Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LN9NXdvSTd2uW3Y1framnm5pHo0.roa
File: LN9NXdvSTd2uW3Y1framnm5pHo0.roa (raw, json)
Hash identifier: wd0062o6R/eBmsHaz8atJC4ozcrUIHbsbJSQXZ9g/Ks=
Subject key identifier: 2C:DF:4D:5D:DB:D2:4D:DD:AE:5B:76:35:7E:B6:A6:9E:6E:69:1E:8D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA9E2A612F6C34E299887AA6B03DD75
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LN9NXdvSTd2uW3Y1framnm5pHo0.roa
Signing time: Tue 06 Feb 2024 18:24:16 +0000
ROA not before: Tue 06 Feb 2024 18:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200754
IP address blocks: 2a0f:b241:cf::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a9:e2:a6:12:f6:c3:4e:29:98:87:aa:6b:03:dd:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cdf4d5ddbd24dddae5b76357eb6a69e6e691e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:84:ad:bd:ad:4b:33:d7:67:bd:5f:91:f8:c1:
af:47:88:c5:c8:f4:65:fe:69:70:4a:c6:63:f8:29:
32:9b:11:1b:6a:84:31:7b:af:bd:13:cf:fa:06:66:
bb:d4:90:96:3b:ea:56:6b:e5:8b:df:2d:5a:ed:90:
ac:8d:fd:1c:4b:b4:f8:f1:67:c7:31:f5:df:95:3d:
1a:f7:53:26:54:ec:29:3c:f9:91:9d:a6:1c:f6:a6:
ed:85:ab:2d:db:0f:78:a7:36:87:60:11:77:13:1a:
40:ee:7c:12:5f:8e:10:81:36:74:90:5c:55:ce:80:
ea:81:9e:62:a7:17:69:4c:7c:17:4a:d4:f2:53:76:
0b:44:8e:4c:93:fb:26:f0:7c:8a:18:40:d7:72:72:
fe:20:3e:8d:4d:26:20:89:08:77:9f:ad:90:7d:d9:
77:81:29:86:92:93:5d:97:56:67:f6:fd:26:88:33:
01:f7:fc:bf:27:b3:61:40:96:7d:a5:5c:19:4d:2c:
17:8f:e7:04:8f:20:02:27:cf:66:56:13:fd:f6:05:
61:16:ee:45:76:9a:06:25:7d:59:f2:e1:9e:35:2b:
17:83:28:cf:9f:4b:ef:af:7f:f2:b0:92:cb:b7:90:
7d:26:23:ee:33:b0:7e:dc:fd:7a:5e:b7:6c:4f:00:
ac:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DF:4D:5D:DB:D2:4D:DD:AE:5B:76:35:7E:B6:A6:9E:6E:69:1E:8D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LN9NXdvSTd2uW3Y1framnm5pHo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:cf::/48
Signature Algorithm: sha256WithRSAEncryption
0f:c2:2b:21:47:d7:17:30:af:49:66:37:ec:3f:88:99:0a:87:
a4:7c:a3:4d:a4:33:4c:97:f7:e5:b6:2c:a0:5e:d2:ab:93:30:
35:a7:e7:3b:c0:74:88:e3:c6:2b:06:a4:ca:df:e8:89:5e:87:
5a:fe:48:b7:b2:5c:45:0d:f1:e4:7b:08:2a:f9:ec:bd:e0:82:
41:e9:30:2c:24:7a:8a:cb:a9:c8:92:fc:74:64:1d:1e:ea:7a:
55:a8:4e:df:c1:8e:a5:bd:f8:df:e3:ac:5c:fd:8b:53:53:d2:
57:23:d1:e7:88:42:76:df:85:a9:d7:b8:16:99:fc:ee:90:72:
da:83:bf:7d:70:7f:ac:cf:f5:da:cf:38:18:96:11:df:f0:f4:
50:64:a8:f5:d6:a3:1a:ad:92:b5:57:88:44:81:34:8b:b9:28:
42:be:49:df:88:fc:6e:0c:e8:97:ae:14:38:bc:b4:f4:5d:39:
10:a8:a1:9f:e2:cb:8f:f8:21:cc:bd:97:7f:bc:02:4f:b8:1a:
08:d0:31:fd:9b:31:48:c7:d4:d5:c0:e6:0f:b8:37:8e:b6:77:
72:b9:6f:3d:bb:2e:fa:dd:aa:15:31:c6:d9:0d:b6:29:a6:04:
03:12:15:1f:e5:18:4a:e4:21:e2:50:0d:9a:17:d0:d0:f8:cc:
03:db:d5:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qeKmEvbDTimYh6prA911MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RmNGQ1ZGRiZDI0ZGRkYWU1Yjc2MzU3ZWI2YTY5ZTZlNjkxZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYStva1LM9dnvV+R+MGvR4jFyPRl
/mlwSsZj+CkymxEbaoQxe6+9E8/6Bma71JCWO+pWa+WL3y1a7ZCsjf0cS7T48WfH
MfXflT0a91MmVOwpPPmRnaYc9qbthast2w94pzaHYBF3ExpA7nwSX44QgTZ0kFxV
zoDqgZ5ipxdpTHwXStTyU3YLRI5Mk/sm8HyKGEDXcnL+ID6NTSYgiQh3n62Qfdl3
gSmGkpNdl1Zn9v0miDMB9/y/J7NhQJZ9pVwZTSwXj+cEjyACJ89mVhP99gVhFu5F
dpoGJX1Z8uGeNSsXgyjPn0vvr3/ysJLLt5B9JiPuM7B+3P16XrdsTwCsRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCzfTV3b0k3drlt2NX62pp5uaR6NMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTE45TlhkdlNUZDJ1VzNZMWZyYW1ubTVwSG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDP
MA0GCSqGSIb3DQEBCwUAA4IBAQAPwishR9cXMK9JZjfsP4iZCoekfKNNpDNMl/fl
tiygXtKrkzA1p+c7wHSI48YrBqTK3+iJXoda/ki3slxFDfHkewgq+ey94IJB6TAs
JHqKy6nIkvx0ZB0e6npVqE7fwY6lvfjf46xc/YtTU9JXI9HniEJ234Wp17gWmfzu
kHLag799cH+sz/XazzgYlhHf8PRQZKj11qMarZK1V4hEgTSLuShCvknfiPxuDOiX
rhQ4vLT0XTkQqKGf4suP+CHMvZd/vAJPuBoI0DH9mzFIx9TVwOYPuDeOtndyuW89
uy763aoVMcbZDbYppgQDEhUf5RhK5CHiUA2aF9DQ+MwD29W5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org