Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Cwb496eCp0HEzahEzXRoBgPT804.roa
File: Cwb496eCp0HEzahEzXRoBgPT804.roa (raw, json)
Hash identifier: e0miPfdS/LpE+H2jNUuPnt5A8qifC4CZuMCJ4prrxPk=
Subject key identifier: 0B:06:F8:F7:A7:82:A7:41:C4:CD:A8:44:CD:74:68:06:03:D3:F3:4E
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D83D4AC25C14EA6AEA8E0C69EE6CB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Cwb496eCp0HEzahEzXRoBgPT804.roa
Signing time: Tue 06 Feb 2024 17:53:17 +0000
ROA not before: Tue 06 Feb 2024 17:53:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215898
IP address blocks: 2a0f:b241:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:83:d4:ac:25:c1:4e:a6:ae:a8:e0:c6:9e:e6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b06f8f7a782a741c4cda844cd74680603d3f34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:72:8e:20:17:59:a2:bf:48:50:c9:7e:be:6e:
66:9d:f7:73:30:35:ce:f8:2f:ac:16:59:12:43:13:
f7:ea:9c:ee:64:a7:e4:39:85:9a:1b:dc:f5:c4:a6:
5f:a8:5e:89:4d:fd:8b:e5:67:a3:07:a2:35:da:73:
31:74:f8:38:1d:94:b3:b5:74:0d:44:90:54:7d:8a:
ef:74:61:05:76:7c:e9:ec:25:78:c2:24:4e:49:69:
38:82:a6:d4:49:39:e7:5d:4e:a8:db:17:72:33:5f:
dc:61:1f:f0:81:38:fb:d1:d9:48:c4:1d:6a:81:58:
04:1a:c0:34:eb:a4:32:40:a2:e0:5b:b5:35:d7:ba:
2a:7e:5e:25:0e:30:e2:93:bc:f9:0b:40:f6:e0:44:
6a:fc:fb:b1:f8:4c:b4:dd:8e:5b:f1:89:82:7a:ae:
39:ee:67:60:cf:fb:02:bf:8a:fa:79:94:c3:16:4b:
8b:b4:3e:66:36:24:a0:8f:f4:0a:94:e0:19:c7:fe:
b5:ac:7e:62:cd:2e:ce:f4:2e:58:71:a5:8b:44:cf:
2f:ae:84:e4:f8:78:e8:92:31:79:cb:db:d2:59:cc:
7d:11:20:c7:5f:84:e6:33:f7:ef:71:12:cc:a8:de:
b0:bf:36:3a:c0:b4:86:49:6e:d0:63:91:a6:ed:fa:
cf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:06:F8:F7:A7:82:A7:41:C4:CD:A8:44:CD:74:68:06:03:D3:F3:4E
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Cwb496eCp0HEzahEzXRoBgPT804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:26::/48
Signature Algorithm: sha256WithRSAEncryption
8e:c2:05:e9:08:62:e4:7c:ef:b3:2c:6a:12:71:70:a1:e8:2a:
0f:ce:68:e4:64:68:05:33:7c:08:7b:ca:4b:1b:d9:9f:c3:a8:
2c:32:e8:64:85:df:ca:7a:81:69:fe:ed:9c:c7:77:05:a5:33:
3e:5f:65:c4:9c:b1:73:ed:5d:32:5d:e4:97:d7:69:a8:f6:a6:
c6:e4:bd:47:bd:21:60:15:7a:2c:06:1a:71:37:54:f4:4d:4f:
42:d3:2f:a7:1d:39:19:a3:8b:38:22:76:86:db:1c:96:43:b5:
26:21:ef:a5:41:24:c8:a7:2d:35:c5:6a:67:02:aa:6e:23:d5:
b6:af:84:0e:1f:1d:db:82:42:1a:4d:2a:35:9c:13:45:0d:17:
8b:ae:3c:24:6e:d0:7c:02:60:83:db:36:10:4a:da:c1:cb:26:
d4:bf:4d:bd:f4:c4:3e:2d:f2:5c:2a:d3:82:47:9e:bb:0f:f6:
28:34:fe:59:22:9b:12:fe:d0:c6:80:4f:dd:ae:40:f9:d9:d0:
11:36:6c:34:1c:27:74:3d:ec:97:3b:26:cd:ba:0e:25:fd:f4:
bb:f8:c7:14:04:b5:eb:17:b9:f0:1f:11:2a:a9:57:70:f2:f0:
6a:ee:9a:c7:9e:11:0d:44:53:37:f3:85:6d:3a:b8:4c:a3:6d:
75:fe:41:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jYPUrCXBTqauqODGnubLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA2ZjhmN2E3ODJhNzQxYzRjZGE4NDRjZDc0NjgwNjAzZDNmMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3KOIBdZor9IUMl+vm5mnfdzMDXO
+C+sFlkSQxP36pzuZKfkOYWaG9z1xKZfqF6JTf2L5WejB6I12nMxdPg4HZSztXQN
RJBUfYrvdGEFdnzp7CV4wiROSWk4gqbUSTnnXU6o2xdyM1/cYR/wgTj70dlIxB1q
gVgEGsA066QyQKLgW7U117oqfl4lDjDik7z5C0D24ERq/Pux+Ey03Y5b8YmCeq45
7mdgz/sCv4r6eZTDFkuLtD5mNiSgj/QKlOAZx/61rH5izS7O9C5YcaWLRM8vroTk
+HjokjF5y9vSWcx9ESDHX4TmM/fvcRLMqN6wvzY6wLSGSW7QY5Gm7frPowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAsG+PengqdBxM2oRM10aAYD0/NOMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQ3diNDk2ZUNwMEhFemFoRXpYUm9CZ1BUODA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAm
MA0GCSqGSIb3DQEBCwUAA4IBAQCOwgXpCGLkfO+zLGoScXCh6CoPzmjkZGgFM3wI
e8pLG9mfw6gsMuhkhd/KeoFp/u2cx3cFpTM+X2XEnLFz7V0yXeSX12mo9qbG5L1H
vSFgFXosBhpxN1T0TU9C0y+nHTkZo4s4InaG2xyWQ7UmIe+lQSTIpy01xWpnAqpu
I9W2r4QOHx3bgkIaTSo1nBNFDReLrjwkbtB8AmCD2zYQStrByybUv0299MQ+LfJc
KtOCR567D/YoNP5ZIpsS/tDGgE/drkD52dARNmw0HCd0PeyXOybNug4l/fS7+McU
BLXrF7nwHxEqqVdw8vBq7prHnhENRFM384VtOrhMo211/kHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org