Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/b69hIiUv0PlZCSpoa3JZH36p4PU.roa
File: b69hIiUv0PlZCSpoa3JZH36p4PU.roa (raw, json)
Hash identifier: r+jvhEo5VAKZ7PwJWI6AovtwgLdD1lDKGrXxSD7eNLk=
Subject key identifier: 6F:AF:61:22:25:2F:D0:F9:59:09:2A:68:6B:72:59:1F:7E:A9:E0:F5
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A486EDAFF0F345B79092FB9421FF
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/b69hIiUv0PlZCSpoa3JZH36p4PU.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210667
IP address blocks: 2a0f:b241:f9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a4:86:ed:af:f0:f3:45:b7:90:92:fb:94:21:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6faf6122252fd0f959092a686b72591f7ea9e0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2c:3f:9f:e2:51:90:83:dd:ff:c9:99:84:ac:
9e:b7:f8:21:76:17:27:74:a2:f0:82:f3:8c:09:d8:
8c:86:67:d5:34:3f:ed:37:86:43:fc:05:31:e8:3d:
b1:fd:7e:d1:81:19:5d:7d:6d:7c:15:8e:58:bd:6e:
68:0e:81:8e:17:68:d3:1f:e8:ab:20:4f:fb:04:41:
23:af:f2:a9:0a:b3:89:e8:d2:25:15:2e:f9:15:6f:
51:f9:9b:26:18:87:a7:d8:eb:ee:df:e1:fd:23:f0:
16:3d:26:8c:67:87:b7:2d:6e:39:e3:47:43:4c:86:
84:43:0f:d2:7e:31:76:0b:05:12:54:aa:34:3c:fe:
2a:34:b2:26:92:ed:6f:2e:d7:3c:89:b3:0e:7a:88:
f6:83:6f:53:b5:e6:40:95:0d:71:d6:3e:e7:dc:b9:
9c:88:73:09:f0:b2:d6:74:62:5d:c3:a9:56:4b:a2:
c7:bf:2b:3c:c8:de:0a:64:fa:d8:0a:3a:c0:26:68:
1c:9f:48:82:86:b1:1d:81:c9:b8:f2:d9:cf:48:c8:
a0:2c:7b:07:21:d5:9b:55:e1:5c:f1:19:25:c7:f3:
4c:db:4e:53:c7:3f:9f:fd:63:04:1d:9e:45:a2:e5:
8b:b8:22:5b:62:c6:50:ce:36:55:16:4e:34:5b:d0:
58:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AF:61:22:25:2F:D0:F9:59:09:2A:68:6B:72:59:1F:7E:A9:E0:F5
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/b69hIiUv0PlZCSpoa3JZH36p4PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f9::/48
Signature Algorithm: sha256WithRSAEncryption
04:0b:71:bc:f5:71:aa:4c:1e:f2:41:81:66:11:67:18:4a:26:
fe:f0:fb:f4:b0:41:8a:7e:ab:bc:5c:88:25:a2:a1:36:9f:9e:
cc:1f:1f:bb:3f:d9:f5:25:ee:64:2e:e5:0d:77:fa:59:bd:42:
e9:2e:23:f3:7f:db:c3:ed:3d:e5:21:27:d6:c1:ec:af:97:b2:
d0:e9:82:3c:4b:72:66:cb:47:fd:a1:0e:40:f3:19:70:bc:1d:
12:9a:b4:dc:5c:e5:4a:4c:34:3d:74:f9:bc:f5:f9:a0:c4:20:
fd:04:b2:f3:d3:7f:be:39:82:66:32:a8:ae:4f:ac:7c:4e:c5:
79:86:94:6a:93:4c:ac:5f:26:d9:1c:8b:9d:99:c8:4b:15:ed:
f9:32:5a:2f:91:f4:8d:b1:5b:04:19:f0:7c:a7:6e:48:72:ba:
17:58:fa:97:06:ae:0c:84:a2:5f:1f:71:16:96:bb:f0:b8:74:
2f:55:c7:fe:e0:a7:ce:96:24:4b:81:05:7c:bf:25:87:be:88:
bb:9f:c5:09:f8:dd:b9:64:4e:dd:00:83:85:2f:51:cb:ce:1c:
d5:e1:38:8a:0c:1d:45:39:71:7d:f1:6b:7d:25:48:c9:04:5b:
ec:10:f1:05:b0:82:0f:e3:5a:59:4e:30:5f:16:78:86:b8:71:
79:7b:47:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KSG7a/w80W3kJL7lCH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFmNjEyMjI1MmZkMGY5NTkwOTJhNjg2YjcyNTkxZjdlYTllMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCw/n+JRkIPd/8mZhKyet/ghdhcn
dKLwgvOMCdiMhmfVND/tN4ZD/AUx6D2x/X7RgRldfW18FY5YvW5oDoGOF2jTH+ir
IE/7BEEjr/KpCrOJ6NIlFS75FW9R+ZsmGIen2Ovu3+H9I/AWPSaMZ4e3LW4540dD
TIaEQw/SfjF2CwUSVKo0PP4qNLImku1vLtc8ibMOeoj2g29TteZAlQ1x1j7n3Lmc
iHMJ8LLWdGJdw6lWS6LHvys8yN4KZPrYCjrAJmgcn0iChrEdgcm48tnPSMigLHsH
IdWbVeFc8Rklx/NM205Txz+f/WMEHZ5FouWLuCJbYsZQzjZVFk40W9BYEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG+vYSIlL9D5WQkqaGtyWR9+qeD1MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYjY5aElpVXYwUGxaQ1Nwb2EzSlpIMzZwNFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD5
MA0GCSqGSIb3DQEBCwUAA4IBAQAEC3G89XGqTB7yQYFmEWcYSib+8Pv0sEGKfqu8
XIgloqE2n57MHx+7P9n1Je5kLuUNd/pZvULpLiPzf9vD7T3lISfWweyvl7LQ6YI8
S3Jmy0f9oQ5A8xlwvB0SmrTcXOVKTDQ9dPm89fmgxCD9BLLz03++OYJmMqiuT6x8
TsV5hpRqk0ysXybZHIudmchLFe35MlovkfSNsVsEGfB8p25IcroXWPqXBq4MhKJf
H3EWlrvwuHQvVcf+4KfOliRLgQV8vyWHvoi7n8UJ+N25ZE7dAIOFL1HLzhzV4TiK
DB1FOXF98Wt9JUjJBFvsEPEFsIIP41pZTjBfFniGuHF5e0dW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org