Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LZukfDLD1q0d7GZAc11c-aRIOdM.roa
File: LZukfDLD1q0d7GZAc11c-aRIOdM.roa (raw, json)
Hash identifier: qiHH3f/authg99tj1PW1tvufcsxQzML08TpKSi9EqLQ=
Subject key identifier: 2D:9B:A4:7C:32:C3:D6:AD:1D:EC:66:40:73:5D:5C:F9:A4:48:39:D3
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE77C95C9F3C1914569CBEE58518D8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LZukfDLD1q0d7GZAc11c-aRIOdM.roa
Signing time: Tue 06 Feb 2024 18:29:16 +0000
ROA not before: Tue 06 Feb 2024 18:29:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49707
IP address blocks: 2a0f:b241:118::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:77:c9:5c:9f:3c:19:14:56:9c:be:e5:85:18:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d9ba47c32c3d6ad1dec6640735d5cf9a44839d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:da:0a:f8:fa:d7:c0:82:05:cc:e0:82:61:
ec:97:62:f3:f5:72:6a:49:36:d1:3c:29:bb:01:0a:
2f:ac:2b:76:d9:fa:40:39:2c:a1:75:79:55:cf:3a:
46:8b:19:66:2f:9e:53:21:9c:f9:96:b3:f6:ac:73:
c9:d0:80:67:08:09:e2:54:dc:e0:2d:a4:af:34:ed:
81:76:20:b7:56:68:b7:f4:89:46:89:b5:ff:43:40:
d0:9b:5e:8c:82:80:b8:ce:4b:2d:93:44:ab:fb:d6:
2a:cb:07:dd:fa:0e:48:dd:52:b9:78:c1:6f:47:ff:
d1:c7:9f:9c:55:ff:6b:b6:01:d7:91:8d:db:3a:88:
70:e8:f3:e1:4f:6c:3a:6c:5b:33:cd:bb:91:61:cc:
50:da:00:44:11:b4:da:03:8f:a0:67:1d:6d:58:91:
e1:04:c8:71:42:fe:cf:00:6b:6f:fe:db:1c:fe:50:
7b:6b:e5:84:66:36:56:93:b7:24:ea:b7:28:05:f1:
2b:85:51:d0:77:43:45:b6:a6:a3:ee:f2:41:d3:9f:
83:64:7f:17:07:a9:df:5b:24:27:3e:04:ec:ea:2a:
b5:aa:1d:ee:d6:21:c4:2b:27:e8:49:a8:83:29:fd:
66:99:37:81:79:54:29:1f:3e:63:a1:7d:6b:72:d6:
e4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9B:A4:7C:32:C3:D6:AD:1D:EC:66:40:73:5D:5C:F9:A4:48:39:D3
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LZukfDLD1q0d7GZAc11c-aRIOdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:118::/48
Signature Algorithm: sha256WithRSAEncryption
27:46:f1:21:b6:59:2a:51:00:0d:ee:6e:8c:f0:2b:94:76:06:
2d:c5:31:a0:8d:3f:ca:86:a6:d1:5e:e1:53:5d:4b:af:b9:f9:
59:16:c4:bc:92:5e:c7:6d:e1:69:e0:27:cf:f8:45:5e:86:8a:
1b:11:26:7f:67:28:8f:c0:82:5f:e3:a6:47:41:7b:1f:fe:ec:
7f:43:04:3d:d8:a0:41:e4:19:16:f5:60:ff:59:e3:f3:40:74:
a7:89:af:82:33:23:41:2c:8a:f2:b1:a9:3f:92:12:a9:6f:e3:
fc:f8:45:52:ee:83:0a:68:63:1c:47:b0:ad:25:db:5c:53:38:
9d:db:15:65:6e:94:a8:86:07:f8:a7:c6:40:7f:35:4f:c9:96:
a5:a9:9e:ed:10:4b:d7:0f:1b:85:a5:62:2e:25:50:de:55:2c:
4a:5b:3e:93:87:d6:95:12:30:29:66:6b:91:bc:dc:f1:9b:31:
de:3b:64:aa:07:83:2c:5f:df:ae:19:f1:2e:af:7b:5c:ce:97:
80:7b:a9:ae:68:60:31:e9:a9:b4:37:26:44:ad:e8:a9:e3:f8:
31:25:74:44:8a:e3:72:05:51:5d:9a:25:15:72:18:34:33:bb:
bd:03:ed:05:a2:b2:f7:5a:d7:28:cb:55:c0:2f:df:6a:0f:d4:
fb:08:e3:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnfJXJ88GRRWnL7lhRjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDliYTQ3YzMyYzNkNmFkMWRlYzY2NDA3MzVkNWNmOWE0NDgzOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApebaCvj618CCBczggmHsl2Lz9XJq
STbRPCm7AQovrCt22fpAOSyhdXlVzzpGixlmL55TIZz5lrP2rHPJ0IBnCAniVNzg
LaSvNO2BdiC3Vmi39IlGibX/Q0DQm16MgoC4zkstk0Sr+9Yqywfd+g5I3VK5eMFv
R//Rx5+cVf9rtgHXkY3bOohw6PPhT2w6bFszzbuRYcxQ2gBEEbTaA4+gZx1tWJHh
BMhxQv7PAGtv/tsc/lB7a+WEZjZWk7ck6rcoBfErhVHQd0NFtqaj7vJB05+DZH8X
B6nfWyQnPgTs6iq1qh3u1iHEKyfoSaiDKf1mmTeBeVQpHz5joX1rctbk0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC2bpHwyw9atHexmQHNdXPmkSDnTMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTFp1a2ZETEQxcTBkN0daQWMxMWMtYVJJT2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEY
MA0GCSqGSIb3DQEBCwUAA4IBAQAnRvEhtlkqUQAN7m6M8CuUdgYtxTGgjT/KhqbR
XuFTXUuvuflZFsS8kl7HbeFp4CfP+EVehoobESZ/ZyiPwIJf46ZHQXsf/ux/QwQ9
2KBB5BkW9WD/WePzQHSnia+CMyNBLIrysak/khKpb+P8+EVS7oMKaGMcR7CtJdtc
Uzid2xVlbpSohgf4p8ZAfzVPyZalqZ7tEEvXDxuFpWIuJVDeVSxKWz6Th9aVEjAp
ZmuRvNzxmzHeO2SqB4MsX9+uGfEur3tczpeAe6muaGAx6am0NyZEreip4/gxJXRE
iuNyBVFdmiUVchg0M7u9A+0ForL3Wtcoy1XAL99qD9T7COOd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org