Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TXXyMracCOU6yHKN4wCRWEjU0fo.roa
File: TXXyMracCOU6yHKN4wCRWEjU0fo.roa (raw, json)
Hash identifier: 9tMmqKOZkzjFBlduHueSheHQpEsWWEQPffz5bLDOacs=
Subject key identifier: 4D:75:F2:32:B6:9C:08:E5:3A:C8:72:8D:E3:00:91:58:48:D4:D1:FA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81FECD46B7F394CAA0FAC6D65C32551C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TXXyMracCOU6yHKN4wCRWEjU0fo.roa
Signing time: Wed 07 Feb 2024 05:16:16 +0000
ROA not before: Wed 07 Feb 2024 05:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199347
IP address blocks: 2a0f:b241:69::/48 maxlen: 48
2a0f:b241:6e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:fe:cd:46:b7:f3:94:ca:a0:fa:c6:d6:5c:32:55:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d75f232b69c08e53ac8728de300915848d4d1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:43:80:2f:ba:eb:8f:f5:ee:12:d9:97:1c:75:
04:d5:89:69:4f:88:e6:76:dc:c9:09:88:ab:3f:60:
83:2c:a7:5b:a6:06:b1:46:2b:b7:16:1f:5a:f0:1b:
70:c7:07:ab:43:0b:0c:d0:b9:a2:e1:21:2f:0b:9a:
6d:2e:81:fb:6a:40:3d:41:5f:04:5a:4c:7b:23:e5:
dd:b8:be:7e:1e:29:82:4e:20:58:27:9f:2d:64:1d:
b5:8d:81:f7:6a:be:80:cd:ee:f4:5c:e3:5e:69:ec:
e8:2a:b9:6b:fe:87:ca:fc:2f:56:8d:2f:e7:58:f3:
fe:34:14:ac:7b:60:5c:0a:f9:0b:39:f3:14:e7:5c:
80:f6:f2:16:0b:46:0c:95:b8:80:a6:dc:4a:e0:c7:
6a:00:0d:be:7e:6f:8a:58:58:33:5b:f3:12:2c:3c:
db:66:eb:13:d0:61:d6:89:eb:d0:5c:2b:0c:4f:f8:
1b:d1:ff:ee:ae:a2:63:0a:40:e7:07:3d:40:a4:12:
a1:9e:88:66:fa:3c:bd:7e:99:86:ed:e2:c5:c3:e5:
89:06:11:f4:1c:93:91:4c:4b:1d:ff:73:a1:12:15:
5e:4e:50:a5:75:a3:66:0c:7f:d5:cb:3d:83:41:f1:
28:e1:8f:64:39:1e:5a:43:d3:26:b1:df:c7:b8:a2:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:75:F2:32:B6:9C:08:E5:3A:C8:72:8D:E3:00:91:58:48:D4:D1:FA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TXXyMracCOU6yHKN4wCRWEjU0fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:69::/48
2a0f:b241:6e::/48
Signature Algorithm: sha256WithRSAEncryption
8f:46:7c:99:9d:a8:98:d6:91:92:ce:8e:e7:3f:37:09:2e:d2:
4f:f9:bd:2f:f7:f1:23:06:a1:34:ca:6d:62:21:3d:a8:23:f5:
1d:08:3c:e1:87:68:8c:2f:c4:bc:f0:df:eb:ce:f9:64:1c:e2:
b3:87:3a:78:03:76:27:e8:1c:ca:08:79:bd:7c:88:96:3f:e0:
de:51:f5:f2:66:d4:96:a2:47:d6:2e:59:c3:0a:41:dc:76:94:
0e:00:dc:2d:af:f7:10:1a:45:33:4d:e6:0e:75:55:20:ef:b0:
88:74:f2:4c:83:7c:4f:bd:92:4e:a4:d8:f1:a7:c3:8c:59:1b:
4f:b1:1b:c8:8e:c7:da:ef:b2:70:9b:80:93:7c:7b:4c:73:e8:
30:31:e8:35:52:17:09:fe:77:15:4f:0d:4a:40:eb:43:7e:62:
23:0d:a5:f1:91:97:e8:77:9f:f1:1b:3d:1e:6f:eb:b6:00:95:
87:30:bd:67:5c:88:29:c4:96:45:dc:58:12:33:be:6b:da:9c:
95:da:f7:3c:07:2d:9d:c1:82:f3:b1:6a:c6:f4:7d:8a:cf:4f:
88:31:87:e5:aa:14:37:b5:98:0f:d9:15:7b:f8:6a:48:f5:06:
b7:80:37:b4:8e:80:a9:5b:99:fb:63:65:d3:de:0d:7a:7f:55:
78:5a:1a:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2B/s1Gt/OUyqD6xtZcMlUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc1ZjIzMmI2OWMwOGU1M2FjODcyOGRlMzAwOTE1ODQ4ZDRkMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUOAL7rrj/XuEtmXHHUE1YlpT4jm
dtzJCYirP2CDLKdbpgaxRiu3Fh9a8BtwxwerQwsM0Lmi4SEvC5ptLoH7akA9QV8E
Wkx7I+XduL5+HimCTiBYJ58tZB21jYH3ar6Aze70XONeaezoKrlr/ofK/C9WjS/n
WPP+NBSse2BcCvkLOfMU51yA9vIWC0YMlbiAptxK4MdqAA2+fm+KWFgzW/MSLDzb
ZusT0GHWievQXCsMT/gb0f/urqJjCkDnBz1ApBKhnohm+jy9fpmG7eLFw+WJBhH0
HJORTEsd/3OhEhVeTlCldaNmDH/Vyz2DQfEo4Y9kOR5aQ9Mmsd/HuKIjSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE118jK2nAjlOshyjeMAkVhI1NH6MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVFhYeU1yYWNDT1U2eUhLTjR3Q1JXRWpVMGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQBp
AwcAKg+yQQBuMA0GCSqGSIb3DQEBCwUAA4IBAQCPRnyZnaiY1pGSzo7nPzcJLtJP
+b0v9/EjBqE0ym1iIT2oI/UdCDzhh2iML8S88N/rzvlkHOKzhzp4A3Yn6BzKCHm9
fIiWP+DeUfXyZtSWokfWLlnDCkHcdpQOANwtr/cQGkUzTeYOdVUg77CIdPJMg3xP
vZJOpNjxp8OMWRtPsRvIjsfa77Jwm4CTfHtMc+gwMeg1UhcJ/ncVTw1KQOtDfmIj
DaXxkZfod5/xGz0eb+u2AJWHML1nXIgpxJZF3FgSM75r2pyV2vc8By2dwYLzsWrG
9H2Kz0+IMYflqhQ3tZgP2RV7+GpI9Qa3gDe0joCpW5n7Y2XT3g16f1V4Whoo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org