Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cohx75PqXGuqH_xqffTQLE0GbsQ.roa
File: cohx75PqXGuqH_xqffTQLE0GbsQ.roa (raw, json)
Hash identifier: KZlGgxxWDlg9LID8ck5NMlxc7jWfY+UbUy0MFMOP8/M=
Subject key identifier: 72:88:71:EF:93:EA:5C:6B:AA:1F:FC:6A:7D:F4:D0:2C:4D:06:6E:C4
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A68D8C76AB2FFE9064EC1B29F5C1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cohx75PqXGuqH_xqffTQLE0GbsQ.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211184
IP address blocks: 2a0f:b241:145::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a6:8d:8c:76:ab:2f:fe:90:64:ec:1b:29:f5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=728871ef93ea5c6baa1ffc6a7df4d02c4d066ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:17:42:5b:6e:c2:a1:ad:b5:ff:91:21:f8:
8a:71:61:fb:a4:2e:92:1b:d3:e6:47:03:13:ed:19:
27:cc:5e:ba:0a:40:73:a1:cb:19:29:dc:d8:49:5d:
ea:a7:04:48:d9:62:cc:1d:f9:f4:92:fe:90:5b:8d:
5b:83:eb:18:19:22:39:f6:8b:6a:2c:41:9b:25:ae:
68:69:b4:c3:86:e9:17:41:63:75:0f:25:c1:4f:de:
65:d7:49:6c:62:c9:05:1b:69:fa:38:6a:34:a7:d1:
0a:33:aa:80:fe:98:90:9a:38:f5:de:be:9f:54:41:
45:2d:8a:ff:43:c7:8e:ba:03:05:f8:3b:3d:66:14:
33:37:99:0a:a5:d9:23:a6:ad:95:18:d5:09:03:16:
21:c5:68:cf:63:75:85:b4:da:6e:0c:a4:ab:e6:39:
21:92:cc:dd:62:67:56:fb:d4:65:ae:d4:ab:23:9b:
21:1b:a5:05:35:f8:63:e9:eb:4b:e0:80:1d:ad:28:
d0:6d:f1:06:b6:01:6d:c0:8e:cf:40:04:23:71:86:
ce:80:31:75:d5:47:71:af:9e:58:9e:28:c3:37:05:
e3:62:f3:4b:04:1e:38:2a:8f:43:d9:20:ce:e8:b8:
74:d5:5f:3b:9b:7b:d8:d9:48:92:01:b5:18:a9:bc:
ed:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:88:71:EF:93:EA:5C:6B:AA:1F:FC:6A:7D:F4:D0:2C:4D:06:6E:C4
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cohx75PqXGuqH_xqffTQLE0GbsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:145::/48
Signature Algorithm: sha256WithRSAEncryption
6e:b6:07:5d:57:7a:8d:f4:99:81:a8:e4:d8:7b:71:e6:58:dc:
7a:b0:c7:c0:e0:a6:a8:ec:88:c4:2e:c3:0f:0a:8a:37:8b:3d:
b3:40:e3:65:f1:df:b7:0d:a0:d4:b6:e1:60:9e:f0:95:72:c6:
09:26:f6:81:d3:9d:b8:a0:b1:ae:4a:a0:82:97:03:0c:02:11:
54:8e:f7:b8:9a:86:ae:0d:03:b4:9d:bf:ee:83:05:e4:e8:5c:
4b:bf:05:2c:b3:55:a0:b2:34:50:1d:c8:3d:e7:8b:39:a1:ed:
1f:86:91:1c:f8:77:90:03:b4:a1:66:f4:ee:3c:92:44:c9:ad:
05:17:56:d2:ec:a6:88:8f:a2:10:4c:de:f5:0e:6f:68:53:ba:
19:04:cd:50:ba:10:b2:8f:d7:9a:c1:32:fe:ff:2c:f8:28:f6:
54:11:01:ff:4c:ba:e5:6b:df:f9:26:20:e4:5c:55:1b:8d:44:
44:80:22:1e:79:0c:39:fd:aa:9c:ab:cb:ed:90:61:a4:f4:d3:
e8:9f:fe:ea:22:1a:c1:ac:44:ce:ec:b6:3b:31:16:d8:35:a1:
fc:32:37:42:ae:d2:6a:d3:00:c5:eb:1e:19:5a:b5:c7:9a:c2:
e5:e9:e3:57:6a:24:f3:9f:c2:21:7b:e5:37:c1:76:1f:54:df:
04:da:68:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KaNjHarL/6QZOwbKfXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjg4NzFlZjkzZWE1YzZiYWExZmZjNmE3ZGY0ZDAyYzRkMDY2ZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2kXQltuwqGttf+RIfiKcWH7pC6S
G9PmRwMT7RknzF66CkBzocsZKdzYSV3qpwRI2WLMHfn0kv6QW41bg+sYGSI59otq
LEGbJa5oabTDhukXQWN1DyXBT95l10lsYskFG2n6OGo0p9EKM6qA/piQmjj13r6f
VEFFLYr/Q8eOugMF+Ds9ZhQzN5kKpdkjpq2VGNUJAxYhxWjPY3WFtNpuDKSr5jkh
kszdYmdW+9RlrtSrI5shG6UFNfhj6etL4IAdrSjQbfEGtgFtwI7PQAQjcYbOgDF1
1Udxr55YnijDNwXjYvNLBB44Ko9D2SDO6Lh01V87m3vY2UiSAbUYqbzt6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHKIce+T6lxrqh/8an300CxNBm7EMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvY29oeDc1UHFYR3VxSF94cWZmVFFMRTBHYnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFF
MA0GCSqGSIb3DQEBCwUAA4IBAQButgddV3qN9JmBqOTYe3HmWNx6sMfA4Kao7IjE
LsMPCoo3iz2zQONl8d+3DaDUtuFgnvCVcsYJJvaB0524oLGuSqCClwMMAhFUjve4
moauDQO0nb/ugwXk6FxLvwUss1WgsjRQHcg954s5oe0fhpEc+HeQA7ShZvTuPJJE
ya0FF1bS7KaIj6IQTN71Dm9oU7oZBM1QuhCyj9eawTL+/yz4KPZUEQH/TLrla9/5
JiDkXFUbjUREgCIeeQw5/aqcq8vtkGGk9NPon/7qIhrBrETO7LY7MRbYNaH8MjdC
rtJq0wDF6x4ZWrXHmsLl6eNXaiTzn8Ihe+U3wXYfVN8E2mgo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org