Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fK5X-JMu5gXnhNknhPHx41rj3mg.roa
File: fK5X-JMu5gXnhNknhPHx41rj3mg.roa (raw, json)
Hash identifier: 9BrAWzoMD8QwKt65YAVtTdNnru70AlDlaX+Zy+w14R0=
Subject key identifier: 7C:AE:57:F8:93:2E:E6:05:E7:84:D9:27:84:F1:F1:E3:5A:E3:DE:68
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FABBE7BF668DB85005B72FA215EE0DE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fK5X-JMu5gXnhNknhPHx41rj3mg.roa
Signing time: Tue 06 Feb 2024 18:26:18 +0000
ROA not before: Tue 06 Feb 2024 18:26:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209542
IP address blocks: 2a0f:b241:f5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ab:be:7b:f6:68:db:85:00:5b:72:fa:21:5e:e0:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:26:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cae57f8932ee605e784d92784f1f1e35ae3de68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:bb:79:ea:18:9b:ba:7e:4d:b5:3b:d7:cf:
7c:05:4e:f2:a3:a1:60:fd:6a:57:d7:4d:60:21:d6:
67:24:3c:8f:02:4a:af:dd:ff:96:7d:8b:c1:c6:f3:
ae:fc:d8:19:fc:ab:23:be:1f:c3:85:f1:dc:f8:90:
9f:b1:11:85:c6:6b:13:de:32:86:66:ac:33:21:cb:
c9:35:fe:cb:48:5d:bf:87:a6:b2:2e:29:ce:08:09:
0d:ac:a6:57:25:8f:df:62:d7:9d:14:24:85:e4:1a:
44:c9:4a:64:74:20:d5:17:d7:7c:d0:b1:4e:47:d3:
7e:c2:1b:e2:55:43:1d:6c:40:c3:53:cc:36:76:49:
69:a7:9e:8c:04:c7:52:73:c1:73:eb:aa:9d:f9:ef:
b3:26:07:22:2e:4f:f5:6c:f4:e2:25:95:e9:1c:09:
14:d2:ee:95:ac:2d:92:be:62:47:f1:80:69:2b:9f:
54:13:d3:fe:43:de:0e:38:e7:87:d3:b3:7e:f0:6e:
41:77:8d:9b:f2:d3:29:be:a4:2f:e8:53:f3:18:8f:
04:49:7e:fc:26:9e:ce:45:e5:9a:f9:69:85:80:1b:
d2:b6:57:76:14:1a:5e:4f:e9:20:eb:3e:ad:8e:ae:
e4:a4:8a:e1:75:46:6d:df:a8:f0:4c:94:d1:0d:3b:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AE:57:F8:93:2E:E6:05:E7:84:D9:27:84:F1:F1:E3:5A:E3:DE:68
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fK5X-JMu5gXnhNknhPHx41rj3mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f5::/48
Signature Algorithm: sha256WithRSAEncryption
14:d9:ef:c6:ba:ce:97:e4:8c:ce:e7:b8:82:09:1f:a8:2d:38:
a7:81:c2:2b:68:30:b7:5a:d8:a0:76:ee:89:3d:33:0a:9c:a4:
f3:00:d7:6c:f5:ad:6c:18:ac:92:ea:8c:2a:dc:ec:93:e1:67:
b5:ff:1a:0f:a4:d5:8c:ec:1c:7f:07:a8:5e:5d:d3:3b:7a:28:
5e:8b:17:64:49:ab:df:af:78:19:e9:de:38:2f:84:84:aa:6c:
52:20:c1:88:cc:5c:c7:63:c6:03:b9:c8:cd:d5:2d:5f:a3:e6:
36:63:39:99:3f:60:29:13:0d:9b:07:cf:6b:39:44:f3:3e:5c:
e7:fe:c1:e2:f1:56:ba:11:12:e5:97:d9:2b:ea:b8:db:e3:71:
f0:38:43:b7:ce:26:39:95:b4:54:09:c4:bc:c9:33:41:d5:b8:
e4:ab:12:36:6a:fc:aa:2a:48:b6:88:c5:3a:20:65:ae:d9:61:
df:21:f6:90:f3:d3:1d:65:b6:f7:aa:bf:32:f6:1f:a6:55:d0:
56:ad:2d:f1:e8:eb:0b:d5:00:7f:c8:b8:b4:56:09:54:ef:52:
92:29:d8:09:76:2a:76:67:71:7f:af:75:6a:ae:42:0c:a5:47:
38:2e:6e:de:6b:43:03:f6:6f:c8:4f:e6:8a:85:b4:e3:dd:e3:
e0:2d:98:45
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/q7579mjbhQBbcvohXuDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FlNTdmODkzMmVlNjA1ZTc4NGQ5Mjc4NGYxZjFlMzVhZTNkZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+e7eeoYm7p+TbU71898BU7yo6Fg
/WpX101gIdZnJDyPAkqv3f+WfYvBxvOu/NgZ/Ksjvh/DhfHc+JCfsRGFxmsT3jKG
ZqwzIcvJNf7LSF2/h6ayLinOCAkNrKZXJY/fYtedFCSF5BpEyUpkdCDVF9d80LFO
R9N+whviVUMdbEDDU8w2dklpp56MBMdSc8Fz66qd+e+zJgciLk/1bPTiJZXpHAkU
0u6VrC2SvmJH8YBpK59UE9P+Q94OOOeH07N+8G5Bd42b8tMpvqQv6FPzGI8ESX78
Jp7OReWa+WmFgBvStld2FBpeT+kg6z6tjq7kpIrhdUZt36jwTJTRDTtclQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHyuV/iTLuYF54TZJ4Tx8eNa495oMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZks1WC1KTXU1Z1huaE5rbmhQSHg0MXJqM21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD1
MA0GCSqGSIb3DQEBCwUAA4IBAQAU2e/Gus6X5IzO57iCCR+oLTingcIraDC3Wtig
du6JPTMKnKTzANds9a1sGKyS6owq3OyT4We1/xoPpNWM7Bx/B6heXdM7eiheixdk
Savfr3gZ6d44L4SEqmxSIMGIzFzHY8YDucjN1S1fo+Y2YzmZP2ApEw2bB89rOUTz
Plzn/sHi8Va6ERLll9kr6rjb43HwOEO3ziY5lbRUCcS8yTNB1bjkqxI2avyqKki2
iMU6IGWu2WHfIfaQ89MdZbb3qr8y9h+mVdBWrS3x6OsL1QB/yLi0VglU71KSKdgJ
dip2Z3F/r3VqrkIMpUc4Lm7ea0MD9m/IT+aKhbTj3ePgLZhF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org