Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fh5I4QhDVYv0lbX2R8AjSXorkwE.roa
File: fh5I4QhDVYv0lbX2R8AjSXorkwE.roa (raw, json)
Hash identifier: Irhj7miy2dVV2i8YOvP/ECK79M3uiBE2CIsQCE8CVoE=
Subject key identifier: 7E:1E:48:E1:08:43:55:8B:F4:95:B5:F6:47:C0:23:49:7A:2B:93:01
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09285B4476A8635D33BA4EEF9E87A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fh5I4QhDVYv0lbX2R8AjSXorkwE.roa
Signing time: Wed 07 Feb 2024 05:00:43 +0000
ROA not before: Wed 07 Feb 2024 05:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205290
IP address blocks: 2a0f:b241:ec::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:92:85:b4:47:6a:86:35:d3:3b:a4:ee:f9:e8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e1e48e10843558bf495b5f647c023497a2b9301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:36:29:fe:0a:52:b2:4e:68:74:eb:f0:14:
30:95:18:d4:f1:7b:81:82:79:14:31:2f:56:0b:cf:
ae:e3:f5:29:c8:f2:d2:e3:5b:3e:b0:80:05:e6:a1:
77:88:77:1c:47:c0:0e:aa:09:61:a8:97:5a:d7:e9:
12:f3:a8:b2:6a:7d:32:39:32:6a:92:e1:77:55:52:
99:3e:82:d9:9e:a1:b0:12:ee:64:ff:e9:25:51:98:
fe:14:a6:63:15:36:28:76:82:8e:51:6a:d5:58:4f:
c1:b1:0d:a1:d2:57:09:b9:7c:55:00:6f:19:fd:be:
90:19:63:c6:c2:db:5e:73:82:7f:db:55:d4:77:38:
56:e2:57:fc:0a:6e:98:51:9f:19:3e:92:5e:84:0f:
00:19:aa:89:21:3b:a9:ce:09:5e:e1:09:a1:b5:45:
8b:bd:ae:d5:b2:c2:cc:d6:f4:1a:e0:a2:28:67:60:
6a:0e:0e:00:0f:e2:b1:b9:a4:0a:7d:c7:17:d8:c6:
68:06:5d:45:6e:66:db:a7:79:24:c1:15:bc:fb:f2:
c9:a7:e2:17:86:5c:86:01:4a:7c:47:a6:bc:51:1d:
42:48:39:31:3c:72:76:f1:ee:44:2f:72:b3:a4:ea:
d3:ef:9e:a1:82:0b:ca:48:78:7d:ab:d1:fa:16:f4:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1E:48:E1:08:43:55:8B:F4:95:B5:F6:47:C0:23:49:7A:2B:93:01
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fh5I4QhDVYv0lbX2R8AjSXorkwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:ec::/48
Signature Algorithm: sha256WithRSAEncryption
00:ed:53:72:6c:4d:ad:e7:c4:7b:a0:3d:42:de:57:90:55:e9:
a7:37:93:06:69:4a:de:35:a3:4c:b8:c6:fc:07:ce:64:a0:4f:
4f:a4:4e:54:c0:5e:cf:d6:0f:a8:4b:da:e3:82:5d:f6:3e:f7:
36:e8:11:30:06:c7:00:06:98:7d:92:bb:4a:66:1a:d2:1e:dd:
8a:dd:ef:f6:ae:50:56:fe:7e:33:bd:0f:97:66:00:f2:a6:c6:
32:71:4d:4c:46:bb:a0:b6:9b:b6:8c:77:aa:c5:d0:df:ca:93:
af:60:0c:44:ec:90:20:20:0a:06:03:19:c6:c0:c0:79:41:a5:
00:b9:ca:89:a5:42:49:91:b2:40:4e:fa:23:f3:7e:a1:5c:25:
62:10:81:3f:23:a4:dd:28:7e:f3:d2:2c:63:b1:f4:69:b0:f5:
23:a4:29:8c:aa:0e:c7:89:07:4b:94:bd:1a:c6:97:1e:fe:d3:
66:87:e4:7c:b9:11:af:b9:9a:23:1f:0b:de:94:3e:d8:83:cd:
4d:64:b0:62:c4:ef:9c:5f:97:16:ab:4e:13:0d:c7:a2:27:a1:
0e:98:72:3e:00:e0:7f:81:35:df:70:58:82:1b:87:cf:94:6a:
d4:77:36:f1:ab:23:3f:7e:40:19:00:b9:a4:69:de:d4:13:43:
07:5d:c3:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JKFtEdqhjXTO6Tu+eh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFlNDhlMTA4NDM1NThiZjQ5NWI1ZjY0N2MwMjM0OTdhMmI5MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdk2Kf4KUrJOaHTr8BQwlRjU8XuB
gnkUMS9WC8+u4/UpyPLS41s+sIAF5qF3iHccR8AOqglhqJda1+kS86iyan0yOTJq
kuF3VVKZPoLZnqGwEu5k/+klUZj+FKZjFTYodoKOUWrVWE/BsQ2h0lcJuXxVAG8Z
/b6QGWPGwttec4J/21XUdzhW4lf8Cm6YUZ8ZPpJehA8AGaqJITupzgle4QmhtUWL
va7VssLM1vQa4KIoZ2BqDg4AD+KxuaQKfccX2MZoBl1Fbmbbp3kkwRW8+/LJp+IX
hlyGAUp8R6a8UR1CSDkxPHJ28e5EL3KzpOrT756hggvKSHh9q9H6FvTCIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH4eSOEIQ1WL9JW19kfAI0l6K5MBMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZmg1STRRaERWWXYwbGJYMlI4QWpTWG9ya3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDs
MA0GCSqGSIb3DQEBCwUAA4IBAQAA7VNybE2t58R7oD1C3leQVemnN5MGaUreNaNM
uMb8B85koE9PpE5UwF7P1g+oS9rjgl32Pvc26BEwBscABph9krtKZhrSHt2K3e/2
rlBW/n4zvQ+XZgDypsYycU1MRrugtpu2jHeqxdDfypOvYAxE7JAgIAoGAxnGwMB5
QaUAucqJpUJJkbJATvoj836hXCViEIE/I6TdKH7z0ixjsfRpsPUjpCmMqg7HiQdL
lL0axpce/tNmh+R8uRGvuZojHwvelD7Yg81NZLBixO+cX5cWq04TDceiJ6EOmHI+
AOB/gTXfcFiCG4fPlGrUdzbxqyM/fkAZALmkad7UE0MHXcM9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org