Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dk2nwFchUWBWFMGVd5AloY5hZVI.roa
File: dk2nwFchUWBWFMGVd5AloY5hZVI.roa (raw, json)
Hash identifier: bxYYko9Gqn9zUYuDTdtgD42yXLLm8vW32xSuif+kJ8U=
Subject key identifier: 76:4D:A7:C0:57:21:51:60:56:14:C1:95:77:90:25:A1:8E:61:65:52
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07D64F173C6161CE8AA9EE73E60DB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dk2nwFchUWBWFMGVd5AloY5hZVI.roa
Signing time: Wed 07 Feb 2024 05:00:38 +0000
ROA not before: Wed 07 Feb 2024 05:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199914
IP address blocks: 2a0f:b241:8f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7d:64:f1:73:c6:16:1c:e8:aa:9e:e7:3e:60:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=764da7c0572151605614c195779025a18e616552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b0:f3:3a:5b:73:44:e8:a0:24:68:9e:ec:ea:
d6:c2:a4:ae:7f:e1:19:27:06:66:2e:13:72:d8:7d:
87:83:be:54:c0:7d:88:fd:2e:d7:26:ec:04:f1:18:
3c:f1:1c:d0:43:2a:a8:8a:2b:01:9f:9d:69:5f:3b:
56:9a:1f:0b:e4:18:ca:04:8d:4e:d7:3a:01:64:f4:
77:d4:f1:43:89:91:43:d7:fb:18:23:79:e3:df:7c:
89:e1:16:aa:9a:6e:36:69:e0:dc:f8:e2:74:44:d8:
11:0e:20:53:5d:23:3f:69:0e:69:19:04:39:68:72:
61:54:c3:28:a0:e2:a2:f9:e4:32:8c:1b:74:48:80:
d5:2c:b7:af:be:e7:36:88:a5:97:ba:56:88:33:96:
ac:bf:4e:ef:15:17:6c:c5:49:df:b2:37:ba:a1:0d:
93:97:a3:b1:92:c5:53:49:36:70:7e:36:d2:8d:9e:
da:2e:6b:28:e1:4b:36:2d:28:64:71:eb:88:cd:cc:
d3:cc:87:51:83:bb:31:48:17:71:eb:d4:b5:2a:06:
b4:bd:8e:28:67:ac:64:4c:0d:8a:42:e6:0e:b7:14:
88:e3:87:64:df:f2:43:7f:de:f3:e9:cf:71:2c:3d:
e8:57:00:a2:ed:ba:e4:44:e9:ee:ab:db:b9:ee:60:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4D:A7:C0:57:21:51:60:56:14:C1:95:77:90:25:A1:8E:61:65:52
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dk2nwFchUWBWFMGVd5AloY5hZVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8f::/48
Signature Algorithm: sha256WithRSAEncryption
7a:3d:17:fd:a7:3d:fe:ff:68:e6:53:23:a5:ae:73:80:16:59:
6b:14:e1:81:1e:4a:94:7f:16:80:e6:b1:f4:ce:15:73:41:44:
65:91:0d:16:e6:48:ce:ec:a4:16:d8:87:b4:43:67:f7:87:e8:
94:d4:5a:49:a8:6e:0d:64:03:7e:6e:d6:86:31:fc:58:3c:87:
40:d4:6b:f1:6f:9c:98:07:09:1c:91:37:7f:e4:b1:f1:44:3a:
70:ec:60:8a:64:9a:bf:1e:b4:ac:8c:c1:e0:81:53:df:69:10:
a8:8b:00:7a:be:6a:04:87:68:91:1e:30:d4:19:9c:97:c5:48:
47:4e:3a:41:f4:56:25:80:d3:96:bf:ea:cd:bf:ee:17:f9:a9:
49:40:87:93:a3:4f:d6:bb:ff:22:17:34:33:e5:54:3a:6a:42:
e4:dd:96:a9:7b:62:8e:d6:10:a9:af:f1:c1:6b:92:a3:c2:6d:
8b:5f:01:31:c3:f0:4a:e2:c3:98:b4:d7:41:15:62:1b:19:e3:
59:9d:b8:c4:dd:b4:05:bb:35:ed:22:c1:26:21:e4:e0:13:5b:
62:af:db:ba:61:6f:be:a2:24:c8:4a:a2:87:31:87:ce:a6:36:
71:6b:da:a9:78:1c:64:1b:ed:55:59:ba:c0:fd:6c:b3:16:f6:
f7:6d:eb:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8H1k8XPGFhzoqp7nPmDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRkYTdjMDU3MjE1MTYwNTYxNGMxOTU3NzkwMjVhMThlNjE2NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbDzOltzROigJGie7OrWwqSuf+EZ
JwZmLhNy2H2Hg75UwH2I/S7XJuwE8Rg88RzQQyqoiisBn51pXztWmh8L5BjKBI1O
1zoBZPR31PFDiZFD1/sYI3nj33yJ4Raqmm42aeDc+OJ0RNgRDiBTXSM/aQ5pGQQ5
aHJhVMMooOKi+eQyjBt0SIDVLLevvuc2iKWXulaIM5asv07vFRdsxUnfsje6oQ2T
l6OxksVTSTZwfjbSjZ7aLmso4Us2LShkceuIzczTzIdRg7sxSBdx69S1Kga0vY4o
Z6xkTA2KQuYOtxSI44dk3/JDf97z6c9xLD3oVwCi7brkROnuq9u57mDMYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHZNp8BXIVFgVhTBlXeQJaGOYWVSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZGsybndGY2hVV0JXRk1HVmQ1QWxvWTVoWlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCP
MA0GCSqGSIb3DQEBCwUAA4IBAQB6PRf9pz3+/2jmUyOlrnOAFllrFOGBHkqUfxaA
5rH0zhVzQURlkQ0W5kjO7KQW2Ie0Q2f3h+iU1FpJqG4NZAN+btaGMfxYPIdA1Gvx
b5yYBwkckTd/5LHxRDpw7GCKZJq/HrSsjMHggVPfaRCoiwB6vmoEh2iRHjDUGZyX
xUhHTjpB9FYlgNOWv+rNv+4X+alJQIeTo0/Wu/8iFzQz5VQ6akLk3Zape2KO1hCp
r/HBa5Kjwm2LXwExw/BK4sOYtNdBFWIbGeNZnbjE3bQFuzXtIsEmIeTgE1tir9u6
YW++oiTISqKHMYfOpjZxa9qpeBxkG+1VWbrA/WyzFvb3beuX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org