Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fLqLFg8qnD9GUV2IBeU9wD-dojw.roa
File: fLqLFg8qnD9GUV2IBeU9wD-dojw.roa (raw, json)
Hash identifier: xiQrPfz3lwOsO+D/OdgEQgciwbNLyImeNy0I7stxrlc=
Subject key identifier: 7C:BA:8B:16:0F:2A:9C:3F:46:51:5D:88:05:E5:3D:C0:3F:9D:A2:3C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96A9F833BB88F79EE206CACFDC37B2
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fLqLFg8qnD9GUV2IBeU9wD-dojw.roa
Signing time: Tue 06 Feb 2024 18:03:16 +0000
ROA not before: Tue 06 Feb 2024 18:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215810
IP address blocks: 2a0f:b241:56::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:a9:f8:33:bb:88:f7:9e:e2:06:ca:cf:dc:37:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cba8b160f2a9c3f46515d8805e53dc03f9da23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f9:26:d6:a8:79:e6:bb:52:1c:2e:44:6f:bb:
bb:c0:91:7a:78:ef:bd:7d:a5:a0:c2:3b:bf:eb:2d:
5a:a9:37:3b:ca:e2:0f:ff:73:d2:ae:26:37:65:21:
98:d2:ba:5e:03:b6:05:c0:5b:06:c6:c8:a0:f3:40:
5f:23:cd:2e:b6:b1:76:b4:46:c0:34:d5:59:e1:a4:
04:9a:6e:a9:84:dd:36:fe:c5:d5:3c:74:f1:62:51:
06:00:35:9b:cd:b7:b1:80:f5:f7:25:22:2a:71:2c:
4a:de:e3:09:4c:fe:79:90:08:4c:1b:c2:68:4e:74:
2a:5c:8b:e9:e7:0e:14:73:be:13:09:5f:92:8e:d8:
24:74:e3:5c:e0:86:ff:0b:fd:31:64:20:b2:69:53:
a2:10:2c:e0:4e:72:39:20:ec:ce:e6:45:0b:ea:7e:
3f:43:18:3c:ae:b3:92:3f:7b:03:41:b8:1c:38:6c:
58:ff:15:36:70:e9:27:ff:65:5b:a5:d3:38:1b:4b:
fa:6b:c6:89:da:3e:d4:d4:2d:cc:09:71:bc:e6:e3:
70:42:1f:47:20:02:7f:b7:ba:bb:75:9f:f6:f4:50:
9f:60:22:31:de:1f:c7:97:b3:20:bf:c8:bb:da:d1:
94:ff:d6:24:56:da:1e:af:ef:f1:73:b2:e1:a7:53:
62:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BA:8B:16:0F:2A:9C:3F:46:51:5D:88:05:E5:3D:C0:3F:9D:A2:3C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fLqLFg8qnD9GUV2IBeU9wD-dojw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:56::/48
Signature Algorithm: sha256WithRSAEncryption
46:ca:57:63:1c:34:ae:f5:c8:98:cb:60:1e:3e:a3:28:16:b0:
66:63:84:e5:15:46:ff:f5:93:88:e4:c9:4d:f6:d8:39:c9:b1:
9e:33:c9:fc:b0:94:9f:45:d7:3f:4e:41:ce:11:df:86:a2:f2:
3a:71:59:d6:b2:61:bb:85:cc:e3:43:78:58:e5:40:9d:f1:57:
64:b3:db:af:7a:58:14:51:ee:c0:b1:d7:c5:55:15:42:8d:0f:
f5:6b:cd:82:a2:64:b3:46:b7:4d:13:97:db:33:38:9c:07:9d:
0f:ba:a9:23:a4:9e:3d:8d:ab:fa:b1:45:68:a6:55:a9:73:e7:
90:ba:91:9c:40:ee:ef:0d:9e:e0:45:3e:63:68:66:da:df:4b:
34:34:33:d5:a6:91:b0:27:44:59:9f:17:f4:cb:da:aa:7e:f9:
97:fc:66:db:31:ed:e0:ae:a4:3b:7e:64:45:3d:50:22:77:f4:
53:8f:cf:47:14:69:f8:7e:d1:92:d1:e1:91:27:52:0d:c4:8e:
b6:f0:70:cf:0c:43:73:48:d7:72:a2:40:94:22:65:63:9e:9a:
0e:e4:48:8c:57:ee:9f:84:74:1b:fb:10:f3:3a:f1:3a:ce:75:
51:87:29:85:a4:c6:6c:2b:a7:d7:bd:86:82:71:fc:5d:f5:4a:
96:54:10:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqn4M7uI957iBsrP3DeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2JhOGIxNjBmMmE5YzNmNDY1MTVkODgwNWU1M2RjMDNmOWRhMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/km1qh55rtSHC5Eb7u7wJF6eO+9
faWgwju/6y1aqTc7yuIP/3PSriY3ZSGY0rpeA7YFwFsGxsig80BfI80utrF2tEbA
NNVZ4aQEmm6phN02/sXVPHTxYlEGADWbzbexgPX3JSIqcSxK3uMJTP55kAhMG8Jo
TnQqXIvp5w4Uc74TCV+SjtgkdONc4Ib/C/0xZCCyaVOiECzgTnI5IOzO5kUL6n4/
Qxg8rrOSP3sDQbgcOGxY/xU2cOkn/2VbpdM4G0v6a8aJ2j7U1C3MCXG85uNwQh9H
IAJ/t7q7dZ/29FCfYCIx3h/Hl7Mgv8i72tGU/9YkVtoer+/xc7Lhp1NiqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHy6ixYPKpw/RlFdiAXlPcA/naI8MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZkxxTEZnOHFuRDlHVVYySUJlVTl3RC1kb2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBW
MA0GCSqGSIb3DQEBCwUAA4IBAQBGyldjHDSu9ciYy2AePqMoFrBmY4TlFUb/9ZOI
5MlN9tg5ybGeM8n8sJSfRdc/TkHOEd+GovI6cVnWsmG7hczjQ3hY5UCd8Vdks9uv
elgUUe7AsdfFVRVCjQ/1a82ComSzRrdNE5fbMzicB50PuqkjpJ49jav6sUVoplWp
c+eQupGcQO7vDZ7gRT5jaGba30s0NDPVppGwJ0RZnxf0y9qqfvmX/GbbMe3grqQ7
fmRFPVAid/RTj89HFGn4ftGS0eGRJ1INxI628HDPDENzSNdyokCUImVjnpoO5EiM
V+6fhHQb+xDzOvE6znVRhymFpMZsK6fXvYaCcfxd9UqWVBAh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org