Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bDLUz7P3MBKJABOPXw-NQczm25g.roa
File: bDLUz7P3MBKJABOPXw-NQczm25g.roa (raw, json)
Hash identifier: LMmpCexI8QB+kBvjNm75pLvpz10WAf0S/urC7OFGHiQ=
Subject key identifier: 6C:32:D4:CF:B3:F7:30:12:89:00:13:8F:5F:0F:8D:41:CC:E6:DB:98
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95BE704A477E852BA770FE07336BE0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bDLUz7P3MBKJABOPXw-NQczm25g.roa
Signing time: Tue 06 Feb 2024 18:02:16 +0000
ROA not before: Tue 06 Feb 2024 18:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209401
IP address blocks: 2a0f:b241:44::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:be:70:4a:47:7e:85:2b:a7:70:fe:07:33:6b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c32d4cfb3f730128900138f5f0f8d41cce6db98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b0:8b:d6:d2:80:37:fe:9d:c2:e5:78:d2:3a:
2f:ea:65:c8:b1:9c:c7:c6:07:3a:30:d6:40:1e:b3:
f5:14:a7:48:51:6f:eb:05:5c:eb:a8:b0:76:5e:a7:
b4:50:85:1c:e3:f8:f8:56:d2:97:b1:8a:51:f1:8c:
1e:f9:dc:02:ec:5d:48:8d:63:42:27:98:77:48:d2:
3a:3f:d9:e1:2f:87:84:c5:20:35:de:95:e1:70:bc:
a7:b8:0c:5f:38:44:b0:8c:e9:f5:4d:b1:a1:8f:b9:
6d:f7:63:35:d2:4f:b7:63:c1:58:7c:a4:33:f3:f7:
82:68:1b:f2:b2:b8:ff:86:d7:e5:6d:0e:e3:53:dc:
f8:6d:d1:4d:10:68:15:95:0d:d1:33:e8:70:9e:41:
50:0d:98:db:38:24:5a:1f:29:53:3f:9d:d8:95:b4:
4e:c4:e4:8d:c7:f4:83:45:16:56:55:d7:fc:05:7a:
9c:f2:9a:d9:e3:6d:66:3f:58:cf:a5:68:74:c0:1e:
3d:4a:a0:8e:87:97:c1:6e:a5:6e:ed:02:6c:4d:9b:
46:f5:41:5f:88:55:98:72:4f:ab:fe:c4:20:f9:c4:
d2:6a:ff:e9:24:c4:06:6f:07:32:a0:72:52:7b:71:
a9:93:fe:ee:0f:76:70:57:f5:ff:27:8a:f9:b6:89:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:32:D4:CF:B3:F7:30:12:89:00:13:8F:5F:0F:8D:41:CC:E6:DB:98
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bDLUz7P3MBKJABOPXw-NQczm25g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:44::/48
Signature Algorithm: sha256WithRSAEncryption
2c:07:b5:fe:00:bf:80:e7:32:ee:8c:80:ec:7e:e8:cf:a0:a1:
ac:3d:0c:fe:2e:49:f5:64:13:d5:42:f1:51:b2:75:bc:b0:4b:
75:50:96:73:d5:16:34:7b:f6:1f:be:b5:ea:64:9e:30:ae:98:
99:f3:97:97:6c:74:0a:de:b6:06:34:aa:a7:27:42:d2:30:43:
47:fe:8e:5d:b9:10:e0:00:72:fd:d4:13:99:ae:ae:d4:7b:de:
6a:8c:68:de:6b:a4:65:45:4b:74:2b:4e:65:f0:6a:50:55:17:
f2:3f:8d:fc:84:2f:47:df:ea:d7:5e:de:97:8b:8e:dc:c2:d5:
8c:b5:22:3a:78:f6:a1:ee:f2:9d:dc:08:41:15:c1:72:ad:80:
d4:40:7e:3e:a2:e7:a8:94:c0:88:d5:9a:b3:ee:84:dc:b7:82:
cd:00:02:40:b4:f2:8d:62:9b:69:2e:2b:19:1e:b3:e9:b0:17:
1a:77:a2:40:b9:e7:8b:c0:b6:4f:cf:9c:ec:80:16:26:70:b4:
15:4b:85:e5:69:0f:3c:30:bd:49:a9:a8:53:2a:cf:45:2a:1e:
7d:41:8a:94:76:e8:b6:bf:4a:a3:24:4d:1f:1b:0d:6e:42:14:
73:d9:9a:38:a7:06:1f:2c:09:59:89:8c:63:ef:90:8e:d4:72:
b1:d5:81:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lb5wSkd+hSuncP4HM2vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMyZDRjZmIzZjczMDEyODkwMDEzOGY1ZjBmOGQ0MWNjZTZkYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLCL1tKAN/6dwuV40jov6mXIsZzH
xgc6MNZAHrP1FKdIUW/rBVzrqLB2Xqe0UIUc4/j4VtKXsYpR8Ywe+dwC7F1IjWNC
J5h3SNI6P9nhL4eExSA13pXhcLynuAxfOESwjOn1TbGhj7lt92M10k+3Y8FYfKQz
8/eCaBvysrj/htflbQ7jU9z4bdFNEGgVlQ3RM+hwnkFQDZjbOCRaHylTP53YlbRO
xOSNx/SDRRZWVdf8BXqc8prZ421mP1jPpWh0wB49SqCOh5fBbqVu7QJsTZtG9UFf
iFWYck+r/sQg+cTSav/pJMQGbwcyoHJSe3Gpk/7uD3ZwV/X/J4r5tomkXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGwy1M+z9zASiQATj18PjUHM5tuYMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYkRMVXo3UDNNQktKQUJPUFh3LU5RY3ptMjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBE
MA0GCSqGSIb3DQEBCwUAA4IBAQAsB7X+AL+A5zLujIDsfujPoKGsPQz+Lkn1ZBPV
QvFRsnW8sEt1UJZz1RY0e/YfvrXqZJ4wrpiZ85eXbHQK3rYGNKqnJ0LSMENH/o5d
uRDgAHL91BOZrq7Ue95qjGjea6RlRUt0K05l8GpQVRfyP438hC9H3+rXXt6Xi47c
wtWMtSI6ePah7vKd3AhBFcFyrYDUQH4+oueolMCI1Zqz7oTct4LNAAJAtPKNYptp
LisZHrPpsBcad6JAueeLwLZPz5zsgBYmcLQVS4XlaQ88ML1JqahTKs9FKh59QYqU
dui2v0qjJE0fGw1uQhRz2Zo4pwYfLAlZiYxj75CO1HKx1YEx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org