Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QLqpdGUHHKvo6Ol8K97nxR5ZRgo.roa
File: QLqpdGUHHKvo6Ol8K97nxR5ZRgo.roa (raw, json)
Hash identifier: kKb9qzun2aRofKXWs/HyDNuULIH3pPBKJmQcNUHwwqo=
Subject key identifier: 40:BA:A9:74:65:07:1C:AB:E8:E8:E9:7C:2B:DE:E7:C5:1E:59:46:0A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD65F87F40EE711D4BA1C5D71F7E9
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QLqpdGUHHKvo6Ol8K97nxR5ZRgo.roa
Signing time: Tue 06 Feb 2024 18:25:18 +0000
ROA not before: Tue 06 Feb 2024 18:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203843
IP address blocks: 2a0f:b241:e7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d6:5f:87:f4:0e:e7:11:d4:ba:1c:5d:71:f7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40baa97465071cabe8e8e97c2bdee7c51e59460a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2f:e5:9f:61:c6:c8:49:ae:28:17:9f:ea:49:
60:d1:96:ed:ce:d8:76:97:9c:bb:0e:39:ba:c5:06:
13:99:ae:57:8a:11:aa:36:86:3f:6e:92:5a:e6:f0:
58:ba:ff:d9:75:a7:5d:46:19:58:a3:f2:7a:db:bb:
23:24:af:87:b6:81:48:da:3d:9f:3f:1d:1e:e9:14:
fa:03:ce:26:66:d0:91:9b:eb:e1:9e:88:df:c8:3b:
05:e9:02:c6:63:1a:aa:c9:f6:9e:75:82:42:ce:09:
94:29:68:83:97:1d:ee:91:3c:12:af:df:fa:9f:ff:
8e:ac:03:7c:ea:46:00:1a:35:3c:cd:0c:81:f1:47:
73:c2:6f:7b:cb:53:b5:8e:e2:03:2e:2a:98:9e:08:
1d:4a:9b:8f:2f:f5:4f:59:3e:a5:91:c8:e6:e1:e2:
d6:57:96:28:b9:dd:96:74:fd:ff:c5:9b:f1:f2:6a:
75:5e:cf:0d:16:6a:5a:42:d2:a8:aa:ff:1e:52:5a:
e2:82:15:ae:f8:1f:cc:45:65:ef:31:f7:53:0d:ad:
a1:5d:10:e5:d0:f0:91:16:ba:80:df:03:6e:d5:2b:
6c:4e:f7:09:be:0b:a6:c8:0c:15:5a:87:46:a0:b7:
4b:aa:68:9f:0c:d6:bf:1e:89:a9:62:59:a2:f5:b3:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BA:A9:74:65:07:1C:AB:E8:E8:E9:7C:2B:DE:E7:C5:1E:59:46:0A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QLqpdGUHHKvo6Ol8K97nxR5ZRgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e7::/48
Signature Algorithm: sha256WithRSAEncryption
55:1f:19:1f:a6:77:91:7a:a8:57:8b:d7:06:18:eb:7e:0c:1e:
75:15:5d:1e:5c:de:1d:5f:54:fa:f2:a4:6e:07:56:7e:10:80:
49:aa:99:72:b4:75:db:38:52:f7:42:41:fc:51:a6:ce:b2:ae:
ed:fb:0e:ae:17:71:42:fb:c3:75:b8:48:3d:2e:06:2e:8b:af:
57:07:8a:8f:1f:77:5d:24:d7:ee:e1:cf:b6:32:0d:9d:5c:7b:
35:ab:9d:bf:90:8c:da:1f:4e:27:63:3f:e8:38:34:14:0d:d6:
ae:6a:81:00:95:dd:68:5f:03:dd:c4:3f:29:e7:a5:c6:bf:c3:
a9:f6:fc:c1:35:e9:72:f1:3b:a6:d4:96:4e:dc:f7:30:a9:77:
34:51:00:f3:5c:02:cc:6b:ca:46:a0:59:d7:ca:bd:68:5c:1a:
32:23:b9:b7:2c:b7:87:11:12:77:81:c4:16:be:ed:21:f1:86:
6c:45:c8:9e:c0:50:67:f9:88:b3:24:58:f5:29:c2:36:dd:02:
92:0a:13:55:c0:26:8b:94:8b:d2:83:fc:46:e0:98:c5:2f:cc:
df:9f:d5:6a:70:89:14:91:3c:ce:a1:93:39:70:97:f5:3e:18:
36:9e:9c:41:72:de:05:25:3e:f2:60:f0:06:e6:de:10:02:98:
23:e5:2c:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtZfh/QO5xHUuhxdcffpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJhYTk3NDY1MDcxY2FiZThlOGU5N2MyYmRlZTdjNTFlNTk0NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry/ln2HGyEmuKBef6klg0Zbtzth2
l5y7Djm6xQYTma5XihGqNoY/bpJa5vBYuv/ZdaddRhlYo/J627sjJK+HtoFI2j2f
Px0e6RT6A84mZtCRm+vhnojfyDsF6QLGYxqqyfaedYJCzgmUKWiDlx3ukTwSr9/6
n/+OrAN86kYAGjU8zQyB8Udzwm97y1O1juIDLiqYnggdSpuPL/VPWT6lkcjm4eLW
V5Youd2WdP3/xZvx8mp1Xs8NFmpaQtKoqv8eUlrighWu+B/MRWXvMfdTDa2hXRDl
0PCRFrqA3wNu1StsTvcJvgumyAwVWodGoLdLqmifDNa/HompYlmi9bOl1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEC6qXRlBxyr6OjpfCve58UeWUYKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUUxxcGRHVUhIS3ZvNk9sOEs5N254UjVaUmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDn
MA0GCSqGSIb3DQEBCwUAA4IBAQBVHxkfpneReqhXi9cGGOt+DB51FV0eXN4dX1T6
8qRuB1Z+EIBJqplytHXbOFL3QkH8UabOsq7t+w6uF3FC+8N1uEg9LgYui69XB4qP
H3ddJNfu4c+2Mg2dXHs1q52/kIzaH04nYz/oODQUDdauaoEAld1oXwPdxD8p56XG
v8Op9vzBNely8Tum1JZO3PcwqXc0UQDzXALMa8pGoFnXyr1oXBoyI7m3LLeHERJ3
gcQWvu0h8YZsRciewFBn+YizJFj1KcI23QKSChNVwCaLlIvSg/xG4JjFL8zfn9Vq
cIkUkTzOoZM5cJf1Phg2npxBct4FJT7yYPAG5t4QApgj5SwI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org