Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P5z1QIHlRvngeHZAZa-aTuvMjCs.roa
File: P5z1QIHlRvngeHZAZa-aTuvMjCs.roa (raw, json)
Hash identifier: /+RODxtmfaDPp6amU/JsD6RpsRFRP/0LoU88amEoyD8=
Subject key identifier: 3F:9C:F5:40:81:E5:46:F9:E0:78:76:40:65:AF:9A:4E:EB:CC:8C:2B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA726EE13C66FEE2F7E28268AA04ED1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P5z1QIHlRvngeHZAZa-aTuvMjCs.roa
Signing time: Tue 06 Feb 2024 18:21:17 +0000
ROA not before: Tue 06 Feb 2024 18:21:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199343
IP address blocks: 2a0f:b241:81::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a7:26:ee:13:c6:6f:ee:2f:7e:28:26:8a:a0:4e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:21:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f9cf54081e546f9e078764065af9a4eebcc8c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:b1:b9:cc:d7:f7:c5:d9:7b:b2:51:04:7e:
50:bd:35:7d:ca:3d:06:71:6b:7b:d0:16:15:20:2f:
5e:9b:b9:83:7e:0c:5d:78:fb:b2:70:c5:8a:de:3a:
aa:b9:a4:62:46:a4:05:b1:32:31:10:6a:d2:b0:87:
3e:fb:fb:df:cd:57:49:27:89:e5:33:5c:00:64:9e:
14:9f:a6:a0:77:93:cb:23:82:24:c5:b3:33:98:d7:
d4:72:c5:95:18:2f:20:69:ef:86:89:69:89:03:bf:
5b:5a:36:1e:6c:cd:67:2f:7f:44:e3:23:f3:36:ae:
7f:0b:33:b5:00:6a:21:65:3f:38:40:7b:18:a7:e8:
84:87:9c:1b:f0:7e:b5:f3:c3:d1:ee:03:de:5a:8c:
95:ef:bc:5d:ef:19:e0:fb:54:60:e6:44:27:b0:4f:
65:23:1f:3a:15:0d:22:ad:61:97:91:5c:62:c5:07:
0c:58:93:35:d3:ce:9e:ac:60:af:d7:71:4b:0c:a9:
7b:53:ff:b5:17:a2:60:0e:9e:6e:85:dc:7e:29:28:
69:0d:2d:90:42:60:b5:d9:51:c6:09:bd:4c:73:71:
3e:c6:26:d5:e9:49:5c:d2:80:2f:8f:e4:cf:35:ca:
44:a7:b8:b2:af:8a:ab:1f:04:07:9b:80:de:30:1a:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9C:F5:40:81:E5:46:F9:E0:78:76:40:65:AF:9A:4E:EB:CC:8C:2B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P5z1QIHlRvngeHZAZa-aTuvMjCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:81::/48
Signature Algorithm: sha256WithRSAEncryption
63:65:54:df:25:f4:2b:64:22:0a:0a:36:e5:45:a5:60:6e:1f:
c2:49:24:e0:ef:51:44:a2:3c:0a:9a:91:c8:b0:a7:6b:6c:08:
ee:b1:e0:5f:2c:3c:d6:ba:2c:59:f2:81:32:70:a3:96:bd:e9:
48:e2:c8:4b:b2:00:3e:37:89:f9:8e:41:d2:56:90:d8:63:f9:
26:35:5e:5b:e9:56:ae:1f:bb:95:3d:1d:d9:9a:e0:b0:4f:44:
5e:a7:a1:71:4f:74:28:6e:8e:11:1f:34:c1:4f:5f:d0:af:c5:
a2:21:14:8a:f2:08:f4:50:02:51:78:a9:93:cf:9d:9f:4c:49:
19:62:43:ec:d6:ed:10:71:fd:f6:f9:35:84:60:e1:33:21:f3:
4b:d6:5c:9c:08:48:f3:a9:46:39:5e:5c:b1:ac:24:99:4b:af:
c3:e1:24:19:f2:1f:dd:8a:bf:2f:07:b6:41:4c:6f:94:4e:6b:
81:e3:77:4b:78:de:1d:d9:f8:28:bf:6e:64:4a:1d:66:b3:d9:
cb:28:f1:e0:a8:cf:6f:95:83:d0:09:ce:81:86:a2:84:1e:45:
90:a3:69:31:dc:c4:8a:29:bf:59:c7:43:f2:3c:48:36:03:7b:
3a:d3:bc:bc:a5:a4:25:0d:8f:8a:df:7a:7c:b0:f0:df:75:48:
bd:70:dd:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pybuE8Zv7i9+KCaKoE7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjljZjU0MDgxZTU0NmY5ZTA3ODc2NDA2NWFmOWE0ZWViY2M4YzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvKxuczX98XZe7JRBH5QvTV9yj0G
cWt70BYVIC9em7mDfgxdePuycMWK3jqquaRiRqQFsTIxEGrSsIc++/vfzVdJJ4nl
M1wAZJ4Un6agd5PLI4IkxbMzmNfUcsWVGC8gae+GiWmJA79bWjYebM1nL39E4yPz
Nq5/CzO1AGohZT84QHsYp+iEh5wb8H6188PR7gPeWoyV77xd7xng+1Rg5kQnsE9l
Ix86FQ0irWGXkVxixQcMWJM1086erGCv13FLDKl7U/+1F6JgDp5uhdx+KShpDS2Q
QmC12VHGCb1Mc3E+xibV6Ulc0oAvj+TPNcpEp7iyr4qrHwQHm4DeMBow4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD+c9UCB5Ub54Hh2QGWvmk7rzIwrMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUDV6MVFJSGxSdm5nZUhaQVphLWFUdXZNakNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCB
MA0GCSqGSIb3DQEBCwUAA4IBAQBjZVTfJfQrZCIKCjblRaVgbh/CSSTg71FEojwK
mpHIsKdrbAjuseBfLDzWuixZ8oEycKOWvelI4shLsgA+N4n5jkHSVpDYY/kmNV5b
6VauH7uVPR3ZmuCwT0Rep6FxT3Qobo4RHzTBT1/Qr8WiIRSK8gj0UAJReKmTz52f
TEkZYkPs1u0Qcf32+TWEYOEzIfNL1lycCEjzqUY5XlyxrCSZS6/D4SQZ8h/dir8v
B7ZBTG+UTmuB43dLeN4d2fgov25kSh1ms9nLKPHgqM9vlYPQCc6BhqKEHkWQo2kx
3MSKKb9Zx0PyPEg2A3s607y8paQlDY+K33p8sPDfdUi9cN1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org