Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/_TnPbCNrRc-sKK7IRg09tviiE10.roa
File: _TnPbCNrRc-sKK7IRg09tviiE10.roa (raw, json)
Hash identifier: 3nAc27E3PepPhztdNsgQmQPV9dWH0TTwP/4zC6JvNhw=
Subject key identifier: FD:39:CF:6C:23:6B:45:CF:AC:28:AE:C8:46:0D:3D:B6:F8:A2:13:5D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD1DBAFFB537C659E0DBD96BD22DB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/_TnPbCNrRc-sKK7IRg09tviiE10.roa
Signing time: Tue 06 Feb 2024 18:25:17 +0000
ROA not before: Tue 06 Feb 2024 18:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202427
IP address blocks: 2a0f:b241:e2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d1:db:af:fb:53:7c:65:9e:0d:bd:96:bd:22:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd39cf6c236b45cfac28aec8460d3db6f8a2135d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b5:d0:1e:e5:b9:4c:3b:bb:3d:46:ab:21:12:
d8:7a:ed:1c:50:2c:3e:31:87:7e:72:1a:b4:35:25:
2e:b7:56:5e:01:8e:fe:1d:4d:09:a3:2f:59:9f:87:
00:65:21:e3:3a:c7:ac:3b:fc:ab:d6:84:c2:c6:33:
24:6f:64:77:f8:dd:e2:e4:42:87:7a:d7:a1:bc:e5:
30:ad:c4:02:f8:5f:d6:44:3c:d1:dc:7e:c9:e3:0f:
35:cc:cd:b4:4a:dd:5d:2a:96:01:01:46:c2:05:9b:
bf:71:5b:c4:89:da:b7:98:e0:ca:c5:72:e8:19:8e:
03:9b:8e:94:fd:80:fc:16:26:bb:be:f9:ed:b2:d0:
4d:82:a2:83:18:c1:c2:78:85:9b:6e:1c:57:37:d8:
f4:d9:21:2e:17:0a:68:e3:54:c5:df:21:2c:07:bc:
b0:3f:f0:c2:0f:c1:31:13:b5:3c:e9:2b:2b:26:67:
d7:61:e3:95:78:bf:eb:24:50:c4:3b:10:96:39:2e:
fe:9d:8a:50:28:ca:12:7c:13:9c:9b:e2:50:37:32:
2f:ba:9e:57:4a:a7:41:8a:41:f6:6f:9e:5b:87:a4:
df:c1:f8:05:51:16:5e:c2:0f:09:6f:b9:49:d7:38:
dd:70:ba:d9:47:70:64:b8:c2:f1:ee:b8:ae:68:d7:
d6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:39:CF:6C:23:6B:45:CF:AC:28:AE:C8:46:0D:3D:B6:F8:A2:13:5D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/_TnPbCNrRc-sKK7IRg09tviiE10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e2::/48
Signature Algorithm: sha256WithRSAEncryption
6f:af:90:c0:ed:3f:04:72:45:5f:fd:3d:a8:c4:e3:f9:b8:30:
92:f5:9b:51:28:76:42:55:27:74:67:1a:b8:9b:92:4a:4f:ba:
f3:dc:5b:88:58:be:5a:39:b4:ff:b8:09:a5:a2:73:80:0d:68:
b6:19:d4:36:10:5e:d4:13:c6:eb:3c:b5:35:35:ac:89:d5:f7:
34:95:72:82:c6:71:b7:40:e2:70:02:2f:3a:ee:90:58:32:57:
3f:3e:65:13:16:ba:c0:86:ea:c6:8c:a7:63:0a:a8:e5:96:d9:
0d:73:52:03:7a:6c:db:96:48:e5:3a:61:3b:c6:68:84:9d:47:
88:56:5b:eb:5b:4c:db:34:f2:98:41:ff:e0:15:4a:80:0c:8d:
a7:70:38:b7:22:9e:63:f6:6d:6c:76:97:92:7c:41:72:dc:22:
c0:d1:c3:11:56:bd:02:2c:ce:e9:33:1d:45:f1:65:a1:47:ce:
8b:d8:dd:5f:63:6d:01:e0:50:fe:c6:64:c1:82:72:34:05:7b:
94:0b:e1:f3:73:34:bb:96:92:b2:f6:d5:22:bd:51:6f:3f:4f:
a7:d1:81:99:45:ec:6f:a9:90:32:ca:c1:d9:15:5f:cc:5e:df:
35:e5:4a:df:51:dc:d0:79:4c:dd:02:0e:56:6f:ee:0f:45:82:
c0:b5:55:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtHbr/tTfGWeDb2WvSLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDM5Y2Y2YzIzNmI0NWNmYWMyOGFlYzg0NjBkM2RiNmY4YTIxMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrXQHuW5TDu7PUarIRLYeu0cUCw+
MYd+chq0NSUut1ZeAY7+HU0Joy9Zn4cAZSHjOsesO/yr1oTCxjMkb2R3+N3i5EKH
etehvOUwrcQC+F/WRDzR3H7J4w81zM20St1dKpYBAUbCBZu/cVvEidq3mODKxXLo
GY4Dm46U/YD8Fia7vvntstBNgqKDGMHCeIWbbhxXN9j02SEuFwpo41TF3yEsB7yw
P/DCD8ExE7U86SsrJmfXYeOVeL/rJFDEOxCWOS7+nYpQKMoSfBOcm+JQNzIvup5X
SqdBikH2b55bh6TfwfgFURZewg8Jb7lJ1zjdcLrZR3BkuMLx7riuaNfWEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP05z2wja0XPrCiuyEYNPbb4ohNdMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvX1RuUGJDTnJSYy1zS0s3SVJnMDl0dmlpRTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDi
MA0GCSqGSIb3DQEBCwUAA4IBAQBvr5DA7T8EckVf/T2oxOP5uDCS9ZtRKHZCVSd0
Zxq4m5JKT7rz3FuIWL5aObT/uAmlonOADWi2GdQ2EF7UE8brPLU1NayJ1fc0lXKC
xnG3QOJwAi867pBYMlc/PmUTFrrAhurGjKdjCqjlltkNc1IDemzblkjlOmE7xmiE
nUeIVlvrW0zbNPKYQf/gFUqADI2ncDi3Ip5j9m1sdpeSfEFy3CLA0cMRVr0CLM7p
Mx1F8WWhR86L2N1fY20B4FD+xmTBgnI0BXuUC+HzczS7lpKy9tUivVFvP0+n0YGZ
RexvqZAyysHZFV/MXt815UrfUdzQeUzdAg5Wb+4PRYLAtVXi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org