Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Z6ZEUW_ya5OacP5KzJu8k_1gEc4.roa
File: Z6ZEUW_ya5OacP5KzJu8k_1gEc4.roa (raw, json)
Hash identifier: TrOmz0Gv/mTMJAaLdMc/qOkcUwGvRTZmMI3L3WHVr9s=
Subject key identifier: 67:A6:44:51:6F:F2:6B:93:9A:70:FE:4A:CC:9B:BC:93:FD:60:11:CE
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB7A348E5A2EED570E3BAE22A2C8441
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Z6ZEUW_ya5OacP5KzJu8k_1gEc4.roa
Signing time: Tue 06 Feb 2024 18:39:17 +0000
ROA not before: Tue 06 Feb 2024 18:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211444
IP address blocks: 2a0f:b241:146::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b7:a3:48:e5:a2:ee:d5:70:e3:ba:e2:2a:2c:84:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a644516ff26b939a70fe4acc9bbc93fd6011ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:04:a3:d1:c6:cd:2c:47:8b:2f:9d:eb:4d:bd:
1b:1a:11:21:9a:f5:98:e9:c3:7a:d9:db:62:e2:fd:
48:98:67:f2:42:bc:2e:cf:7e:19:f4:c3:7e:aa:1f:
0b:0f:a3:7d:d9:ec:c3:e6:fe:9a:49:a2:52:67:c0:
a4:a9:8a:97:33:12:de:76:24:b5:18:39:35:9e:07:
77:3c:70:05:95:8e:d0:68:e6:36:a8:96:92:e1:0d:
ca:6d:77:a4:b2:bc:2b:86:9c:24:dd:b3:08:68:0c:
42:5a:1f:64:a1:ae:cd:1b:20:97:35:ad:a3:0d:9a:
48:4f:f3:ce:31:03:9f:42:43:09:40:11:d7:75:cf:
5b:8e:5b:79:3c:06:a7:f2:45:39:1a:aa:32:71:e5:
33:cf:f9:9a:30:68:2b:6f:34:a4:2c:c3:b8:58:74:
a3:79:a5:8d:8e:f3:61:3f:27:bc:80:fc:c2:45:b9:
ee:ae:fd:38:72:76:66:9b:71:42:b6:1f:61:96:5b:
84:63:72:66:31:43:91:6b:9a:55:0d:b6:37:de:82:
ef:ea:70:bc:0b:76:8e:73:93:68:b3:67:d4:9d:3b:
1a:49:bb:f3:a7:e3:9e:58:62:47:71:96:ea:b3:89:
78:b8:a3:a7:06:5c:9b:af:41:5c:0b:9c:c3:77:4e:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A6:44:51:6F:F2:6B:93:9A:70:FE:4A:CC:9B:BC:93:FD:60:11:CE
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Z6ZEUW_ya5OacP5KzJu8k_1gEc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:146::/48
Signature Algorithm: sha256WithRSAEncryption
3c:8e:e7:1e:39:ed:c6:8e:18:e3:61:0d:3f:57:36:6d:cf:15:
51:93:14:f3:a6:e9:a4:20:36:8b:00:2f:ae:a2:2a:21:ca:19:
f2:e9:ea:2d:76:a6:74:74:bc:36:e0:e5:8e:30:34:f6:43:78:
a5:cb:69:9a:a6:21:8a:97:58:e2:bb:ea:96:af:51:92:08:0b:
7c:88:d8:3f:ac:d0:58:d2:b6:93:11:31:0e:8a:05:9b:69:d5:
c1:2f:49:74:9d:16:5f:67:c9:58:33:f6:cc:48:a4:bb:23:e0:
cc:92:87:1c:ed:1f:fb:2a:64:d4:a7:d3:89:82:30:63:15:97:
dd:4e:34:bf:26:f1:24:7a:b7:5b:e8:b0:e7:5f:bb:e3:a1:6f:
bc:82:5a:0f:e0:11:7d:83:98:31:d7:da:01:7d:a8:3d:b7:4c:
09:92:3b:38:39:5f:ff:cf:e8:09:66:f0:d6:f6:b4:57:ae:31:
a6:26:1a:c3:a9:4d:17:f4:1a:33:93:eb:a7:22:58:a7:7f:94:
5e:d1:5e:3c:65:70:7b:05:20:74:84:5b:01:69:e9:61:ca:5f:
11:10:7e:49:6e:cf:98:5c:bd:cd:a9:29:fc:40:0b:c7:53:01:
62:f2:12:bb:1d:74:cf:64:b9:70:82:3b:01:33:5a:7a:fc:15:
1e:97:5e:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6NI5aLu1XDjuuIqLIRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E2NDQ1MTZmZjI2YjkzOWE3MGZlNGFjYzliYmM5M2ZkNjAxMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gSj0cbNLEeLL53rTb0bGhEhmvWY
6cN62dti4v1ImGfyQrwuz34Z9MN+qh8LD6N92ezD5v6aSaJSZ8CkqYqXMxLediS1
GDk1ngd3PHAFlY7QaOY2qJaS4Q3KbXeksrwrhpwk3bMIaAxCWh9koa7NGyCXNa2j
DZpIT/POMQOfQkMJQBHXdc9bjlt5PAan8kU5GqoyceUzz/maMGgrbzSkLMO4WHSj
eaWNjvNhPye8gPzCRbnurv04cnZmm3FCth9hlluEY3JmMUORa5pVDbY33oLv6nC8
C3aOc5Nos2fUnTsaSbvzp+OeWGJHcZbqs4l4uKOnBlybr0FcC5zDd06H+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGemRFFv8muTmnD+SsybvJP9YBHOMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWjZaRVVXX3lhNU9hY1A1S3pKdThrXzFnRWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFG
MA0GCSqGSIb3DQEBCwUAA4IBAQA8juceOe3GjhjjYQ0/VzZtzxVRkxTzpumkIDaL
AC+uoiohyhny6eotdqZ0dLw24OWOMDT2Q3ily2mapiGKl1jiu+qWr1GSCAt8iNg/
rNBY0raTETEOigWbadXBL0l0nRZfZ8lYM/bMSKS7I+DMkocc7R/7KmTUp9OJgjBj
FZfdTjS/JvEkerdb6LDnX7vjoW+8gloP4BF9g5gx19oBfag9t0wJkjs4OV//z+gJ
ZvDW9rRXrjGmJhrDqU0X9Bozk+unIlinf5Re0V48ZXB7BSB0hFsBaelhyl8REH5J
bs+YXL3NqSn8QAvHUwFi8hK7HXTPZLlwgjsBM1p6/BUel16r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org