Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KCdE6LGQ0RcdymvNhSO5g3f-oSU.roa
File: KCdE6LGQ0RcdymvNhSO5g3f-oSU.roa (raw, json)
Hash identifier: yOidH0bAPGAlb9o9FZpFt44b6QUjuIpxCgXFqmcSz/k=
Subject key identifier: 28:27:44:E8:B1:90:D1:17:1D:CA:6B:CD:85:23:B9:83:77:FE:A1:25
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09C279AE0DD50BBAFB69FCFD9A06A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KCdE6LGQ0RcdymvNhSO5g3f-oSU.roa
Signing time: Wed 07 Feb 2024 05:00:45 +0000
ROA not before: Wed 07 Feb 2024 05:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209165
IP address blocks: 2a0f:b241:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9c:27:9a:e0:dd:50:bb:af:b6:9f:cf:d9:a0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=282744e8b190d1171dca6bcd8523b98377fea125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:6c:ed:f3:d8:8c:52:e1:c2:68:f0:e6:52:
52:8f:f9:f8:02:f5:a3:c6:2d:57:a7:79:e1:d5:09:
8c:43:ac:56:2e:a2:ba:77:77:f1:28:10:3b:38:1f:
4a:1a:45:f9:1a:25:e7:c0:af:a6:32:e0:ec:ae:6e:
19:22:3d:59:24:3d:17:9c:33:35:24:0f:d1:16:68:
60:3a:58:ae:d9:18:04:fc:93:84:4e:b1:bd:28:9e:
ba:ba:b3:b5:0a:c5:42:e7:a0:cd:f6:11:fb:c8:97:
dd:de:86:ff:64:50:e8:a5:47:cd:3e:17:d9:f5:46:
a1:0c:40:6f:0a:65:2c:49:99:f7:55:bd:dc:40:1b:
31:be:fe:f7:e7:cc:45:60:64:f4:69:5b:03:d9:97:
2c:c7:a5:fc:4f:88:33:3e:4c:e5:7c:61:45:6f:18:
9a:cf:de:69:cd:0c:a8:11:65:67:d5:81:03:dc:fc:
51:26:20:06:e1:9a:52:52:dd:59:98:f9:f6:ea:9b:
e5:38:46:d7:3a:94:66:6c:13:fb:66:6d:e7:ce:e4:
db:6c:fd:4d:24:86:7b:e7:71:86:41:7a:f3:69:33:
5e:9e:3a:51:4a:5b:71:4c:bc:c4:25:24:24:53:17:
a8:0d:0e:9a:79:09:10:cd:ea:c4:aa:36:e4:57:af:
41:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:27:44:E8:B1:90:D1:17:1D:CA:6B:CD:85:23:B9:83:77:FE:A1:25
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KCdE6LGQ0RcdymvNhSO5g3f-oSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:21::/48
Signature Algorithm: sha256WithRSAEncryption
0b:4e:f3:26:04:64:40:43:a3:8a:2d:52:fa:40:34:92:25:6c:
46:82:a7:2f:b7:ad:17:0a:ee:a5:13:98:9e:10:58:90:43:a7:
d7:5e:d1:12:5e:57:51:7c:35:d6:23:64:26:6f:ed:3f:3d:84:
1d:70:7d:b1:f1:83:cd:a2:6f:92:03:fd:94:ca:59:a6:99:9e:
a2:d0:85:cd:6b:5a:17:bc:5c:70:92:78:9d:ea:79:95:0a:ea:
83:26:13:b1:9a:95:91:98:0f:0c:e8:6b:56:0e:3a:c7:85:0e:
e3:af:64:4d:6b:4d:5a:56:59:f6:20:ea:92:81:f1:d2:7b:70:
72:9e:65:d6:5a:8c:93:af:7b:f3:15:56:6c:d4:86:3e:a6:ba:
ba:d9:03:5d:69:9a:a1:92:b4:03:5d:8f:a7:2b:12:63:0b:c7:
73:ca:a7:4a:26:60:c7:ed:34:8f:cf:a9:7e:77:ca:31:28:b8:
f4:e0:b1:29:ad:e7:ad:58:bb:81:72:0c:29:ef:fa:c5:17:88:
1d:84:ae:2b:82:f5:e6:bd:13:b5:35:a6:1b:32:57:94:77:19:
07:2c:f5:72:5b:a7:13:cd:5b:d7:d4:68:46:af:01:ef:b2:3b:
29:c8:2b:54:7c:da:47:fb:19:d8:d1:01:20:67:aa:68:8a:1c:
ca:cb:9c:2c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JwnmuDdULuvtp/P2aBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI3NDRlOGIxOTBkMTE3MWRjYTZiY2Q4NTIzYjk4Mzc3ZmVhMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn5s7fPYjFLhwmjw5lJSj/n4AvWj
xi1Xp3nh1QmMQ6xWLqK6d3fxKBA7OB9KGkX5GiXnwK+mMuDsrm4ZIj1ZJD0XnDM1
JA/RFmhgOliu2RgE/JOETrG9KJ66urO1CsVC56DN9hH7yJfd3ob/ZFDopUfNPhfZ
9UahDEBvCmUsSZn3Vb3cQBsxvv7358xFYGT0aVsD2Zcsx6X8T4gzPkzlfGFFbxia
z95pzQyoEWVn1YED3PxRJiAG4ZpSUt1ZmPn26pvlOEbXOpRmbBP7Zm3nzuTbbP1N
JIZ753GGQXrzaTNenjpRSltxTLzEJSQkUxeoDQ6aeQkQzerEqjbkV69BOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCgnROixkNEXHcprzYUjuYN3/qElMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvS0NkRTZMR1EwUmNkeW12TmhTTzVnM2Ytb1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAh
MA0GCSqGSIb3DQEBCwUAA4IBAQALTvMmBGRAQ6OKLVL6QDSSJWxGgqcvt60XCu6l
E5ieEFiQQ6fXXtESXldRfDXWI2Qmb+0/PYQdcH2x8YPNom+SA/2UylmmmZ6i0IXN
a1oXvFxwknid6nmVCuqDJhOxmpWRmA8M6GtWDjrHhQ7jr2RNa01aVln2IOqSgfHS
e3BynmXWWoyTr3vzFVZs1IY+prq62QNdaZqhkrQDXY+nKxJjC8dzyqdKJmDH7TSP
z6l+d8oxKLj04LEpreetWLuBcgwp7/rFF4gdhK4rgvXmvRO1NaYbMleUdxkHLPVy
W6cTzVvX1GhGrwHvsjspyCtUfNpH+xnY0QEgZ6poihzKy5ws
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org