Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZjLNr4dovIDUBmNhF0JhMfAhB68.roa
File: ZjLNr4dovIDUBmNhF0JhMfAhB68.roa (raw, json)
Hash identifier: ZLQgCYho6br26No+lKTXbR0H9Z/kPo2rtwM/dcVn97w=
Subject key identifier: 66:32:CD:AF:87:68:BC:80:D4:06:63:61:17:42:61:31:F0:21:07:AF
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D8099A038DE5E78853CA2CFE83287
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZjLNr4dovIDUBmNhF0JhMfAhB68.roa
Signing time: Tue 06 Feb 2024 17:53:16 +0000
ROA not before: Tue 06 Feb 2024 17:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210985
IP address blocks: 2a0f:b241:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:80:99:a0:38:de:5e:78:85:3c:a2:cf:e8:32:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6632cdaf8768bc80d406636117426131f02107af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:75:66:db:6d:52:ba:d3:ee:51:93:52:e0:ec:
20:c3:77:60:e7:02:69:f4:07:ae:25:8e:54:00:dc:
87:71:1e:d6:b3:c2:03:96:00:98:0a:48:5d:04:c2:
cd:64:ef:d2:b3:47:2f:d7:6e:3a:cf:6d:19:47:16:
ef:d2:18:e1:f0:1b:0a:7a:8a:79:ee:03:57:85:10:
01:96:a0:a4:38:21:02:ff:8a:48:c6:e4:3f:c9:97:
5f:06:b7:6d:4a:db:d3:1e:fd:2f:21:bc:75:a0:65:
32:bc:87:50:dd:76:1c:67:d4:b8:7b:d4:88:8b:e0:
3f:e2:80:08:96:9c:b9:b3:f9:3a:ff:1d:10:cc:1d:
55:f3:c8:eb:5a:92:75:77:e1:ef:c1:0b:48:60:e6:
a3:a0:ad:78:ee:f2:d9:59:df:4a:11:4e:6f:8a:da:
45:f3:56:7a:a6:06:cd:25:30:7e:ee:fe:f4:55:09:
f7:7c:13:fc:34:9c:21:0d:f7:56:69:24:23:df:79:
a6:21:2b:df:51:15:0f:a2:98:4b:a8:ba:92:a7:36:
23:66:04:2c:79:f9:3a:93:ac:38:88:92:dc:b9:23:
4f:80:49:0a:cc:86:6b:4d:65:86:1f:24:21:bf:7d:
77:2f:85:b9:a8:5d:95:2e:5d:22:2f:ce:71:71:1e:
6b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:32:CD:AF:87:68:BC:80:D4:06:63:61:17:42:61:31:F0:21:07:AF
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZjLNr4dovIDUBmNhF0JhMfAhB68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:21::/48
Signature Algorithm: sha256WithRSAEncryption
6b:65:4e:89:0b:53:a4:93:d8:38:a8:33:41:4d:55:e1:fd:46:
09:ce:ae:da:36:d1:b1:3c:e4:ec:a0:57:b9:23:86:ad:66:54:
90:c6:0f:d4:e2:01:99:2f:bc:81:ba:54:d2:45:0e:a0:e3:69:
ec:81:df:af:5b:3a:cd:98:d3:8f:83:29:2d:f4:8a:84:e4:b2:
32:f3:fa:2b:75:34:10:25:df:1c:dd:bd:14:c6:b3:6c:ac:77:
81:c3:60:1d:b5:32:d8:6f:57:45:30:b9:ab:bb:1a:76:a3:c4:
a8:b2:bc:30:58:9c:09:a3:b5:b5:21:7e:6c:98:0c:b3:3f:12:
74:28:3d:ab:a1:b5:07:a0:25:d9:72:7d:52:e3:57:1e:03:9a:
39:d9:de:a8:1b:39:af:fb:96:02:f7:90:03:2c:23:74:1a:04:
71:51:22:de:3e:d4:fa:59:5e:8b:63:38:e0:a2:a9:69:65:79:
36:1c:9c:33:c5:fa:66:a5:c3:16:67:0e:c3:cc:19:a3:81:7f:
95:fb:87:52:02:26:69:ce:51:d9:7d:cc:32:30:c6:61:9d:cd:
96:38:c2:d8:1e:c7:01:da:c9:33:9a:9d:dc:a9:27:d9:fe:ba:
cf:65:37:82:8f:2d:7a:3e:c6:b8:6d:6b:c9:02:c0:f9:69:82:
ba:55:6c:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jYCZoDjeXniFPKLP6DKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMyY2RhZjg3NjhiYzgwZDQwNjYzNjExNzQyNjEzMWYwMjEwN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXVm221SutPuUZNS4Owgw3dg5wJp
9AeuJY5UANyHcR7Ws8IDlgCYCkhdBMLNZO/Ss0cv1246z20ZRxbv0hjh8BsKeop5
7gNXhRABlqCkOCEC/4pIxuQ/yZdfBrdtStvTHv0vIbx1oGUyvIdQ3XYcZ9S4e9SI
i+A/4oAIlpy5s/k6/x0QzB1V88jrWpJ1d+HvwQtIYOajoK147vLZWd9KEU5vitpF
81Z6pgbNJTB+7v70VQn3fBP8NJwhDfdWaSQj33mmISvfURUPophLqLqSpzYjZgQs
efk6k6w4iJLcuSNPgEkKzIZrTWWGHyQhv313L4W5qF2VLl0iL85xcR5r9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGYyza+HaLyA1AZjYRdCYTHwIQevMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWmpMTnI0ZG92SURVQm1OaEYwSmhNZkFoQjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAh
MA0GCSqGSIb3DQEBCwUAA4IBAQBrZU6JC1Okk9g4qDNBTVXh/UYJzq7aNtGxPOTs
oFe5I4atZlSQxg/U4gGZL7yBulTSRQ6g42nsgd+vWzrNmNOPgykt9IqE5LIy8/or
dTQQJd8c3b0UxrNsrHeBw2AdtTLYb1dFMLmruxp2o8SosrwwWJwJo7W1IX5smAyz
PxJ0KD2robUHoCXZcn1S41ceA5o52d6oGzmv+5YC95ADLCN0GgRxUSLePtT6WV6L
YzjgoqlpZXk2HJwzxfpmpcMWZw7DzBmjgX+V+4dSAiZpzlHZfcwyMMZhnc2WOMLY
HscB2skzmp3cqSfZ/rrPZTeCjy16Psa4bWvJAsD5aYK6VWyf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org