Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CHcQHRsMfoodlrR3QOtvkR32PLc.roa
File: CHcQHRsMfoodlrR3QOtvkR32PLc.roa (raw, json)
Hash identifier: jSUoO3/GwsalWbzlMQpe2KWGZjLvnYEZ0qNNGbch1J4=
Subject key identifier: 08:77:10:1D:1B:0C:7E:8A:1D:96:B4:77:40:EB:6F:91:1D:F6:3C:B7
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA637B0E804C835C64BFBD195DC8D03
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CHcQHRsMfoodlrR3QOtvkR32PLc.roa
Signing time: Tue 06 Feb 2024 18:20:15 +0000
ROA not before: Tue 06 Feb 2024 18:20:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197866
IP address blocks: 2a0f:b241:74::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:37:b0:e8:04:c8:35:c6:4b:fb:d1:95:dc:8d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0877101d1b0c7e8a1d96b47740eb6f911df63cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5a:9e:2f:ac:91:70:e5:a1:f4:5b:d4:11:4f:
8e:eb:fd:7d:b8:6e:b8:e0:c0:5d:89:84:b4:d4:f9:
7a:81:7c:8d:57:b7:c3:d7:33:da:ef:be:86:20:b8:
5e:82:dc:89:d1:9a:92:7c:29:69:b6:e6:b9:c9:a7:
b9:be:06:49:96:70:ae:7b:97:d1:2b:7d:a8:8e:da:
e0:2e:d3:68:5e:43:ee:19:46:0f:3f:bc:a8:07:ef:
7e:a0:9f:26:f3:62:9f:53:20:7d:83:d7:23:6d:7a:
4e:e7:be:0f:36:85:71:68:3f:e9:59:c5:cd:f3:4a:
6b:11:3a:0e:ad:52:7a:fb:60:b0:34:b9:44:35:77:
fd:91:6e:3d:88:90:d9:67:d7:2c:9d:57:05:10:9b:
92:08:fb:2e:fc:94:fb:a8:b7:cb:53:03:19:d9:cf:
a7:54:b2:ce:5d:79:ed:d2:13:44:2b:b5:95:57:1a:
13:8b:6d:0f:b1:e6:11:95:a6:6c:de:71:f4:b8:aa:
46:e8:b8:a8:4d:70:85:61:e3:c9:a1:2b:5d:dd:78:
95:39:9f:96:8a:07:c7:5d:62:22:b7:11:7f:0a:68:
de:30:da:88:18:ab:8f:e0:54:9c:90:bf:d6:86:fd:
bb:38:85:8e:19:59:61:61:8a:9b:f0:45:dc:13:93:
31:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:77:10:1D:1B:0C:7E:8A:1D:96:B4:77:40:EB:6F:91:1D:F6:3C:B7
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CHcQHRsMfoodlrR3QOtvkR32PLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:74::/48
Signature Algorithm: sha256WithRSAEncryption
01:35:37:b7:13:98:9f:6d:47:6d:1b:94:12:b5:86:66:20:b3:
4f:1d:23:cd:40:ce:17:f1:56:3b:8a:f6:20:2e:0c:7d:4a:18:
7f:51:38:a6:11:eb:ca:e8:f3:63:10:74:1a:ad:b4:95:08:0d:
0b:92:9c:d5:e4:95:92:92:65:59:d9:5f:98:4e:e5:0f:d4:37:
15:41:6e:c3:32:30:64:ff:6a:d8:95:83:76:6a:06:f4:2b:3c:
46:7a:a8:29:4a:3a:ad:8a:34:8d:c2:78:88:94:cb:fd:03:9a:
f0:5d:e8:cf:d5:7f:7d:2b:80:75:7f:d7:73:0c:6c:d8:ea:f4:
c1:c5:f4:2c:6e:dd:cc:87:4e:a5:b6:70:b0:9d:f6:0c:7d:2b:
b2:a7:ff:81:28:cb:6c:f1:f0:ff:46:4b:74:27:fa:9d:22:f8:
b9:2d:72:d2:b0:55:38:c2:77:47:a1:4a:ab:e1:a8:2e:fc:bc:
cd:5d:2a:e7:80:2b:6c:9c:6c:36:85:bc:ca:62:31:a9:77:e5:
d5:d7:e6:7b:51:8d:96:b7:fc:aa:25:3e:3e:2c:67:e0:13:40:
3f:59:d9:db:6e:af:bc:c5:17:73:10:54:14:fb:4f:a6:c4:46:
f1:26:9b:d6:a0:23:c1:be:c4:4c:72:43:b7:f1:ef:1b:eb:f5:
f1:be:de:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjew6ATINcZL+9GV3I0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc3MTAxZDFiMGM3ZThhMWQ5NmI0Nzc0MGViNmY5MTFkZjYzY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVqeL6yRcOWh9FvUEU+O6/19uG64
4MBdiYS01Pl6gXyNV7fD1zPa776GILhegtyJ0ZqSfClptua5yae5vgZJlnCue5fR
K32ojtrgLtNoXkPuGUYPP7yoB+9+oJ8m82KfUyB9g9cjbXpO574PNoVxaD/pWcXN
80prEToOrVJ6+2CwNLlENXf9kW49iJDZZ9csnVcFEJuSCPsu/JT7qLfLUwMZ2c+n
VLLOXXnt0hNEK7WVVxoTi20PseYRlaZs3nH0uKpG6LioTXCFYePJoStd3XiVOZ+W
igfHXWIitxF/CmjeMNqIGKuP4FSckL/Whv27OIWOGVlhYYqb8EXcE5Mx6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAh3EB0bDH6KHZa0d0Drb5Ed9jy3MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQ0hjUUhSc01mb29kbHJSM1FPdHZrUjMyUExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQB0
MA0GCSqGSIb3DQEBCwUAA4IBAQABNTe3E5ifbUdtG5QStYZmILNPHSPNQM4X8VY7
ivYgLgx9Shh/UTimEevK6PNjEHQarbSVCA0LkpzV5JWSkmVZ2V+YTuUP1DcVQW7D
MjBk/2rYlYN2agb0KzxGeqgpSjqtijSNwniIlMv9A5rwXejP1X99K4B1f9dzDGzY
6vTBxfQsbt3Mh06ltnCwnfYMfSuyp/+BKMts8fD/Rkt0J/qdIvi5LXLSsFU4wndH
oUqr4agu/LzNXSrngCtsnGw2hbzKYjGpd+XV1+Z7UY2Wt/yqJT4+LGfgE0A/Wdnb
bq+8xRdzEFQU+0+mxEbxJpvWoCPBvsRMckO38e8b6/Xxvt43
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org