfom53ApO0WM4.roa (raw, json)
Hash identifier: zAkDIcYNQeNCkrRIgN7SEtkRXLKaS4r3ElvGJENaqws=
Subject key identifier: 02:2A:AD:F0:84:A8:35:A3:6A:11:05:5F:A2:6E:77:02:93:B4:58:CE
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07AF7EA07EB53F82E9451CBE7137A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Aiqt8ISoNaNqEQVfom53ApO0WM4.roa
Signing time: Wed 07 Feb 2024 05:00:37 +0000
ROA not before: Wed 07 Feb 2024 05:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199680
IP address blocks: 2a0f:b241:8b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7a:f7:ea:07:eb:53:f8:2e:94:51:cb:e7:13:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=022aadf084a835a36a11055fa26e770293b458ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:8f:4c:a1:1a:12:05:29:33:70:82:88:d6:
38:fa:9c:7a:ad:d7:90:b6:27:0c:c6:de:59:58:e4:
45:1c:ae:82:8b:a4:26:4f:ef:5c:b5:fb:3b:1f:f3:
75:45:bc:b1:1b:6a:d6:e5:4b:56:f8:71:4b:62:63:
3f:38:63:68:81:9f:42:ea:c5:34:68:e5:6c:3e:4d:
57:53:72:61:27:0b:d7:d7:1b:8c:49:f4:99:46:b4:
34:2e:30:90:a0:a8:af:d2:49:27:30:06:6d:0e:3a:
0a:09:08:b4:32:a6:27:bc:94:48:89:55:97:b0:65:
ce:67:a5:eb:e3:6a:97:0f:36:b7:de:b4:35:da:dd:
07:2a:9e:29:86:2e:0b:cb:77:c9:50:ee:db:ca:c1:
e7:94:6e:b7:55:cd:86:dc:aa:8b:4f:73:8a:40:bb:
d8:c8:5e:d5:ee:86:e8:c5:60:48:49:24:40:5a:43:
b4:6e:86:9b:2d:24:e2:dc:4a:04:6d:e1:a3:e6:cd:
8d:05:46:1d:99:e5:c4:b7:1b:a4:a8:84:7e:58:dd:
de:4b:bb:e9:21:35:80:c1:f4:3d:92:4e:bd:49:a9:
70:6b:f3:3f:df:63:9f:8f:16:9c:7a:aa:c2:7f:a1:
41:db:cf:a3:3b:1e:6b:ce:85:ed:16:03:27:24:c1:
28:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2A:AD:F0:84:A8:35:A3:6A:11:05:5F:A2:6E:77:02:93:B4:58:CE
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Aiqt8ISoNaNqEQVfom53ApO0WM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8b::/48
Signature Algorithm: sha256WithRSAEncryption
4c:b4:f4:08:0f:23:ea:1c:02:d8:bf:48:3c:ad:2b:25:5e:6b:
f6:d8:39:c5:ff:0e:ad:85:f6:06:61:57:45:ec:01:48:72:aa:
f9:2f:27:e3:38:68:82:d8:0a:b7:0e:6c:44:80:fe:93:b7:80:
c2:49:c3:81:58:0c:4a:24:ff:96:03:be:77:33:c5:72:48:b8:
ad:86:0e:4e:2d:d0:2b:41:76:4d:0c:c7:df:12:6d:74:21:00:
b6:e8:12:39:bc:33:06:76:86:ee:b2:f6:b0:85:9e:fa:e5:ad:
5a:57:02:64:56:20:f3:80:12:d3:a0:50:ec:74:e9:96:67:47:
81:dc:ad:3a:3c:e8:ad:05:0a:68:25:3e:cb:85:8e:0a:91:c9:
cc:8e:e2:e0:66:a8:ba:56:33:bd:f0:9b:ac:d0:a4:5c:aa:a0:
03:d1:9d:06:fb:88:77:d4:84:17:1a:10:2d:d1:f0:f6:0f:f3:
06:9c:48:e2:c1:9d:60:68:09:06:92:96:19:3b:74:bb:dd:09:
4a:de:6e:c9:5e:09:c9:24:b3:d3:65:cc:95:26:cc:eb:6d:83:
2b:5a:02:22:fd:07:73:2a:ab:7a:93:73:38:7e:ed:81:85:66:
6d:1d:49:90:ca:be:c8:6b:05:5a:d1:fd:12:12:01:91:20:14:
56:ae:11:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Hr36gfrU/gulFHL5xN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJhYWRmMDg0YTgzNWEzNmExMTA1NWZhMjZlNzcwMjkzYjQ1OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZKPTKEaEgUpM3CCiNY4+px6rdeQ
ticMxt5ZWORFHK6Ci6QmT+9ctfs7H/N1RbyxG2rW5UtW+HFLYmM/OGNogZ9C6sU0
aOVsPk1XU3JhJwvX1xuMSfSZRrQ0LjCQoKiv0kknMAZtDjoKCQi0MqYnvJRIiVWX
sGXOZ6Xr42qXDza33rQ12t0HKp4phi4Ly3fJUO7bysHnlG63Vc2G3KqLT3OKQLvY
yF7V7oboxWBISSRAWkO0boabLSTi3EoEbeGj5s2NBUYdmeXEtxukqIR+WN3eS7vp
ITWAwfQ9kk69Salwa/M/32OfjxaceqrCf6FB28+jOx5rzoXtFgMnJMEoYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAIqrfCEqDWjahEFX6JudwKTtFjOMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQWlxdDhJU29OYU5xRVFWZm9tNTNBcE8wV000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCL
MA0GCSqGSIb3DQEBCwUAA4IBAQBMtPQIDyPqHALYv0g8rSslXmv22DnF/w6thfYG
YVdF7AFIcqr5LyfjOGiC2Aq3DmxEgP6Tt4DCScOBWAxKJP+WA753M8VySLithg5O
LdArQXZNDMffEm10IQC26BI5vDMGdobusvawhZ765a1aVwJkViDzgBLToFDsdOmW
Z0eB3K06POitBQpoJT7LhY4KkcnMjuLgZqi6VjO98Jus0KRcqqAD0Z0G+4h31IQX
GhAt0fD2D/MGnEjiwZ1gaAkGkpYZO3S73QlK3m7JXgnJJLPTZcyVJszrbYMrWgIi
/QdzKqt6k3M4fu2BhWZtHUmQyr7IawVa0f0SEgGRIBRWrhEv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org