Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TWr2ER2CL0SlzxuktORZR7WGoig.roa
File: TWr2ER2CL0SlzxuktORZR7WGoig.roa (raw, json)
Hash identifier: Ce2tVoGw5qOUmweoD1enTwbbythVh8E2V107a87oAbc=
Subject key identifier: 4D:6A:F6:11:1D:82:2F:44:A5:CF:1B:A4:B4:E4:59:47:B5:86:A2:28
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F063D2E90F8C180A3DC45AA6E75DB6
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TWr2ER2CL0SlzxuktORZR7WGoig.roa
Signing time: Wed 07 Feb 2024 05:00:31 +0000
ROA not before: Wed 07 Feb 2024 05:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51856
IP address blocks: 2a0f:b241:11c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:63:d2:e9:0f:8c:18:0a:3d:c4:5a:a6:e7:5d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6af6111d822f44a5cf1ba4b4e45947b586a228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:be:39:ab:a9:ee:f1:9d:c0:d2:61:28:fd:6b:
0d:f5:70:e8:17:18:a8:a8:1c:a8:63:68:39:ac:3e:
96:cc:28:64:f2:c0:16:9c:b7:e3:57:52:7c:3a:0b:
8a:b8:07:dc:68:97:10:c0:3a:64:c2:9d:e2:cd:74:
fa:f2:1b:fd:dc:39:fa:21:35:f2:be:3a:cb:0c:67:
9b:bf:02:2d:ea:3a:c7:87:9f:ab:4e:37:72:ce:03:
2f:c0:0a:c9:83:65:2b:2a:1c:26:7e:2d:c4:96:54:
00:e0:c0:81:ff:c3:f6:41:c7:b5:60:08:24:c2:9c:
b1:de:19:1d:0b:8a:f6:d5:d9:ba:93:f2:53:5e:fe:
11:9e:96:a7:43:cc:e1:ad:ec:b2:cc:ad:bc:7e:ea:
6f:9d:4a:3c:d1:a6:e8:1d:02:41:46:bb:06:d1:87:
48:ba:e2:24:aa:e6:62:6f:78:32:eb:f6:80:14:f0:
42:43:f0:99:89:89:ef:5e:8c:01:9b:a9:77:e4:8e:
31:1d:9e:a2:f8:26:6f:ec:88:47:69:92:dd:47:81:
45:af:59:75:f4:39:96:9a:b8:0f:8b:51:24:d5:e2:
20:29:06:73:9a:81:ca:6e:2e:b3:73:1c:7b:75:18:
87:f5:c6:03:4e:9a:af:67:c3:ec:57:06:9e:f1:4c:
7b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6A:F6:11:1D:82:2F:44:A5:CF:1B:A4:B4:E4:59:47:B5:86:A2:28
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TWr2ER2CL0SlzxuktORZR7WGoig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11c::/48
Signature Algorithm: sha256WithRSAEncryption
6f:ef:d4:a7:a1:6a:c0:18:ce:20:97:75:52:ea:2a:a9:61:32:
1b:c9:90:f6:5b:2b:79:0a:91:87:a0:01:c0:b1:bb:f1:74:03:
3a:af:74:b4:bd:f1:62:79:ba:02:6b:a8:2a:a3:c3:bc:3c:22:
4f:6d:10:04:87:d9:10:87:f8:a1:88:78:1d:67:bd:9c:31:c5:
0f:d9:f6:b3:06:a8:8a:37:85:81:9d:b1:3b:7e:2c:3c:93:d1:
ad:be:07:dc:34:29:51:ff:c4:61:11:11:e2:53:96:cc:16:a3:
61:7e:46:01:9b:3c:63:ec:e5:10:24:c9:d9:44:1b:c8:8e:89:
1e:a3:eb:0a:0c:c7:a6:cb:dd:b8:d5:71:84:94:bd:9c:29:4a:
8b:51:1a:37:42:e0:38:0b:df:33:0c:08:a1:b9:81:ae:0e:df:
18:75:77:ab:14:96:8a:ce:22:2b:63:40:fa:df:09:a7:8b:07:
8c:df:8c:a2:66:65:47:c7:33:21:cc:97:38:00:0f:06:b4:4f:
40:9d:71:6d:9d:a6:67:dc:d2:51:40:61:4f:fb:de:27:46:d9:
c5:82:e0:9c:da:47:a6:ff:43:06:cf:72:a1:6b:9b:c3:4e:d0:
37:b9:2a:53:79:7d:20:43:61:4f:f5:31:af:de:92:34:bc:4a:
fe:75:e5:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GPS6Q+MGAo9xFqm5122MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZhZjYxMTFkODIyZjQ0YTVjZjFiYTRiNGU0NTk0N2I1ODZhMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr45q6nu8Z3A0mEo/WsN9XDoFxio
qByoY2g5rD6WzChk8sAWnLfjV1J8OguKuAfcaJcQwDpkwp3izXT68hv93Dn6ITXy
vjrLDGebvwIt6jrHh5+rTjdyzgMvwArJg2UrKhwmfi3EllQA4MCB/8P2Qce1YAgk
wpyx3hkdC4r21dm6k/JTXv4RnpanQ8zhreyyzK28fupvnUo80aboHQJBRrsG0YdI
uuIkquZib3gy6/aAFPBCQ/CZiYnvXowBm6l35I4xHZ6i+CZv7IhHaZLdR4FFr1l1
9DmWmrgPi1Ek1eIgKQZzmoHKbi6zcxx7dRiH9cYDTpqvZ8PsVwae8Ux7KQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE1q9hEdgi9Epc8bpLTkWUe1hqIoMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVFdyMkVSMkNMMFNsenh1a3RPUlpSN1dHb2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEc
MA0GCSqGSIb3DQEBCwUAA4IBAQBv79SnoWrAGM4gl3VS6iqpYTIbyZD2Wyt5CpGH
oAHAsbvxdAM6r3S0vfFieboCa6gqo8O8PCJPbRAEh9kQh/ihiHgdZ72cMcUP2faz
BqiKN4WBnbE7fiw8k9GtvgfcNClR/8RhERHiU5bMFqNhfkYBmzxj7OUQJMnZRBvI
jokeo+sKDMemy9241XGElL2cKUqLURo3QuA4C98zDAihuYGuDt8YdXerFJaKziIr
Y0D63wmniweM34yiZmVHxzMhzJc4AA8GtE9AnXFtnaZn3NJRQGFP+94nRtnFguCc
2kem/0MGz3Kha5vDTtA3uSpTeX0gQ2FP9TGv3pI0vEr+deXd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org