Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AitFlXJ4US2lpLYgOmBB7vs3Ri8.roa
File: AitFlXJ4US2lpLYgOmBB7vs3Ri8.roa (raw, json)
Hash identifier: R/phltdv3V23MdUCKPrgV3rPIG4QZo5kSjGe0VMaUQA=
Subject key identifier: 02:2B:45:95:72:78:51:2D:A5:A4:B6:20:3A:60:41:EE:FB:37:46:2F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0BADBDA4833DADF003AC594BE0258
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AitFlXJ4US2lpLYgOmBB7vs3Ri8.roa
Signing time: Wed 07 Feb 2024 05:00:53 +0000
ROA not before: Wed 07 Feb 2024 05:00:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216020
IP address blocks: 2a0f:b241:106::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:ba:db:da:48:33:da:df:00:3a:c5:94:be:02:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=022b45957278512da5a4b6203a6041eefb37462f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:10:1d:81:42:c0:dc:ae:ec:bd:39:a9:82:9a:
bd:94:c8:c7:8c:fc:21:2e:3d:19:0a:6e:07:68:52:
33:cc:a2:46:e1:ff:80:d0:19:64:63:9b:c3:6d:07:
1d:04:d6:27:7e:74:88:c3:03:57:b8:58:87:80:1e:
3f:e8:27:b0:3d:ef:83:d6:b6:b5:a9:bf:9f:36:83:
bc:d6:b5:78:1d:50:fa:b6:25:90:4b:97:8f:6e:04:
28:b2:2d:2b:cd:7c:1e:0c:83:1d:75:79:96:4d:b8:
e9:04:ac:fc:96:5a:d4:c5:eb:87:83:d0:65:df:f9:
ea:cf:98:f2:04:6f:83:ca:f1:42:87:c1:a5:c3:d1:
4c:28:24:74:62:f8:31:97:b4:b9:f4:03:01:45:d0:
0f:b1:88:a3:20:2f:9f:76:62:6d:ca:da:08:0c:43:
69:6a:1e:6a:02:57:6a:7d:3f:fd:72:60:eb:fe:40:
1f:32:f1:ee:60:b5:a2:1c:49:c4:f6:a8:e6:65:b1:
6b:e3:6e:a7:f7:d0:4b:24:64:da:b5:e1:43:68:6e:
0d:43:6f:ef:be:09:ec:8b:50:94:ce:8b:bf:6e:54:
86:3f:fa:f7:94:75:5a:9b:d7:92:5e:65:d6:13:5c:
4b:33:d4:68:1e:f4:9a:53:e0:06:90:cc:62:13:c5:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2B:45:95:72:78:51:2D:A5:A4:B6:20:3A:60:41:EE:FB:37:46:2F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AitFlXJ4US2lpLYgOmBB7vs3Ri8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:106::/48
Signature Algorithm: sha256WithRSAEncryption
65:64:50:53:81:45:42:84:2e:77:f1:ff:4a:38:3f:5f:f8:16:
58:15:87:3b:3c:c6:d5:eb:9e:ab:41:e9:a3:b9:d0:d4:af:b0:
03:76:20:b3:cb:3a:19:0b:f2:6f:ca:c1:9c:9a:8c:87:3e:de:
08:c7:4f:14:2c:a2:82:84:51:01:2b:50:6a:f4:8f:4a:1f:8f:
48:07:29:20:13:80:75:f9:8f:de:1a:5f:be:e0:ca:13:5d:86:
a8:79:d2:ab:46:b0:57:85:b8:54:49:39:65:f1:b6:c7:37:64:
0c:86:1d:93:de:76:3b:1b:e8:7b:fc:ab:bd:98:20:ff:9f:4b:
04:07:0c:e1:9b:47:bd:c8:43:58:50:de:57:7b:56:dc:64:fd:
65:cd:c8:68:55:09:5d:09:36:31:35:8a:d0:7f:e7:5f:cc:84:
52:65:2f:38:a1:18:6e:89:cd:80:97:d8:45:3b:d7:a2:6f:90:
74:26:82:c6:7e:cf:fc:5d:b6:2e:d1:cb:c1:d9:0f:b4:cc:d2:
50:18:aa:91:d0:72:32:f2:eb:60:10:f8:02:8a:ad:6d:58:cf:
f5:64:e7:8c:f0:76:a8:d2:f0:00:dc:45:06:13:b9:16:80:69:
a4:c1:c4:09:eb:35:ec:f3:78:a5:76:5a:80:ae:57:5a:bf:66:
b1:74:9f:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Lrb2kgz2t8AOsWUvgJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJiNDU5NTcyNzg1MTJkYTVhNGI2MjAzYTYwNDFlZWZiMzc0NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBAdgULA3K7svTmpgpq9lMjHjPwh
Lj0ZCm4HaFIzzKJG4f+A0BlkY5vDbQcdBNYnfnSIwwNXuFiHgB4/6CewPe+D1ra1
qb+fNoO81rV4HVD6tiWQS5ePbgQosi0rzXweDIMddXmWTbjpBKz8llrUxeuHg9Bl
3/nqz5jyBG+DyvFCh8Glw9FMKCR0Yvgxl7S59AMBRdAPsYijIC+fdmJtytoIDENp
ah5qAldqfT/9cmDr/kAfMvHuYLWiHEnE9qjmZbFr426n99BLJGTateFDaG4NQ2/v
vgnsi1CUzou/blSGP/r3lHVam9eSXmXWE1xLM9RoHvSaU+AGkMxiE8WcfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAIrRZVyeFEtpaS2IDpgQe77N0YvMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQWl0RmxYSjRVUzJscExZZ09tQkI3dnMzUmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEG
MA0GCSqGSIb3DQEBCwUAA4IBAQBlZFBTgUVChC538f9KOD9f+BZYFYc7PMbV656r
QemjudDUr7ADdiCzyzoZC/JvysGcmoyHPt4Ix08ULKKChFEBK1Bq9I9KH49IBykg
E4B1+Y/eGl++4MoTXYaoedKrRrBXhbhUSTll8bbHN2QMhh2T3nY7G+h7/Ku9mCD/
n0sEBwzhm0e9yENYUN5Xe1bcZP1lzchoVQldCTYxNYrQf+dfzIRSZS84oRhuic2A
l9hFO9eib5B0JoLGfs/8XbYu0cvB2Q+0zNJQGKqR0HIy8utgEPgCiq1tWM/1ZOeM
8Hao0vAA3EUGE7kWgGmkwcQJ6zXs83ildlqArldav2axdJ+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org