Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KZnvcnI75CLBjT3cVvtkmdH6M8E.roa
File: KZnvcnI75CLBjT3cVvtkmdH6M8E.roa (raw, json)
Hash identifier: 720W79VA6FrCxTpsLZtpbOwr7oT4zUjNR4uHR4FD8a4=
Subject key identifier: 29:99:EF:72:72:3B:E4:22:C1:8D:3D:DC:56:FB:64:99:D1:FA:33:C1
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0BD2EDE2F7F511BFFC9DE77570DE4
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KZnvcnI75CLBjT3cVvtkmdH6M8E.roa
Signing time: Wed 07 Feb 2024 05:00:54 +0000
ROA not before: Wed 07 Feb 2024 05:00:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216091
IP address blocks: 2a0f:b241:5c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:bd:2e:de:2f:7f:51:1b:ff:c9:de:77:57:0d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2999ef72723be422c18d3ddc56fb6499d1fa33c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5d:2a:ce:87:1b:67:3b:92:dc:79:8c:cd:2a:
a0:64:c2:e0:94:e8:6a:f7:45:91:b2:be:30:0f:cb:
10:45:27:0a:ff:69:2e:db:05:e5:c9:29:98:dd:15:
59:af:06:17:cb:db:b6:fc:11:fe:12:a6:cb:dd:7e:
1d:9e:c6:4a:cb:2c:46:8b:67:67:76:66:35:97:c6:
ea:d0:3f:2e:33:eb:f9:a6:f7:64:2e:ef:db:36:01:
72:91:b9:17:47:97:8d:9c:e7:b4:70:b5:62:45:52:
3d:89:12:35:ed:0b:01:3f:c7:85:a7:11:fe:e7:7a:
71:12:1b:e6:d6:c8:94:58:93:b6:f8:49:ac:4b:d6:
0e:bd:f5:8b:ee:b1:be:fb:8a:ad:dc:1d:d8:ec:38:
83:c1:1e:f6:54:d8:0c:60:d9:dc:b9:ae:54:27:fa:
48:04:1c:19:d2:af:03:85:57:0a:43:cd:63:b2:79:
87:f1:ac:da:72:3b:ca:aa:90:50:7c:f9:d9:59:f7:
61:19:72:fa:50:76:50:fe:38:eb:dd:55:cc:7f:f5:
99:02:e7:ba:f2:17:74:8d:d9:58:7f:f0:ee:cd:fd:
f3:a1:90:ce:54:1b:e6:0f:10:53:e2:87:6f:c4:15:
31:59:d3:c7:93:4b:66:e6:c1:e9:85:b8:00:0f:4e:
b8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:99:EF:72:72:3B:E4:22:C1:8D:3D:DC:56:FB:64:99:D1:FA:33:C1
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KZnvcnI75CLBjT3cVvtkmdH6M8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:5c::/48
Signature Algorithm: sha256WithRSAEncryption
16:89:f7:08:ab:f3:93:5a:91:e4:dc:7a:9e:d3:75:8a:fb:ac:
6b:5e:c0:fc:69:c5:96:2d:15:aa:e7:fd:49:0d:eb:06:95:1e:
fa:08:e6:7d:c8:2f:0b:b9:b6:6c:99:8d:0c:df:44:43:3f:95:
0f:b5:97:cd:04:0c:84:fc:a4:9d:1c:dd:ea:da:69:7c:d7:67:
07:72:a0:37:be:eb:b1:1d:8a:43:2f:68:0e:00:8f:06:91:0b:
a8:a7:52:c3:f6:df:bb:1d:1f:ae:21:e2:5d:c4:d4:fe:cd:81:
6e:3e:7a:41:98:4b:15:49:b8:45:61:e8:50:4b:82:4d:e1:2c:
59:8c:05:f0:53:23:19:7f:9f:29:a8:03:e5:13:0e:80:3b:6a:
3e:60:70:c8:8b:e5:dc:3d:57:e3:13:98:d7:3e:9a:28:35:7f:
9a:df:c3:49:4f:b4:b3:d5:b1:22:ab:be:46:18:ca:9f:6d:6e:
3f:73:34:85:8f:b9:2c:d4:41:11:c2:b2:0a:1c:b8:bf:57:1c:
4e:7e:49:e8:24:9c:58:d4:47:5c:c9:c2:cd:21:a2:da:8c:53:
c6:c6:32:3e:3f:af:44:40:fe:24:2c:b7:93:13:58:15:f2:6b:
13:c3:cc:63:c2:51:2e:f7:0c:68:60:65:84:59:80:cd:a5:c1:
10:d6:34:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8L0u3i9/URv/yd53Vw3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk5ZWY3MjcyM2JlNDIyYzE4ZDNkZGM1NmZiNjQ5OWQxZmEzM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgl0qzocbZzuS3HmMzSqgZMLglOhq
90WRsr4wD8sQRScK/2ku2wXlySmY3RVZrwYXy9u2/BH+EqbL3X4dnsZKyyxGi2dn
dmY1l8bq0D8uM+v5pvdkLu/bNgFykbkXR5eNnOe0cLViRVI9iRI17QsBP8eFpxH+
53pxEhvm1siUWJO2+EmsS9YOvfWL7rG++4qt3B3Y7DiDwR72VNgMYNncua5UJ/pI
BBwZ0q8DhVcKQ81jsnmH8azacjvKqpBQfPnZWfdhGXL6UHZQ/jjr3VXMf/WZAue6
8hd0jdlYf/Duzf3zoZDOVBvmDxBT4odvxBUxWdPHk0tm5sHphbgAD064UwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCmZ73JyO+QiwY093Fb7ZJnR+jPBMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvS1pudmNuSTc1Q0xCalQzY1Z2dGttZEg2TThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBc
MA0GCSqGSIb3DQEBCwUAA4IBAQAWifcIq/OTWpHk3Hqe03WK+6xrXsD8acWWLRWq
5/1JDesGlR76COZ9yC8LubZsmY0M30RDP5UPtZfNBAyE/KSdHN3q2ml812cHcqA3
vuuxHYpDL2gOAI8GkQuop1LD9t+7HR+uIeJdxNT+zYFuPnpBmEsVSbhFYehQS4JN
4SxZjAXwUyMZf58pqAPlEw6AO2o+YHDIi+XcPVfjE5jXPpooNX+a38NJT7Sz1bEi
q75GGMqfbW4/czSFj7ks1EERwrIKHLi/VxxOfknoJJxY1EdcycLNIaLajFPGxjI+
P69EQP4kLLeTE1gV8msTw8xjwlEu9wxoYGWEWYDNpcEQ1jSS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org