Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Thh3XCykvpiKQKyv6dajVBOFoys.roa
File: Thh3XCykvpiKQKyv6dajVBOFoys.roa (raw, json)
Hash identifier: Ay4eiJAUH9L28YaAoMKj+QyqGLP5GeXASW48V1HZuIQ=
Subject key identifier: 4E:18:77:5C:2C:A4:BE:98:8A:40:AC:AF:E9:D6:A3:54:13:85:A3:2B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F9496BE13EFC39E51B87BA0FD13AC10
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Thh3XCykvpiKQKyv6dajVBOFoys.roa
Signing time: Tue 06 Feb 2024 18:01:00 +0000
ROA not before: Tue 06 Feb 2024 18:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205980
IP address blocks: 2a0f:b241:3a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:94:96:be:13:ef:c3:9e:51:b8:7b:a0:fd:13:ac:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e18775c2ca4be988a40acafe9d6a3541385a32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f4:10:2a:d9:a6:9a:fc:d6:50:a7:1e:55:db:
29:3a:22:2e:80:bf:bc:f9:39:00:70:d3:49:fb:84:
1b:88:a7:8c:24:30:82:2b:2c:8d:32:43:1d:1a:82:
ef:1f:f0:25:5b:43:77:d6:f5:6b:99:8d:39:05:96:
73:e1:ff:eb:d3:74:cc:c2:4a:9f:78:6d:b2:53:bc:
c5:f0:f4:3d:36:84:52:82:3e:3d:fb:ed:f0:1a:34:
74:49:d9:60:a6:60:84:05:04:4c:8a:7f:8c:5f:49:
9f:e9:bc:6a:9f:2c:3d:a6:7e:5d:99:47:fc:05:e3:
bf:04:23:74:b5:77:a6:53:b3:e4:f8:8b:cf:7d:8c:
23:47:c1:94:5c:3d:5c:da:20:c5:41:d8:b3:15:42:
5a:44:52:90:51:4a:18:6e:d4:6b:7d:19:f3:b5:09:
8c:53:76:e9:83:27:d7:3c:d6:13:71:21:41:f9:e5:
63:0a:73:b9:21:a4:d8:c4:d3:f3:5c:38:c7:62:c6:
fb:21:11:06:dd:79:a2:7f:6c:fa:2f:31:b2:f1:fa:
28:ef:e6:95:2e:60:05:6d:17:8f:33:f0:51:21:62:
3c:ab:92:c0:d4:c1:cd:a6:b8:af:f8:47:82:7f:e0:
2f:e2:18:8a:9a:32:92:c2:03:f0:45:8e:07:d3:1e:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:18:77:5C:2C:A4:BE:98:8A:40:AC:AF:E9:D6:A3:54:13:85:A3:2B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Thh3XCykvpiKQKyv6dajVBOFoys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:3a::/48
Signature Algorithm: sha256WithRSAEncryption
1b:9a:24:f2:d7:15:30:a0:17:5c:dd:84:1b:9f:b8:0b:8c:c7:
87:c3:e9:5f:d4:b6:05:ba:64:bf:7a:52:3d:cb:26:5f:eb:fb:
f7:df:e8:2c:82:66:ce:16:ee:11:a7:d7:62:b3:9f:eb:57:1c:
2b:ca:78:c8:ef:71:1d:e4:34:ff:b1:b6:9a:16:f3:6a:75:21:
dd:09:e8:37:af:d4:9c:b4:c8:b4:1b:a8:a6:36:09:64:95:6a:
01:b7:65:0b:1b:a2:bc:09:2f:76:83:48:d0:5d:4f:31:e1:ce:
88:7b:dd:5d:79:ef:3d:bb:d8:8e:26:53:89:fa:aa:f1:20:05:
bd:42:67:dd:02:07:6c:aa:b2:25:93:cf:46:5a:9b:01:7e:ce:
ea:bf:98:f9:a2:d2:85:bc:06:8f:0c:f0:99:d9:e0:03:8f:0a:
03:e1:03:10:92:7f:b4:50:de:ce:7e:59:72:08:9a:35:2e:ae:
96:12:59:bc:ac:39:0e:dc:9f:fb:56:17:80:06:5f:cc:32:ff:
3b:4b:5d:e3:d3:67:61:ae:25:6f:ce:8f:b7:6d:64:cd:02:48:
dd:df:af:69:c4:3f:92:0b:89:b1:96:c7:ac:04:c9:a1:29:b9:
eb:1c:84:10:2f:a8:1e:0a:09:31:1b:51:52:6f:9c:4f:7a:1b:
bc:f5:a3:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lJa+E+/DnlG4e6D9E6wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE4Nzc1YzJjYTRiZTk4OGE0MGFjYWZlOWQ2YTM1NDEzODVhMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPQQKtmmmvzWUKceVdspOiIugL+8
+TkAcNNJ+4QbiKeMJDCCKyyNMkMdGoLvH/AlW0N31vVrmY05BZZz4f/r03TMwkqf
eG2yU7zF8PQ9NoRSgj49++3wGjR0SdlgpmCEBQRMin+MX0mf6bxqnyw9pn5dmUf8
BeO/BCN0tXemU7Pk+IvPfYwjR8GUXD1c2iDFQdizFUJaRFKQUUoYbtRrfRnztQmM
U3bpgyfXPNYTcSFB+eVjCnO5IaTYxNPzXDjHYsb7IREG3Xmif2z6LzGy8foo7+aV
LmAFbRePM/BRIWI8q5LA1MHNpriv+EeCf+Av4hiKmjKSwgPwRY4H0x7kOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE4Yd1wspL6YikCsr+nWo1QThaMrMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVGhoM1hDeWt2cGlLUUt5djZkYWpWQk9Gb3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA6
MA0GCSqGSIb3DQEBCwUAA4IBAQAbmiTy1xUwoBdc3YQbn7gLjMeHw+lf1LYFumS/
elI9yyZf6/v33+gsgmbOFu4Rp9dis5/rVxwrynjI73Ed5DT/sbaaFvNqdSHdCeg3
r9SctMi0G6imNglklWoBt2ULG6K8CS92g0jQXU8x4c6Ie91dee89u9iOJlOJ+qrx
IAW9QmfdAgdsqrIlk89GWpsBfs7qv5j5otKFvAaPDPCZ2eADjwoD4QMQkn+0UN7O
fllyCJo1Lq6WElm8rDkO3J/7VheABl/MMv87S13j02dhriVvzo+3bWTNAkjd369p
xD+SC4mxlsesBMmhKbnrHIQQL6geCgkxG1FSb5xPehu89aMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org