Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PkrCFgCLk3nIzNouCUrd-HXuxxc.roa
File: PkrCFgCLk3nIzNouCUrd-HXuxxc.roa (raw, json)
Hash identifier: 5a4f49Mg6Z1Isefj/opTSKhTDFmnpQ5pvWHhP+paBeI=
Subject key identifier: 3E:4A:C2:16:00:8B:93:79:C8:CC:DA:2E:09:4A:DD:F8:75:EE:C7:17
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A824B8F755B0351B39BB66537BF4
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PkrCFgCLk3nIzNouCUrd-HXuxxc.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211545
IP address blocks: 2a0f:b241:147::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a8:24:b8:f7:55:b0:35:1b:39:bb:66:53:7b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e4ac216008b9379c8ccda2e094addf875eec717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:da:c6:aa:46:fe:19:f8:8d:87:80:54:46:8e:
98:b6:6f:c3:84:16:55:cf:f3:f7:b2:f0:ea:98:c1:
0c:4a:64:55:4c:4f:aa:92:c6:89:80:c8:06:0c:8c:
3a:52:54:3e:e1:df:70:70:4f:9e:ab:9d:fb:36:1d:
0f:58:f6:66:3e:19:a8:90:a7:25:40:61:5d:40:b2:
ec:63:eb:0b:72:41:33:55:67:9f:ea:20:46:25:42:
80:bc:82:57:90:6f:83:5e:95:ab:a5:22:25:4f:76:
e6:61:30:ec:97:5d:29:80:a1:18:96:19:6e:9f:95:
48:92:c1:3b:f6:93:e4:db:d2:d3:32:a6:c4:b6:bf:
02:cd:71:77:a3:35:50:a4:7b:de:3c:89:5b:d1:91:
e5:1b:57:63:b3:06:3a:39:fb:e6:38:64:66:33:7f:
bf:85:29:4e:ed:00:0b:ad:f0:c7:9c:83:cb:4a:63:
98:3c:ce:47:7e:95:2a:06:16:2a:96:e0:66:bb:a0:
8a:00:d1:be:4f:ca:1e:a6:15:38:5b:d3:45:0c:05:
85:56:0a:22:ed:1b:8b:11:b5:3d:14:5f:96:f5:5c:
e0:4b:cb:0b:5d:72:a2:a2:a3:27:a9:01:be:75:bb:
b8:4e:34:8e:49:7f:cb:48:7f:db:49:d8:7b:49:51:
6d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4A:C2:16:00:8B:93:79:C8:CC:DA:2E:09:4A:DD:F8:75:EE:C7:17
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PkrCFgCLk3nIzNouCUrd-HXuxxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:147::/48
Signature Algorithm: sha256WithRSAEncryption
6c:32:a1:b4:98:16:2f:6b:21:19:71:6a:b9:a4:5d:fc:60:d4:
81:6f:52:f0:a6:fd:17:e5:f6:e8:9d:46:89:50:4f:f0:0b:f2:
65:f5:7d:4a:5c:6d:b8:95:ac:c0:f1:ce:c9:62:3d:a5:b3:1a:
72:bc:d1:7a:75:ed:36:e6:cf:d2:0d:67:4c:2b:cb:bf:a2:1e:
2e:82:2f:c2:da:e3:02:f8:11:b9:3a:40:32:c7:06:04:3f:ba:
2e:56:b9:cd:6d:e3:eb:38:69:37:04:08:cf:ae:18:1e:c7:d4:
30:98:67:c0:b6:65:c7:d8:a9:37:34:65:57:c9:02:8c:48:25:
ad:95:d7:cb:7f:09:56:53:52:b1:70:02:b6:24:03:dc:b3:ee:
77:fd:5b:03:86:d1:cd:84:d1:3d:64:2f:10:69:63:43:5c:e5:
82:58:d3:77:ab:02:f1:ed:21:7a:15:05:cb:1d:8b:6c:e5:09:
4b:37:ae:bb:46:26:d8:d9:6c:30:92:82:e4:35:cd:ad:c3:46:
2d:67:84:8d:1c:b5:1f:1f:e4:de:d9:19:c9:15:d4:ae:fd:70:
46:c8:32:f6:d7:6a:c9:52:b0:55:9e:89:88:5b:60:6e:d3:36:
ea:f7:c7:26:42:63:c4:c0:18:81:60:38:c7:70:f0:ce:22:a6:
03:6f:32:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KgkuPdVsDUbObtmU3v0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRhYzIxNjAwOGI5Mzc5YzhjY2RhMmUwOTRhZGRmODc1ZWVjNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNrGqkb+GfiNh4BURo6Ytm/DhBZV
z/P3svDqmMEMSmRVTE+qksaJgMgGDIw6UlQ+4d9wcE+eq537Nh0PWPZmPhmokKcl
QGFdQLLsY+sLckEzVWef6iBGJUKAvIJXkG+DXpWrpSIlT3bmYTDsl10pgKEYlhlu
n5VIksE79pPk29LTMqbEtr8CzXF3ozVQpHvePIlb0ZHlG1djswY6OfvmOGRmM3+/
hSlO7QALrfDHnIPLSmOYPM5HfpUqBhYqluBmu6CKANG+T8oephU4W9NFDAWFVgoi
7RuLEbU9FF+W9VzgS8sLXXKioqMnqQG+dbu4TjSOSX/LSH/bSdh7SVFtsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD5KwhYAi5N5yMzaLglK3fh17scXMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUGtyQ0ZnQ0xrM25Jek5vdUNVcmQtSFh1eHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFH
MA0GCSqGSIb3DQEBCwUAA4IBAQBsMqG0mBYvayEZcWq5pF38YNSBb1Lwpv0X5fbo
nUaJUE/wC/Jl9X1KXG24lazA8c7JYj2lsxpyvNF6de025s/SDWdMK8u/oh4ugi/C
2uMC+BG5OkAyxwYEP7ouVrnNbePrOGk3BAjPrhgex9QwmGfAtmXH2Kk3NGVXyQKM
SCWtldfLfwlWU1KxcAK2JAPcs+53/VsDhtHNhNE9ZC8QaWNDXOWCWNN3qwLx7SF6
FQXLHYts5QlLN667RibY2WwwkoLkNc2tw0YtZ4SNHLUfH+Te2RnJFdSu/XBGyDL2
12rJUrBVnomIW2Bu0zbq98cmQmPEwBiBYDjHcPDOIqYDbzJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org