Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZmTNRPboFtH9lrBGqUo9RudyVC4.roa
File: ZmTNRPboFtH9lrBGqUo9RudyVC4.roa (raw, json)
Hash identifier: xV8WPYl7zwgrWjsOY+evnDOIrgIYNdpl1OXVp/k22Kk=
Subject key identifier: 66:64:CD:44:F6:E8:16:D1:FD:96:B0:46:A9:4A:3D:46:E7:72:54:2E
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96A583CAAEAF300884136BA02AEBDE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZmTNRPboFtH9lrBGqUo9RudyVC4.roa
Signing time: Tue 06 Feb 2024 18:03:15 +0000
ROA not before: Tue 06 Feb 2024 18:03:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39753
IP address blocks: 2a0f:b241:61::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:a5:83:ca:ae:af:30:08:84:13:6b:a0:2a:eb:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6664cd44f6e816d1fd96b046a94a3d46e772542e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7f:54:56:14:89:2f:51:f2:0e:a4:1b:e8:c5:
bf:19:01:52:48:f2:12:bd:aa:f6:16:30:ad:9b:65:
0a:fc:46:e9:1a:65:60:ea:9a:92:0b:b9:71:93:af:
21:91:60:51:1c:26:98:93:9f:06:3b:b6:b3:d4:da:
8b:3c:5c:34:a6:3e:af:03:ba:47:e0:f2:f4:90:6f:
01:03:f3:96:f9:44:98:1a:ac:39:12:b5:41:2b:fc:
0e:6d:66:61:cc:35:ff:dd:ae:a6:c7:08:a4:5b:7a:
51:e3:e0:9c:b9:02:d9:e4:49:10:65:fb:5f:de:fd:
6c:15:9d:30:be:5d:4a:25:b0:55:2e:ef:59:8f:2b:
50:3d:9c:30:1d:76:bc:08:13:5b:f0:58:c8:af:3e:
2a:3a:e4:b3:6d:d9:9c:78:3c:86:0b:91:2c:62:be:
72:06:8f:7b:6d:a9:bc:69:0d:eb:a7:21:a0:12:80:
67:02:eb:7f:ac:2c:4c:15:6a:aa:2d:6f:26:a5:23:
99:34:b5:af:3d:e4:d9:ba:26:78:41:89:27:7a:fa:
1e:ea:e5:2b:f2:04:c6:39:89:bc:97:14:cf:ad:3d:
e2:99:b1:66:87:df:32:56:a9:3b:4d:e7:c2:83:f7:
6c:ea:c6:e3:34:04:2d:b0:6f:84:9c:98:86:a5:8b:
e4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:64:CD:44:F6:E8:16:D1:FD:96:B0:46:A9:4A:3D:46:E7:72:54:2E
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZmTNRPboFtH9lrBGqUo9RudyVC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:61::/48
Signature Algorithm: sha256WithRSAEncryption
29:c5:e8:b6:f7:9a:a4:f0:f3:58:6c:8b:15:30:d1:9c:0c:61:
94:e5:e3:d0:11:9a:3b:4d:28:0f:bf:40:16:bf:b9:3f:3b:48:
03:21:d9:26:82:35:7e:23:d0:57:1b:17:83:df:f2:8e:29:fe:
a7:a6:9b:55:bc:89:a4:c0:bd:08:75:0f:c6:0d:d9:ae:37:d5:
5d:d6:b3:c5:22:c9:5e:01:c8:e2:93:6f:da:43:17:f4:00:84:
a3:55:0d:e9:53:52:49:b4:02:68:5d:f0:73:96:7a:e7:0e:c3:
95:6c:93:24:92:0a:b0:dd:fc:2a:98:b2:d5:c8:6c:4a:6b:9d:
bc:de:93:7b:df:57:cd:36:e1:a0:69:60:07:3b:ef:f8:97:13:
48:84:5c:f8:76:b0:92:04:da:f1:25:39:2b:2d:c3:aa:a6:f4:
1d:34:ed:9d:4c:60:4f:15:11:02:0f:84:0a:32:cf:2b:b9:1c:
ac:e7:d9:f1:db:e2:14:87:3a:b2:43:de:72:3e:e1:cb:95:d8:
fe:81:7d:6b:44:25:7a:f7:02:d1:ba:e0:35:a8:5b:86:ea:1b:
1c:87:25:e5:46:b3:ee:0a:de:f0:01:e1:37:3c:c2:9c:04:32:
99:df:2a:10:4b:2e:b2:93:e7:f2:d6:74:2e:2f:a2:f8:27:7c:
fc:69:b9:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqWDyq6vMAiEE2ugKuveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY0Y2Q0NGY2ZTgxNmQxZmQ5NmIwNDZhOTRhM2Q0NmU3NzI1NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh39UVhSJL1HyDqQb6MW/GQFSSPIS
var2FjCtm2UK/EbpGmVg6pqSC7lxk68hkWBRHCaYk58GO7az1NqLPFw0pj6vA7pH
4PL0kG8BA/OW+USYGqw5ErVBK/wObWZhzDX/3a6mxwikW3pR4+CcuQLZ5EkQZftf
3v1sFZ0wvl1KJbBVLu9ZjytQPZwwHXa8CBNb8FjIrz4qOuSzbdmceDyGC5EsYr5y
Bo97bam8aQ3rpyGgEoBnAut/rCxMFWqqLW8mpSOZNLWvPeTZuiZ4QYknevoe6uUr
8gTGOYm8lxTPrT3imbFmh98yVqk7TefCg/ds6sbjNAQtsG+EnJiGpYvkpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGZkzUT26BbR/ZawRqlKPUbnclQuMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWm1UTlJQYm9GdEg5bHJCR3FVbzlSdWR5VkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBh
MA0GCSqGSIb3DQEBCwUAA4IBAQApxei295qk8PNYbIsVMNGcDGGU5ePQEZo7TSgP
v0AWv7k/O0gDIdkmgjV+I9BXGxeD3/KOKf6npptVvImkwL0IdQ/GDdmuN9Vd1rPF
IsleAcjik2/aQxf0AISjVQ3pU1JJtAJoXfBzlnrnDsOVbJMkkgqw3fwqmLLVyGxK
a5283pN731fNNuGgaWAHO+/4lxNIhFz4drCSBNrxJTkrLcOqpvQdNO2dTGBPFREC
D4QKMs8ruRys59nx2+IUhzqyQ95yPuHLldj+gX1rRCV69wLRuuA1qFuG6hschyXl
RrPuCt7wAeE3PMKcBDKZ3yoQSy6yk+fy1nQuL6L4J3z8ablS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org