Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QfMoovqK2ZLO_OFLo1OamdIHQAI.roa
File: QfMoovqK2ZLO_OFLo1OamdIHQAI.roa (raw, json)
Hash identifier: DZ7Hcie90tJiy/ufC5wGiwHuCzN4yCQnrBr/r+yOhzk=
Subject key identifier: 41:F3:28:A2:FA:8A:D9:92:CE:FC:E1:4B:A3:53:9A:99:D2:07:40:02
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA900A5043C193B33796EBB6A25F848
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QfMoovqK2ZLO_OFLo1OamdIHQAI.roa
Signing time: Tue 06 Feb 2024 18:23:18 +0000
ROA not before: Tue 06 Feb 2024 18:23:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200545
IP address blocks: 2a0f:b241:bd::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a9:00:a5:04:3c:19:3b:33:79:6e:bb:6a:25:f8:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:23:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41f328a2fa8ad992cefce14ba3539a99d2074002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:48:74:a3:02:33:84:42:f7:78:18:6d:8d:44:
41:3d:80:f4:6e:ad:b3:61:72:49:90:9c:1a:2c:50:
d7:08:e4:fa:2e:96:26:82:08:a0:4a:9e:7d:53:ce:
3b:a5:ba:ce:4e:20:c7:85:18:4b:f5:e4:33:ce:75:
dc:61:3b:15:f8:bb:ac:1a:94:b0:38:60:f4:3a:a0:
20:3b:53:1d:08:45:1e:3b:ac:90:25:71:43:23:12:
3e:5e:25:d7:69:86:5c:e2:dc:76:0a:fe:1c:c4:e1:
03:8f:d1:19:c8:83:2e:80:7d:fc:1c:32:fd:eb:98:
c3:a6:1d:de:89:76:93:79:66:f5:cc:5c:7b:c6:d2:
98:34:32:81:f7:0e:d6:e8:ee:b6:1b:26:6a:39:da:
6c:f3:68:1d:6a:5d:7c:27:83:19:65:27:56:51:62:
89:9d:1e:d7:25:ca:af:c3:64:76:63:19:9e:c8:92:
6d:29:9c:df:86:d6:58:ee:ec:2b:bb:2f:fa:b3:53:
a6:c0:d6:b9:94:84:65:21:c3:1b:ee:20:e8:19:0c:
b9:62:6f:f7:d8:a2:7e:0f:7b:30:8a:80:56:cf:0c:
46:a6:d8:8c:b6:29:10:d8:47:cf:1f:6f:42:5e:0d:
9e:fc:67:f0:0b:39:c4:64:20:5f:8b:e2:7c:9c:c8:
89:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F3:28:A2:FA:8A:D9:92:CE:FC:E1:4B:A3:53:9A:99:D2:07:40:02
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QfMoovqK2ZLO_OFLo1OamdIHQAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:bd::/48
Signature Algorithm: sha256WithRSAEncryption
20:9e:75:d9:4d:70:63:39:b2:c4:f2:93:db:ab:b6:96:ce:f5:
e3:57:60:24:f6:73:ef:d0:26:ba:ee:54:f0:38:8f:3c:66:d4:
72:da:96:a1:c2:e9:40:68:06:f0:99:16:70:ba:6f:cb:e0:91:
a7:ad:89:8d:9f:8a:00:5a:82:ad:ac:b7:f5:bc:fb:27:03:05:
51:2b:7a:85:dc:ae:d8:b7:47:1c:39:b9:88:3e:2b:71:cc:c6:
3a:c6:58:1b:ad:41:8c:ce:2f:e5:bb:32:2e:8a:57:b9:24:be:
3d:2f:b7:37:f3:c9:35:8c:e0:55:83:de:f8:cd:b7:bb:dd:ce:
60:15:63:fe:5a:97:af:2e:c7:b6:30:5f:53:17:c4:a7:71:11:
52:5b:2e:52:1a:17:55:15:d5:c4:58:fa:18:3e:e4:3e:3b:7e:
ba:f1:eb:dc:7d:46:f5:fa:a2:4c:f8:4a:4b:a4:5a:68:49:37:
8a:fa:91:ae:b2:5d:8c:af:7a:58:6b:e8:1e:12:be:46:6d:b7:
2b:46:d4:a5:05:b7:6d:48:71:9d:b7:82:08:53:23:77:05:98:
fc:0b:04:f3:d7:7b:f1:d1:e4:0a:4d:b1:6d:60:a3:77:98:4d:
00:19:65:34:0f:37:2f:14:ef:8e:c9:c9:c3:75:4c:31:f9:9c:
e6:e0:36:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qQClBDwZOzN5brtqJfhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWYzMjhhMmZhOGFkOTkyY2VmY2UxNGJhMzUzOWE5OWQyMDc0MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0h0owIzhEL3eBhtjURBPYD0bq2z
YXJJkJwaLFDXCOT6LpYmggigSp59U847pbrOTiDHhRhL9eQzznXcYTsV+LusGpSw
OGD0OqAgO1MdCEUeO6yQJXFDIxI+XiXXaYZc4tx2Cv4cxOEDj9EZyIMugH38HDL9
65jDph3eiXaTeWb1zFx7xtKYNDKB9w7W6O62GyZqOdps82gdal18J4MZZSdWUWKJ
nR7XJcqvw2R2YxmeyJJtKZzfhtZY7uwruy/6s1OmwNa5lIRlIcMb7iDoGQy5Ym/3
2KJ+D3swioBWzwxGptiMtikQ2EfPH29CXg2e/GfwCznEZCBfi+J8nMiJMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEHzKKL6itmSzvzhS6NTmpnSB0ACMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUWZNb292cUsyWkxPX09GTG8xT2FtZElIUUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQC9
MA0GCSqGSIb3DQEBCwUAA4IBAQAgnnXZTXBjObLE8pPbq7aWzvXjV2Ak9nPv0Ca6
7lTwOI88ZtRy2pahwulAaAbwmRZwum/L4JGnrYmNn4oAWoKtrLf1vPsnAwVRK3qF
3K7Yt0ccObmIPitxzMY6xlgbrUGMzi/luzIuile5JL49L7c388k1jOBVg974zbe7
3c5gFWP+WpevLse2MF9TF8SncRFSWy5SGhdVFdXEWPoYPuQ+O3668evcfUb1+qJM
+EpLpFpoSTeK+pGusl2Mr3pYa+geEr5GbbcrRtSlBbdtSHGdt4IIUyN3BZj8CwTz
13vx0eQKTbFtYKN3mE0AGWU0DzcvFO+OycnDdUwx+Zzm4DYC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org