Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T9lN-9-SNDXAFmCGy8HzGpcVHxI.roa
File: T9lN-9-SNDXAFmCGy8HzGpcVHxI.roa (raw, json)
Hash identifier: BMrBpk7REkasd2llAkJb6H9W3Tp1A6zkSWb3ZPJqtJU=
Subject key identifier: 4F:D9:4D:FB:DF:92:34:35:C0:16:60:86:CB:C1:F3:1A:97:15:1F:12
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD8EB17D7C8B300AE958D72093F77D
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T9lN-9-SNDXAFmCGy8HzGpcVHxI.roa
Signing time: Tue 06 Feb 2024 18:28:17 +0000
ROA not before: Tue 06 Feb 2024 18:28:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216079
IP address blocks: 2a0f:b241:106::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:8e:b1:7d:7c:8b:30:0a:e9:58:d7:20:93:f7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fd94dfbdf923435c0166086cbc1f31a97151f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c3:cb:d2:50:1b:bf:b5:45:8a:ff:d7:17:7a:
9d:69:47:a9:e7:12:55:21:30:7c:e4:43:0b:a0:bb:
9f:6e:38:e2:8c:76:25:73:f2:f4:92:c5:9f:77:3a:
3a:87:d6:7d:9a:40:81:da:e1:a7:25:49:8d:60:25:
b0:ba:93:be:cd:fc:06:ca:4c:bb:af:67:92:b1:0f:
52:17:0f:8c:38:34:5d:05:d4:01:5c:13:ff:cf:d0:
20:93:c9:94:a9:b7:50:7b:ea:88:f5:d9:fc:fa:ce:
a6:f4:34:c4:ec:c4:6d:7e:70:8c:d9:8c:9a:ae:27:
ce:49:53:d7:33:87:33:4a:f6:3b:4a:72:a9:10:79:
e6:78:cc:b5:2c:37:66:4b:46:b1:87:00:43:f6:82:
b8:72:28:fe:1c:0e:f2:bb:c7:43:b4:ae:de:27:d9:
82:11:16:17:3b:10:2b:81:4b:1a:c4:0d:39:2c:60:
6d:47:61:93:55:83:d6:ae:d7:a5:46:8c:82:3f:5e:
b3:a8:01:14:2c:40:09:dc:5d:a9:a4:45:a9:32:46:
ad:ea:0d:9f:b3:48:5d:55:c5:f6:11:3f:e2:e5:63:
3b:8b:75:b8:48:33:51:ea:f6:0b:6c:20:36:c8:9e:
68:13:8a:4e:7d:89:0d:fa:12:1c:2f:c8:27:74:fe:
f8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D9:4D:FB:DF:92:34:35:C0:16:60:86:CB:C1:F3:1A:97:15:1F:12
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T9lN-9-SNDXAFmCGy8HzGpcVHxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:106::/48
Signature Algorithm: sha256WithRSAEncryption
74:72:c2:4a:71:bf:94:7d:d4:e1:c2:b5:ed:da:d2:71:72:88:
33:9f:7a:d9:ff:19:fa:e9:27:d7:23:28:66:f5:c7:3c:50:81:
07:64:d2:03:f7:e8:c4:6f:48:d0:91:c5:86:db:22:f4:78:52:
7c:ce:98:e4:88:69:ec:4c:a7:07:a9:bb:eb:0d:c7:e5:ab:66:
b6:3d:1c:90:84:66:de:3c:54:22:e4:d6:be:ed:57:3c:3e:e3:
d8:f7:08:4a:c4:7c:ce:27:97:f0:f7:b7:95:96:c3:2c:f9:00:
d9:c8:af:93:a6:20:a4:cf:72:4a:93:7a:d9:0a:0e:5a:1f:17:
b5:0d:eb:39:e1:c1:37:18:6e:b7:58:23:70:f0:87:f7:e7:fe:
c7:eb:73:62:f6:2b:c3:90:58:79:b3:ea:05:1d:0f:84:35:f8:
64:67:ba:6b:17:6f:22:f5:b5:98:be:f3:94:50:f5:28:a4:5e:
2a:56:3f:61:fc:90:fb:e3:4e:43:a7:06:b7:c4:11:e3:80:1f:
88:9b:81:20:98:f6:04:1f:2c:8f:18:aa:dc:f7:6d:b7:0b:59:
11:fa:45:50:31:27:c9:16:d0:0b:68:5b:da:33:47:92:a2:eb:
a3:c3:e2:a9:ae:14:3b:56:09:07:36:15:4f:f3:b0:d0:bc:2b:
37:8a:aa:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rY6xfXyLMArpWNcgk/d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ5NGRmYmRmOTIzNDM1YzAxNjYwODZjYmMxZjMxYTk3MTUxZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsPL0lAbv7VFiv/XF3qdaUep5xJV
ITB85EMLoLufbjjijHYlc/L0ksWfdzo6h9Z9mkCB2uGnJUmNYCWwupO+zfwGyky7
r2eSsQ9SFw+MODRdBdQBXBP/z9Agk8mUqbdQe+qI9dn8+s6m9DTE7MRtfnCM2Yya
rifOSVPXM4czSvY7SnKpEHnmeMy1LDdmS0axhwBD9oK4cij+HA7yu8dDtK7eJ9mC
ERYXOxArgUsaxA05LGBtR2GTVYPWrtelRoyCP16zqAEULEAJ3F2ppEWpMkat6g2f
s0hdVcX2ET/i5WM7i3W4SDNR6vYLbCA2yJ5oE4pOfYkN+hIcL8gndP74+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE/ZTfvfkjQ1wBZghsvB8xqXFR8SMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVDlsTi05LVNORFhBRm1DR3k4SHpHcGNWSHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEG
MA0GCSqGSIb3DQEBCwUAA4IBAQB0csJKcb+UfdThwrXt2tJxcogzn3rZ/xn66SfX
Iyhm9cc8UIEHZNID9+jEb0jQkcWG2yL0eFJ8zpjkiGnsTKcHqbvrDcflq2a2PRyQ
hGbePFQi5Na+7Vc8PuPY9whKxHzOJ5fw97eVlsMs+QDZyK+TpiCkz3JKk3rZCg5a
Hxe1Des54cE3GG63WCNw8If35/7H63Ni9ivDkFh5s+oFHQ+ENfhkZ7prF28i9bWY
vvOUUPUopF4qVj9h/JD7405Dpwa3xBHjgB+Im4EgmPYEHyyPGKrc9223C1kR+kVQ
MSfJFtALaFvaM0eSouujw+KprhQ7VgkHNhVP87DQvCs3iqqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org