Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Q7SC11WB6quOZw6wA9jHBbEAstY.roa
File: Q7SC11WB6quOZw6wA9jHBbEAstY.roa (raw, json)
Hash identifier: atdutXTrGGPNlnEa1bO0m7X83YmINEptKWAXr0Cgpik=
Subject key identifier: 43:B4:82:D7:55:81:EA:AB:8E:67:0E:B0:03:D8:C7:05:B1:00:B2:D6
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB88D9017FC9F981F8948D79D768A5F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Q7SC11WB6quOZw6wA9jHBbEAstY.roa
Signing time: Tue 06 Feb 2024 18:40:17 +0000
ROA not before: Tue 06 Feb 2024 18:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215826
IP address blocks: 2a0f:b241:151::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b8:8d:90:17:fc:9f:98:1f:89:48:d7:9d:76:8a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b482d75581eaab8e670eb003d8c705b100b2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:83:89:ad:ef:2a:5b:e5:a8:7c:d5:98:8e:38:
b0:ca:5e:f5:eb:c0:fa:d1:ae:ab:b0:77:2b:91:f5:
14:08:a2:3f:b1:37:35:2b:68:75:42:49:f8:26:ea:
66:e2:d2:ba:12:2e:79:1b:e2:50:d2:8e:c3:74:35:
26:29:7c:37:ba:41:be:a1:93:66:7a:2a:1c:1d:24:
83:28:a0:ab:fb:6d:bb:35:64:05:12:5d:25:91:33:
a2:f6:e5:b7:84:ac:b0:3f:12:32:50:cb:96:79:55:
24:e1:6d:48:d8:92:54:a2:6a:69:1b:cd:14:ab:6f:
44:52:0a:54:62:a5:e7:00:7c:01:ac:2c:db:4d:68:
3c:d5:ab:b0:05:13:3e:f7:b0:72:0d:03:53:62:4b:
3e:5e:9f:82:3b:51:a1:cf:9d:fb:2e:d8:a5:5c:89:
80:18:26:93:d4:02:6d:a1:41:4b:d1:ca:c1:e2:65:
08:9b:53:22:c3:60:dc:87:5c:00:be:39:ba:f6:68:
6c:ed:0f:51:53:c4:b4:bf:1d:84:3b:cc:11:8f:ef:
ba:74:c0:ac:d5:14:84:f7:6d:ab:fb:f4:e3:e7:72:
8f:a0:fd:ec:93:ff:34:8e:a5:c2:b2:da:9e:b3:77:
6d:1b:b3:6f:9c:91:f1:ef:c8:ba:44:6e:f3:91:35:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B4:82:D7:55:81:EA:AB:8E:67:0E:B0:03:D8:C7:05:B1:00:B2:D6
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Q7SC11WB6quOZw6wA9jHBbEAstY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:151::/48
Signature Algorithm: sha256WithRSAEncryption
55:96:e5:f0:0f:59:7a:de:34:55:f8:4d:eb:b1:8a:55:8f:69:
30:e2:80:a6:dc:90:ae:d2:bc:13:3a:2d:8b:28:c2:91:5c:d2:
09:c5:0b:8d:a4:be:d3:2f:7b:9b:e3:15:99:40:73:91:98:b9:
99:f8:56:cc:53:5b:64:08:15:5e:39:61:14:09:99:25:2e:c1:
ac:98:88:a5:05:e7:e1:e3:72:cb:48:aa:14:3f:de:59:f4:36:
8d:d1:4a:0e:3a:8c:fa:51:ca:09:41:83:9e:83:0a:7e:df:01:
3e:94:f5:2d:d9:c8:cc:2d:6f:37:55:00:b0:d2:c5:a9:0c:76:
b9:40:ff:20:27:b2:7a:c0:1b:23:6c:72:cd:4c:36:56:65:e0:
94:75:f7:2b:e9:d8:c3:9b:65:9e:bc:86:2e:22:fa:29:8b:60:
d9:3b:d3:10:53:53:39:87:24:1b:7a:a7:34:c4:29:1b:42:55:
bc:b0:43:8d:d3:d2:e3:17:cf:49:e9:8d:29:03:43:c4:fd:e5:
45:23:98:5e:90:69:89:b9:86:b2:bf:f7:52:0c:50:2b:15:5d:
a7:b6:03:5e:09:3d:2c:b5:09:2b:9b:0e:7f:af:e3:b1:30:eb:
6f:ab:0b:31:ab:90:60:ac:e0:ba:a2:2c:8d:56:eb:41:32:8e:
62:a8:94:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uI2QF/yfmB+JSNeddopfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I0ODJkNzU1ODFlYWFiOGU2NzBlYjAwM2Q4YzcwNWIxMDBiMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4OJre8qW+WofNWYjjiwyl7168D6
0a6rsHcrkfUUCKI/sTc1K2h1Qkn4Jupm4tK6Ei55G+JQ0o7DdDUmKXw3ukG+oZNm
eiocHSSDKKCr+227NWQFEl0lkTOi9uW3hKywPxIyUMuWeVUk4W1I2JJUomppG80U
q29EUgpUYqXnAHwBrCzbTWg81auwBRM+97ByDQNTYks+Xp+CO1Ghz537LtilXImA
GCaT1AJtoUFL0crB4mUIm1Miw2Dch1wAvjm69mhs7Q9RU8S0vx2EO8wRj++6dMCs
1RSE922r+/Tj53KPoP3sk/80jqXCstqes3dtG7NvnJHx78i6RG7zkTXgZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEO0gtdVgeqrjmcOsAPYxwWxALLWMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUTdTQzExV0I2cXVPWnc2d0E5akhCYkVBc3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFR
MA0GCSqGSIb3DQEBCwUAA4IBAQBVluXwD1l63jRV+E3rsYpVj2kw4oCm3JCu0rwT
Oi2LKMKRXNIJxQuNpL7TL3ub4xWZQHORmLmZ+FbMU1tkCBVeOWEUCZklLsGsmIil
Befh43LLSKoUP95Z9DaN0UoOOoz6UcoJQYOegwp+3wE+lPUt2cjMLW83VQCw0sWp
DHa5QP8gJ7J6wBsjbHLNTDZWZeCUdfcr6djDm2WevIYuIvopi2DZO9MQU1M5hyQb
eqc0xCkbQlW8sEON09LjF89J6Y0pA0PE/eVFI5hekGmJuYayv/dSDFArFV2ntgNe
CT0stQkrmw5/r+OxMOtvqwsxq5BgrOC6oiyNVutBMo5iqJRB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org