Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PFxAqB-dUiUQPI5ZDEXr0sRKsQk.roa
File: PFxAqB-dUiUQPI5ZDEXr0sRKsQk.roa (raw, json)
Hash identifier: rPQx52gritN+7OYFPfxN9lMAOoAyOwgrEjrHjuIASAg=
Subject key identifier: 3C:5C:40:A8:1F:9D:52:25:10:3C:8E:59:0C:45:EB:D2:C4:4A:B1:09
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB8889CFA371CF9C1F5AF15AEA847EA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PFxAqB-dUiUQPI5ZDEXr0sRKsQk.roa
Signing time: Tue 06 Feb 2024 18:40:16 +0000
ROA not before: Tue 06 Feb 2024 18:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44733
IP address blocks: 2a0f:b241:15b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b8:88:9c:fa:37:1c:f9:c1:f5:af:15:ae:a8:47:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c5c40a81f9d5225103c8e590c45ebd2c44ab109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:bd:a5:07:41:37:3d:c3:3f:78:7c:cb:5f:
fd:53:74:f7:33:88:35:d7:2a:0b:24:c1:2b:97:70:
4b:01:66:6d:51:88:13:c1:53:30:5a:a6:74:7f:c1:
f2:6e:95:7d:b5:f3:a5:a8:55:49:dd:a8:1c:b5:6f:
4c:f0:aa:3d:67:4f:2c:2c:16:28:fa:a2:ba:5b:b9:
b5:34:b9:f0:e3:99:a3:67:65:46:3e:3a:b2:37:8b:
f2:23:f8:ff:0c:64:77:c9:80:44:e3:2b:d3:69:f4:
29:66:70:b9:a6:1e:f6:56:aa:37:28:e1:3f:cd:04:
ae:cd:d2:fd:10:3b:30:9b:0c:21:f9:21:c1:a4:3e:
9f:83:93:9e:b2:93:ca:b0:99:ae:46:69:ff:34:f9:
2f:7e:aa:71:91:fb:08:f3:f8:e8:ad:6e:b8:18:cd:
b6:75:eb:16:69:e5:93:f9:b0:0d:b6:66:46:0f:26:
9d:ea:29:65:93:3a:8a:26:ec:a2:b1:de:1f:e8:43:
b7:da:fc:f7:13:27:e9:f8:63:c1:6b:70:6d:ff:45:
48:07:ce:ff:f8:d6:a1:58:78:f3:c8:51:72:24:fe:
3e:37:e8:d6:42:6a:ce:08:b6:ca:6a:1e:cf:52:26:
0a:0a:3b:9b:29:91:09:db:b5:be:37:4c:31:b2:6b:
66:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5C:40:A8:1F:9D:52:25:10:3C:8E:59:0C:45:EB:D2:C4:4A:B1:09
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PFxAqB-dUiUQPI5ZDEXr0sRKsQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:15b::/48
Signature Algorithm: sha256WithRSAEncryption
45:a6:10:9f:4b:a1:be:be:73:3c:56:dd:70:d3:90:d5:96:01:
00:bd:1b:39:c3:5a:ca:4e:60:b2:05:66:22:9a:d1:27:22:9c:
e7:f9:09:8b:93:a2:aa:d8:0c:8e:56:c5:b5:6d:a0:9f:08:0f:
e7:e8:61:30:55:99:d1:30:68:1b:c9:90:60:fc:54:3a:c4:a8:
f0:17:41:7f:3c:67:b7:b5:11:b0:74:8a:89:8e:2e:d1:cc:10:
1a:54:2a:53:b0:6b:95:63:c4:12:bc:13:47:91:b2:a9:2c:e9:
ed:21:0b:a0:77:76:b8:6f:fc:04:43:38:62:4b:de:33:b7:3c:
3a:8d:dc:a1:29:a2:47:e5:70:03:49:de:1e:ab:79:dc:de:11:
75:20:d1:b8:4b:72:f6:f5:8a:a3:a7:16:cb:7e:a3:1b:87:f3:
69:93:d6:ec:7f:44:68:63:8d:3e:8c:77:db:6a:46:23:79:d2:
f2:10:24:cf:3b:1b:86:c4:d6:28:15:82:7a:01:53:92:87:ab:
83:fd:1b:b4:4b:33:d9:e0:5a:0d:40:06:16:64:d4:20:e6:90:
69:4b:42:92:0b:dc:95:37:86:4c:43:1c:2d:2d:6f:b1:06:87:
ad:99:10:c3:c6:85:70:4e:8c:76:3f:d4:6c:51:ff:31:92:e5:
38:b6:38:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uIic+jcc+cH1rxWuqEfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzVjNDBhODFmOWQ1MjI1MTAzYzhlNTkwYzQ1ZWJkMmM0NGFiMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqS9pQdBNz3DP3h8y1/9U3T3M4g1
1yoLJMErl3BLAWZtUYgTwVMwWqZ0f8HybpV9tfOlqFVJ3agctW9M8Ko9Z08sLBYo
+qK6W7m1NLnw45mjZ2VGPjqyN4vyI/j/DGR3yYBE4yvTafQpZnC5ph72Vqo3KOE/
zQSuzdL9EDswmwwh+SHBpD6fg5OespPKsJmuRmn/NPkvfqpxkfsI8/jorW64GM22
desWaeWT+bANtmZGDyad6illkzqKJuyisd4f6EO32vz3Eyfp+GPBa3Bt/0VIB87/
+NahWHjzyFFyJP4+N+jWQmrOCLbKah7PUiYKCjubKZEJ27W+N0wxsmtm+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxcQKgfnVIlEDyOWQxF69LESrEJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUEZ4QXFCLWRVaVVRUEk1WkRFWHIwc1JLc1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFb
MA0GCSqGSIb3DQEBCwUAA4IBAQBFphCfS6G+vnM8Vt1w05DVlgEAvRs5w1rKTmCy
BWYimtEnIpzn+QmLk6Kq2AyOVsW1baCfCA/n6GEwVZnRMGgbyZBg/FQ6xKjwF0F/
PGe3tRGwdIqJji7RzBAaVCpTsGuVY8QSvBNHkbKpLOntIQugd3a4b/wEQzhiS94z
tzw6jdyhKaJH5XADSd4eq3nc3hF1ING4S3L29YqjpxbLfqMbh/Npk9bsf0RoY40+
jHfbakYjedLyECTPOxuGxNYoFYJ6AVOSh6uD/Ru0SzPZ4FoNQAYWZNQg5pBpS0KS
C9yVN4ZMQxwtLW+xBoetmRDDxoVwTox2P9RsUf8xkuU4tjjF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org