Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/a0chZpXvDnhT-nDrGFtEI0O0KXk.roa
File: a0chZpXvDnhT-nDrGFtEI0O0KXk.roa (raw, json)
Hash identifier: VEZiM/QPlxt+PFpv+qlXLMV2jRwmTibbWAQTvyXSkAY=
Subject key identifier: 6B:47:21:66:95:EF:0E:78:53:FA:70:EB:18:5B:44:23:43:B4:29:79
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD38781BE7B3D1FED06AC805E4A34
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/a0chZpXvDnhT-nDrGFtEI0O0KXk.roa
Signing time: Tue 06 Feb 2024 18:25:18 +0000
ROA not before: Tue 06 Feb 2024 18:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202990
IP address blocks: 2a0f:b241:e3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d3:87:81:be:7b:3d:1f:ed:06:ac:80:5e:4a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b47216695ef0e7853fa70eb185b442343b42979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a3:aa:90:3a:6c:2d:67:ea:94:88:36:3d:80:
7c:cf:f3:be:18:8c:18:9e:92:a4:4c:72:28:65:35:
a2:db:c6:e2:37:00:eb:9c:f1:09:aa:e2:c1:01:e3:
9b:fb:09:00:3c:91:48:44:6e:da:5c:34:46:7b:72:
02:2d:7d:43:c9:3e:fa:08:bd:19:2e:d5:a3:d3:90:
0f:8b:83:ed:e7:71:46:ed:d5:27:8f:f2:af:67:62:
5d:de:dc:c6:5a:bd:72:88:05:5d:52:78:4b:ab:e2:
aa:0c:78:72:04:75:e8:15:93:51:d4:3b:e0:98:92:
3a:f7:8b:aa:98:e4:49:7c:f3:0c:1a:06:21:0f:47:
1c:a3:0f:fe:a6:d7:3e:55:bd:9f:a7:93:a5:aa:3f:
9a:89:35:79:ce:21:31:a4:ee:ed:c6:25:3c:6a:ba:
e8:cd:85:f3:1c:2b:d1:6e:18:e4:e5:e7:24:9d:86:
b6:45:c7:9e:02:35:54:78:22:e4:c8:b9:e6:b8:c8:
f4:71:3a:e9:0f:a7:cb:8b:50:1a:23:a4:3d:d7:3a:
73:69:5e:75:2c:5a:e6:74:15:92:bd:df:02:ac:bb:
bf:98:6d:77:ea:76:e7:fb:2a:38:fb:bc:8a:47:86:
b7:f1:fd:b2:67:63:ec:2d:07:9f:fa:f8:bf:d4:bc:
15:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:47:21:66:95:EF:0E:78:53:FA:70:EB:18:5B:44:23:43:B4:29:79
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/a0chZpXvDnhT-nDrGFtEI0O0KXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e3::/48
Signature Algorithm: sha256WithRSAEncryption
14:fb:3f:69:18:54:e8:f5:72:7a:31:7c:4e:47:34:59:1e:f7:
64:8c:09:f5:f2:75:3b:2f:f2:46:eb:8e:6a:52:2b:c8:d7:76:
a3:2d:6a:6a:a0:70:9e:d1:7b:da:98:23:16:19:ad:5d:c4:dd:
1d:89:67:cc:6d:c7:55:61:8a:ae:e7:fe:cb:8c:7c:47:db:cc:
ec:5c:af:2d:66:7b:c7:9d:8d:1d:b9:d2:82:47:76:a5:12:b2:
3f:5e:ad:58:ba:81:6a:7a:3e:1b:27:36:ae:e4:d9:ef:8b:d4:
ba:1a:23:53:cc:06:3f:fc:78:91:fe:63:c2:1e:5b:4a:1e:26:
6f:6a:85:2c:ff:d1:7e:1d:2b:b9:8a:98:4e:fc:cc:11:bb:18:
1d:72:11:d8:3b:54:ec:6d:51:77:ca:da:e8:2a:da:32:5e:89:
24:18:40:61:76:18:00:e9:8f:40:9e:bb:8f:1c:3b:f8:b3:2b:
6b:b5:82:07:be:24:1b:26:da:a5:03:a5:63:11:62:94:2a:d1:
3d:13:99:03:77:16:aa:72:c2:6c:be:da:ce:d8:d2:5e:ab:8e:
6d:f7:1f:79:84:06:8e:5d:64:56:15:a3:d6:86:53:09:bc:58:
04:ea:4e:77:2a:f2:6c:9c:1e:b7:3f:31:72:8d:25:59:0f:b5:
c3:00:d4:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtOHgb57PR/tBqyAXko0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ3MjE2Njk1ZWYwZTc4NTNmYTcwZWIxODViNDQyMzQzYjQyOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKOqkDpsLWfqlIg2PYB8z/O+GIwY
npKkTHIoZTWi28biNwDrnPEJquLBAeOb+wkAPJFIRG7aXDRGe3ICLX1DyT76CL0Z
LtWj05APi4Pt53FG7dUnj/KvZ2Jd3tzGWr1yiAVdUnhLq+KqDHhyBHXoFZNR1Dvg
mJI694uqmORJfPMMGgYhD0ccow/+ptc+Vb2fp5Olqj+aiTV5ziExpO7txiU8arro
zYXzHCvRbhjk5ecknYa2RceeAjVUeCLkyLnmuMj0cTrpD6fLi1AaI6Q91zpzaV51
LFrmdBWSvd8CrLu/mG136nbn+yo4+7yKR4a38f2yZ2PsLQef+vi/1LwVvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGtHIWaV7w54U/pw6xhbRCNDtCl5MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYTBjaFpwWHZEbmhULW5EckdGdEVJME8wS1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDj
MA0GCSqGSIb3DQEBCwUAA4IBAQAU+z9pGFTo9XJ6MXxORzRZHvdkjAn18nU7L/JG
645qUivI13ajLWpqoHCe0XvamCMWGa1dxN0diWfMbcdVYYqu5/7LjHxH28zsXK8t
ZnvHnY0dudKCR3alErI/Xq1YuoFqej4bJzau5Nnvi9S6GiNTzAY//HiR/mPCHltK
HiZvaoUs/9F+HSu5iphO/MwRuxgdchHYO1TsbVF3ytroKtoyXokkGEBhdhgA6Y9A
nruPHDv4sytrtYIHviQbJtqlA6VjEWKUKtE9E5kDdxaqcsJsvtrO2NJeq45t9x95
hAaOXWRWFaPWhlMJvFgE6k53KvJsnB63PzFyjSVZD7XDANTJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org