Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Df4omG3LPPEtqxprHZ1bE2P5oHc.roa
File: Df4omG3LPPEtqxprHZ1bE2P5oHc.roa (raw, json)
Hash identifier: V5baNi/8BMWkriMpBqDLUuIesG0YiVDXWaJszmwHmuQ=
Subject key identifier: 0D:FE:28:98:6D:CB:3C:F1:2D:AB:1A:6B:1D:9D:5B:13:63:F9:A0:77
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D7F2B7D6BBC1CBAA5688CE93837DF
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Df4omG3LPPEtqxprHZ1bE2P5oHc.roa
Signing time: Tue 06 Feb 2024 17:53:15 +0000
ROA not before: Tue 06 Feb 2024 17:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209165
IP address blocks: 2a0f:b241:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:7f:2b:7d:6b:bc:1c:ba:a5:68:8c:e9:38:37:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dfe28986dcb3cf12dab1a6b1d9d5b1363f9a077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:a1:38:d1:1a:5c:3c:4b:59:ba:d4:1c:33:
3c:a6:15:dc:86:36:59:fd:1e:32:59:82:52:87:5b:
7e:82:54:eb:fa:95:89:7c:0b:02:46:e0:24:0c:5c:
45:b3:43:f2:bd:27:0e:b5:c3:f4:14:4c:f3:cc:bf:
80:4b:85:6c:6c:b9:c1:80:01:13:7d:79:14:df:4a:
f0:f0:5e:02:4b:11:ca:b1:ea:d1:72:2f:30:26:20:
14:e9:85:bd:40:b2:cc:f4:b3:c8:9a:17:b2:12:68:
ac:80:68:f8:32:ee:10:ec:97:40:07:4a:43:e6:04:
59:74:25:bc:af:6a:65:63:22:26:7e:07:5f:76:6e:
39:f6:b1:8c:07:af:14:4f:bb:c0:e2:05:0c:2f:0e:
96:aa:0d:e0:c4:5d:9a:f5:e2:9e:dc:2f:a8:bb:7b:
72:ba:06:ab:14:2f:5a:ea:59:24:23:2c:77:38:46:
5c:ea:33:6e:d0:05:32:9c:8f:77:c0:90:29:b3:ec:
82:5d:ff:4c:c0:d2:13:22:fe:5a:ed:1d:29:be:95:
45:b3:ab:0f:fb:66:27:a7:a3:95:10:1a:74:ee:8b:
08:8c:b9:5d:35:bc:46:a9:ec:b0:0f:fb:5b:58:a7:
51:6f:46:b5:40:dc:dc:02:25:19:53:f6:ac:48:fb:
f3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FE:28:98:6D:CB:3C:F1:2D:AB:1A:6B:1D:9D:5B:13:63:F9:A0:77
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Df4omG3LPPEtqxprHZ1bE2P5oHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:21::/48
Signature Algorithm: sha256WithRSAEncryption
8f:05:24:7e:23:0f:6f:d2:23:4d:f7:4a:d2:d6:3e:6e:68:40:
99:e9:3e:e3:ef:2a:32:45:b7:21:bf:78:35:33:7f:4f:15:9c:
ea:76:3b:3e:42:be:47:cf:34:df:8a:42:d5:b4:53:71:a2:e8:
cc:52:6a:cc:6f:1b:17:96:0b:b5:f5:b9:25:27:1d:32:b0:b8:
7d:6a:27:52:92:d1:3b:2e:ad:d5:76:6b:6c:67:95:71:1e:9a:
2c:f3:e9:9c:d4:c7:fd:da:18:23:25:08:a0:ba:9a:68:e8:20:
24:56:64:69:61:4c:9e:2a:00:c5:01:b5:27:89:00:df:e4:38:
34:63:c7:af:b4:6c:cf:bd:f2:e3:8c:ef:e8:b3:9f:44:06:85:
16:83:3b:97:9f:42:15:f2:9d:3c:bf:f9:9b:a8:56:14:bd:ae:
47:9e:0a:d0:a3:de:b5:65:9f:2d:84:fb:9c:4e:3d:3c:e1:8a:
19:b9:70:96:5d:d2:be:3c:0e:eb:45:18:e9:d5:85:f8:7f:71:
d9:fa:30:38:4e:57:8d:0b:07:ac:3a:1c:19:a3:2f:93:79:c2:
49:49:d7:b7:40:4c:dd:55:45:94:b6:77:44:e6:e7:1e:cf:e7:
9f:2c:5f:2d:9d:84:28:f4:29:b8:cc:db:7f:48:96:0d:84:99:
99:a7:01:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jX8rfWu8HLqlaIzpODffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZlMjg5ODZkY2IzY2YxMmRhYjFhNmIxZDlkNWIxMzYzZjlhMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS2hONEaXDxLWbrUHDM8phXchjZZ
/R4yWYJSh1t+glTr+pWJfAsCRuAkDFxFs0PyvScOtcP0FEzzzL+AS4VsbLnBgAET
fXkU30rw8F4CSxHKserRci8wJiAU6YW9QLLM9LPImheyEmisgGj4Mu4Q7JdAB0pD
5gRZdCW8r2plYyImfgdfdm459rGMB68UT7vA4gUMLw6Wqg3gxF2a9eKe3C+ou3ty
ugarFC9a6lkkIyx3OEZc6jNu0AUynI93wJAps+yCXf9MwNITIv5a7R0pvpVFs6sP
+2Ynp6OVEBp07osIjLldNbxGqeywD/tbWKdRb0a1QNzcAiUZU/asSPvzPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA3+KJhtyzzxLasaax2dWxNj+aB3MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRGY0b21HM0xQUEV0cXhwckhaMWJFMlA1b0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAh
MA0GCSqGSIb3DQEBCwUAA4IBAQCPBSR+Iw9v0iNN90rS1j5uaECZ6T7j7yoyRbch
v3g1M39PFZzqdjs+Qr5HzzTfikLVtFNxoujMUmrMbxsXlgu19bklJx0ysLh9aidS
ktE7Lq3VdmtsZ5VxHpos8+mc1Mf92hgjJQiguppo6CAkVmRpYUyeKgDFAbUniQDf
5Dg0Y8evtGzPvfLjjO/os59EBoUWgzuXn0IV8p08v/mbqFYUva5HngrQo961ZZ8t
hPucTj084YoZuXCWXdK+PA7rRRjp1YX4f3HZ+jA4TleNCwesOhwZoy+TecJJSde3
QEzdVUWUtndE5ucez+efLF8tnYQo9Cm4zNt/SJYNhJmZpwEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org