Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IlIqhgdxk5HkcWDhUTTZ0jKcj-Y.roa
File: IlIqhgdxk5HkcWDhUTTZ0jKcj-Y.roa (raw, json)
Hash identifier: Y0+zJyHF+BaTyBBKsZd3u96n8rURkTPyArYGE2/C2+k=
Subject key identifier: 22:52:2A:86:07:71:93:91:E4:71:60:E1:51:34:D9:D2:32:9C:8F:E6
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD92BF420215ECD61B048A4914A9DE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IlIqhgdxk5HkcWDhUTTZ0jKcj-Y.roa
Signing time: Tue 06 Feb 2024 18:28:18 +0000
ROA not before: Tue 06 Feb 2024 18:28:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216127
IP address blocks: 2a0f:b241:10c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:92:bf:42:02:15:ec:d6:1b:04:8a:49:14:a9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22522a8607719391e47160e15134d9d2329c8fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c1:a6:e3:e2:9c:6c:1c:f2:59:64:5c:a5:87:
4f:93:a9:54:d9:8b:f6:14:d6:69:ec:36:9a:14:62:
5f:e5:f4:e4:53:50:bd:52:8a:7b:99:67:21:f7:53:
16:4c:ea:c4:e7:e5:e6:90:40:79:e4:d2:bd:fa:86:
22:58:23:2a:61:6c:6d:f2:67:f7:dd:54:11:04:a3:
26:2c:12:42:dd:de:8c:9e:62:9d:2d:fe:df:07:a8:
fe:9a:f1:a4:7c:b3:e8:80:bc:6e:d7:c1:8b:7e:70:
03:46:ee:09:b9:c6:c4:36:6e:b0:97:3e:f3:13:8a:
51:0c:fc:8a:b1:cc:64:86:cc:91:36:76:24:d5:65:
4a:67:ef:0b:2e:3e:0c:95:4d:eb:03:df:a4:da:70:
fd:a1:0b:51:99:56:74:ce:00:f9:31:21:e2:65:75:
0d:be:06:f2:61:99:3e:e3:e6:51:22:24:10:b3:c8:
68:4b:1e:1b:dc:cf:89:3b:cf:13:af:6a:3c:fb:4a:
8a:31:bd:c1:b7:0b:b9:c6:41:50:e8:8d:4e:77:09:
69:7b:33:db:2c:93:75:95:73:a6:7e:3e:52:56:cf:
c6:91:55:da:5c:ba:fb:79:eb:09:b6:d4:28:00:5f:
ad:ac:b8:23:64:4f:30:8a:d4:d3:8b:72:de:61:ad:
55:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:52:2A:86:07:71:93:91:E4:71:60:E1:51:34:D9:D2:32:9C:8F:E6
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IlIqhgdxk5HkcWDhUTTZ0jKcj-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:10c::/48
Signature Algorithm: sha256WithRSAEncryption
3c:c8:3c:fc:77:4b:3e:fb:2f:56:e2:11:2d:a7:04:3a:29:a1:
1f:c9:79:bd:da:71:05:6f:d6:09:f9:d4:83:b8:0d:29:a8:8c:
fe:79:c4:1f:c0:b6:d4:d7:a3:f2:34:28:78:4b:b1:33:13:bd:
fa:1c:00:59:56:df:de:65:39:ff:3c:87:34:53:e5:94:7d:4f:
fd:16:2c:d5:18:b1:73:44:09:3a:ed:ec:bc:25:47:ac:00:b9:
e7:5e:33:38:fc:8b:ff:ee:48:72:43:98:20:00:ac:56:b2:0b:
aa:9b:ef:79:ad:1a:a0:c4:c8:eb:9e:fe:4c:86:fa:36:62:42:
0c:e3:d5:45:ec:03:73:28:c9:92:d6:1c:9c:6f:ac:f4:31:ac:
77:dd:cf:05:c0:70:6c:04:ae:68:66:60:80:ae:e9:31:3f:0b:
03:83:49:d6:fe:4d:5c:3f:9e:88:48:c1:14:ec:dc:13:8a:b4:
13:de:c4:3c:cd:54:88:91:77:2d:62:ff:51:17:a5:be:6c:ab:
50:9c:2a:0e:4b:17:98:9c:87:0d:1d:31:dd:28:2c:a0:73:1e:
84:5d:5b:db:b1:7e:3b:44:34:76:83:77:6d:0c:33:69:fb:1f:
c2:56:09:0e:2a:13:81:2e:10:2f:a9:90:e9:73:5b:73:12:92:
c1:5f:b9:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rZK/QgIV7NYbBIpJFKneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjUyMmE4NjA3NzE5MzkxZTQ3MTYwZTE1MTM0ZDlkMjMyOWM4ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Gm4+KcbBzyWWRcpYdPk6lU2Yv2
FNZp7DaaFGJf5fTkU1C9Uop7mWch91MWTOrE5+XmkEB55NK9+oYiWCMqYWxt8mf3
3VQRBKMmLBJC3d6MnmKdLf7fB6j+mvGkfLPogLxu18GLfnADRu4JucbENm6wlz7z
E4pRDPyKscxkhsyRNnYk1WVKZ+8LLj4MlU3rA9+k2nD9oQtRmVZ0zgD5MSHiZXUN
vgbyYZk+4+ZRIiQQs8hoSx4b3M+JO88Tr2o8+0qKMb3Btwu5xkFQ6I1OdwlpezPb
LJN1lXOmfj5SVs/GkVXaXLr7eesJttQoAF+trLgjZE8witTTi3LeYa1VNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCJSKoYHcZOR5HFg4VE02dIynI/mMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSWxJcWhnZHhrNUhrY1dEaFVUVFowaktjai1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEM
MA0GCSqGSIb3DQEBCwUAA4IBAQA8yDz8d0s++y9W4hEtpwQ6KaEfyXm92nEFb9YJ
+dSDuA0pqIz+ecQfwLbU16PyNCh4S7EzE736HABZVt/eZTn/PIc0U+WUfU/9FizV
GLFzRAk67ey8JUesALnnXjM4/Iv/7khyQ5ggAKxWsguqm+95rRqgxMjrnv5Mhvo2
YkIM49VF7ANzKMmS1hycb6z0Max33c8FwHBsBK5oZmCArukxPwsDg0nW/k1cP56I
SMEU7NwTirQT3sQ8zVSIkXctYv9RF6W+bKtQnCoOSxeYnIcNHTHdKCygcx6EXVvb
sX47RDR2g3dtDDNp+x/CVgkOKhOBLhAvqZDpc1tzEpLBX7kQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org