Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SqpzofGK5xqwgqVuYHvDAnpdd0k.roa
File: SqpzofGK5xqwgqVuYHvDAnpdd0k.roa (raw, json)
Hash identifier: inNQJkxleF3t60oc/zI8bZLxD+nK58tyhnrr/SMKHV4=
Subject key identifier: 4A:AA:73:A1:F1:8A:E7:1A:B0:82:A5:6E:60:7B:C3:02:7A:5D:77:49
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD6A6C225B9ADD340E875BAF3796A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SqpzofGK5xqwgqVuYHvDAnpdd0k.roa
Signing time: Tue 06 Feb 2024 18:25:18 +0000
ROA not before: Tue 06 Feb 2024 18:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203852
IP address blocks: 2a0f:b241:e7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d6:a6:c2:25:b9:ad:d3:40:e8:75:ba:f3:79:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aaa73a1f18ae71ab082a56e607bc3027a5d7749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3a:45:f4:8d:a4:c7:b7:58:0c:aa:b7:1c:07:
a3:9f:0c:12:09:f0:60:21:ee:70:fd:7a:1d:3a:c9:
0e:5e:51:d4:07:53:11:fa:51:2d:47:7d:51:24:93:
21:54:8f:0e:50:06:4a:11:63:bb:de:ba:7d:96:5e:
63:1b:c1:cb:7c:d6:db:1f:f6:17:1f:81:dc:e5:c9:
61:5b:61:06:a3:47:02:3d:93:74:bd:e2:92:fd:b0:
4f:7d:9f:f3:ee:6f:b4:61:20:5e:75:68:5c:12:10:
45:15:d9:54:29:1d:56:10:56:95:8a:79:79:d2:29:
1a:bb:cf:60:8d:de:d7:de:75:6a:14:6b:0e:e4:d9:
69:21:ae:93:43:a6:09:e7:67:bd:54:f3:d6:d0:2e:
ec:6b:cd:87:3c:0b:f3:a8:8e:b7:9f:78:86:f3:a7:
df:ec:f2:53:ce:59:c9:d6:86:53:04:77:b8:1a:4a:
4c:88:f8:97:c0:c4:ac:db:1a:6c:ea:84:e7:c9:74:
26:5f:19:38:9f:11:fc:66:51:e5:32:44:f5:d1:e2:
70:33:71:1f:fd:7d:c6:47:84:4b:cf:ed:45:7a:85:
38:bd:4b:83:52:19:7d:d4:66:dd:0a:b8:cc:77:2a:
16:22:60:f3:69:9e:bc:1f:b4:1f:d2:19:ed:18:e8:
96:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AA:73:A1:F1:8A:E7:1A:B0:82:A5:6E:60:7B:C3:02:7A:5D:77:49
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SqpzofGK5xqwgqVuYHvDAnpdd0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e7::/48
Signature Algorithm: sha256WithRSAEncryption
0d:bf:b7:31:8a:fc:bc:7b:15:5b:eb:ba:ba:de:28:f5:bf:f5:
37:c5:b6:2c:c8:72:68:e4:0d:e9:6f:49:a0:cf:9f:85:49:7c:
97:06:70:0f:3d:5b:af:85:aa:be:6d:41:af:8b:a9:13:9c:e2:
51:d4:4a:76:3d:8c:1f:0b:f3:99:ac:0d:c2:60:7a:c8:fb:92:
86:b6:24:5e:ef:79:ac:70:6f:98:cb:93:94:8e:dd:6c:5a:66:
9a:fb:f4:8e:58:eb:d4:44:2f:bb:b5:32:00:90:17:59:b0:23:
1b:17:9f:7e:84:a2:4a:13:0e:5a:6d:61:39:43:50:a8:21:6f:
77:3c:00:18:51:7d:e4:b2:c6:47:57:dc:41:82:88:6b:d6:b3:
db:82:8f:94:f8:5f:93:4e:5c:75:f1:fd:b7:3b:34:8d:27:20:
1a:5a:6e:06:00:51:f6:9e:8c:bc:61:a8:4c:20:81:ca:d1:a9:
f4:b3:5f:b8:89:37:2b:38:00:d4:14:0d:5e:94:00:2d:49:c8:
76:d0:e9:9a:a1:d9:1d:04:1d:59:f1:e7:4b:45:b5:90:37:53:
33:2c:50:3f:75:05:44:dd:f0:dd:50:e0:19:94:7b:7b:e0:d6:
e3:91:da:1a:46:f6:5b:50:a6:69:bc:0c:39:31:0c:9d:e3:37:
e1:f8:1a:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtamwiW5rdNA6HW683lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFhNzNhMWYxOGFlNzFhYjA4MmE1NmU2MDdiYzMwMjdhNWQ3NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTpF9I2kx7dYDKq3HAejnwwSCfBg
Ie5w/XodOskOXlHUB1MR+lEtR31RJJMhVI8OUAZKEWO73rp9ll5jG8HLfNbbH/YX
H4Hc5clhW2EGo0cCPZN0veKS/bBPfZ/z7m+0YSBedWhcEhBFFdlUKR1WEFaVinl5
0ikau89gjd7X3nVqFGsO5NlpIa6TQ6YJ52e9VPPW0C7sa82HPAvzqI63n3iG86ff
7PJTzlnJ1oZTBHe4GkpMiPiXwMSs2xps6oTnyXQmXxk4nxH8ZlHlMkT10eJwM3Ef
/X3GR4RLz+1FeoU4vUuDUhl91GbdCrjMdyoWImDzaZ68H7Qf0hntGOiWiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEqqc6HxiucasIKlbmB7wwJ6XXdJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvU3Fwem9mR0s1eHF3Z3FWdVlIdkRBbnBkZDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDn
MA0GCSqGSIb3DQEBCwUAA4IBAQANv7cxivy8exVb67q63ij1v/U3xbYsyHJo5A3p
b0mgz5+FSXyXBnAPPVuvhaq+bUGvi6kTnOJR1Ep2PYwfC/OZrA3CYHrI+5KGtiRe
73mscG+Yy5OUjt1sWmaa+/SOWOvURC+7tTIAkBdZsCMbF59+hKJKEw5abWE5Q1Co
IW93PAAYUX3kssZHV9xBgohr1rPbgo+U+F+TTlx18f23OzSNJyAaWm4GAFH2noy8
YahMIIHK0an0s1+4iTcrOADUFA1elAAtSch20OmaodkdBB1Z8edLRbWQN1MzLFA/
dQVE3fDdUOAZlHt74NbjkdoaRvZbUKZpvAw5MQyd4zfh+Bqe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org