Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IwKBhZ6V5awEIevJ5sPS3Kiqycs.roa
File: IwKBhZ6V5awEIevJ5sPS3Kiqycs.roa (raw, json)
Hash identifier: Q4P8F1vOTiLVvWxLnYix6ZnrFzeo37RcFspepz4BIV8=
Subject key identifier: 23:02:81:85:9E:95:E5:AC:04:21:EB:C9:E6:C3:D2:DC:A8:AA:C9:CB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB5C952AD00A49108DA4E32544515E2
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IwKBhZ6V5awEIevJ5sPS3Kiqycs.roa
Signing time: Tue 06 Feb 2024 18:37:16 +0000
ROA not before: Tue 06 Feb 2024 18:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197569
IP address blocks: 2a0f:b241:128::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b5:c9:52:ad:00:a4:91:08:da:4e:32:54:45:15:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=230281859e95e5ac0421ebc9e6c3d2dca8aac9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ea:46:a0:e6:ca:7b:50:ee:9d:9a:76:20:27:
dd:eb:ba:6c:24:1c:7b:ab:3e:2d:37:30:b1:bb:32:
90:fd:d2:dd:d5:2e:ac:cc:e4:86:be:ee:db:fd:20:
05:82:b2:18:8d:1d:93:74:d9:00:64:64:f3:33:49:
25:6a:11:2b:13:56:bc:60:cb:21:68:f1:12:eb:06:
ae:03:a3:42:72:36:ba:d5:00:4f:c2:e9:64:60:1b:
8d:d6:a9:dc:ba:95:6d:4a:16:08:5d:ee:66:9a:7d:
e8:9e:4f:6a:52:bf:df:2d:6b:74:3a:10:81:87:19:
95:86:01:d9:2a:be:fb:2b:c4:c3:13:5b:e3:7e:91:
f5:73:08:c2:03:63:ef:1c:69:84:e4:d7:17:60:67:
b8:69:1e:6a:17:6d:0f:20:6a:0c:7f:ba:13:98:71:
bc:f6:13:48:cd:91:be:40:b7:dc:1e:aa:ad:ce:02:
3f:8a:d8:5b:54:e3:6e:58:4a:73:a8:27:3d:f6:59:
e5:6a:7e:25:93:40:5b:93:46:c2:41:7a:71:34:b3:
55:b6:da:97:75:88:35:22:b9:38:09:3b:d1:b2:77:
b0:d2:1a:da:f8:18:37:4c:d4:ef:73:61:95:af:7f:
f7:05:e0:a5:4c:da:44:a0:ef:80:db:69:e6:be:cd:
d2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:02:81:85:9E:95:E5:AC:04:21:EB:C9:E6:C3:D2:DC:A8:AA:C9:CB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/IwKBhZ6V5awEIevJ5sPS3Kiqycs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:128::/48
Signature Algorithm: sha256WithRSAEncryption
00:4a:10:b5:48:2c:8b:b2:ca:d0:66:0c:05:c1:4c:5d:d8:23:
bf:50:3f:30:95:ce:c8:f7:87:7b:e9:f6:bc:7f:58:76:8c:59:
57:ed:9a:e3:4e:b3:48:c5:74:d0:e9:1b:dc:57:21:b4:0e:87:
f5:e7:8a:50:7e:23:02:e7:71:e4:8c:ff:d7:9a:47:bd:2f:9e:
47:72:a7:27:74:dd:73:53:6b:60:70:52:b6:c3:dc:51:92:0d:
e4:fc:14:50:67:61:26:1b:da:a0:03:2a:98:5b:1d:74:70:48:
11:46:ab:2c:2c:f3:a0:ab:72:eb:c1:6a:9d:f8:d2:58:6c:de:
51:2a:84:62:a0:0b:01:01:b5:85:7f:3b:5f:4f:63:bf:67:cd:
3d:5c:2b:28:20:12:c3:6c:51:45:42:67:73:7a:9a:d7:d1:96:
a0:83:6c:19:4a:6f:ed:56:0f:0a:ff:6c:1c:26:0a:0b:7b:b5:
3e:67:a6:3f:dd:29:cb:d3:dd:24:2d:82:3a:09:04:9b:5e:6c:
eb:21:42:d9:24:bc:c8:fc:21:43:ae:ef:f9:37:0f:c5:07:03:
74:2d:18:55:b4:02:18:51:9c:fe:2b:59:c1:ab:0b:eb:63:4a:
50:da:94:e4:7d:16:6d:ae:31:1b:37:a8:4e:d8:88:62:62:d4:
84:5e:80:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/tclSrQCkkQjaTjJURRXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAyODE4NTllOTVlNWFjMDQyMWViYzllNmMzZDJkY2E4YWFjOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOpGoObKe1DunZp2ICfd67psJBx7
qz4tNzCxuzKQ/dLd1S6szOSGvu7b/SAFgrIYjR2TdNkAZGTzM0klahErE1a8YMsh
aPES6wauA6NCcja61QBPwulkYBuN1qncupVtShYIXe5mmn3onk9qUr/fLWt0OhCB
hxmVhgHZKr77K8TDE1vjfpH1cwjCA2PvHGmE5NcXYGe4aR5qF20PIGoMf7oTmHG8
9hNIzZG+QLfcHqqtzgI/ithbVONuWEpzqCc99lnlan4lk0Bbk0bCQXpxNLNVttqX
dYg1Irk4CTvRsnew0hra+Bg3TNTvc2GVr3/3BeClTNpEoO+A22nmvs3S6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCMCgYWeleWsBCHryebD0tyoqsnLMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSXdLQmhaNlY1YXdFSWV2SjVzUFMzS2lxeWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEo
MA0GCSqGSIb3DQEBCwUAA4IBAQAAShC1SCyLssrQZgwFwUxd2CO/UD8wlc7I94d7
6fa8f1h2jFlX7ZrjTrNIxXTQ6RvcVyG0Dof154pQfiMC53HkjP/Xmke9L55Hcqcn
dN1zU2tgcFK2w9xRkg3k/BRQZ2EmG9qgAyqYWx10cEgRRqssLPOgq3LrwWqd+NJY
bN5RKoRioAsBAbWFfztfT2O/Z809XCsoIBLDbFFFQmdzeprX0Zagg2wZSm/tVg8K
/2wcJgoLe7U+Z6Y/3SnL090kLYI6CQSbXmzrIULZJLzI/CFDru/5Nw/FBwN0LRhV
tAIYUZz+K1nBqwvrY0pQ2pTkfRZtrjEbN6hO2IhiYtSEXoBr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org