Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gjePTg3mILwabGwLv9pjF0pt6JI.roa
File: gjePTg3mILwabGwLv9pjF0pt6JI.roa (raw, json)
Hash identifier: 2P+BRwXkbuZ6bg/W+6npzrla2rz14WdDd+LvgDJwpsY=
Subject key identifier: 82:37:8F:4E:0D:E6:20:BC:1A:6C:6C:0B:BF:DA:63:17:4A:6D:E8:92
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAACCF43E79C39B626D8A01BFFA110B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gjePTg3mILwabGwLv9pjF0pt6JI.roa
Signing time: Tue 06 Feb 2024 18:25:16 +0000
ROA not before: Tue 06 Feb 2024 18:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200975
IP address blocks: 2a0f:b241:db::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:cc:f4:3e:79:c3:9b:62:6d:8a:01:bf:fa:11:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82378f4e0de620bc1a6c6c0bbfda63174a6de892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:92:e3:28:99:aa:e3:9f:10:9d:b9:a9:a7:09:
12:c7:ef:83:46:2f:ae:dc:2e:b0:c7:a0:92:0c:f6:
ee:e7:c7:5e:ae:7b:18:5c:58:ee:0c:4f:11:66:74:
7c:7c:9f:16:23:6e:23:fd:99:29:62:c7:71:5b:1e:
78:33:2f:ba:4c:56:a0:56:bf:c4:25:69:c0:be:f0:
b9:b4:a0:23:36:40:3b:d8:b3:46:e3:8a:6b:13:b1:
44:3a:65:6f:17:8c:ef:88:68:11:78:6e:86:32:cd:
1e:ca:32:cd:68:2d:42:2c:97:89:cb:57:84:ee:51:
73:62:f1:a9:0e:fc:37:09:8b:26:22:fe:6c:59:c8:
0d:54:c6:ef:00:54:e4:d2:d9:48:f0:fb:8b:af:ae:
31:b1:ef:78:07:b1:19:60:9f:85:4b:5b:02:b0:1d:
00:eb:ab:cb:37:2e:7c:f8:6a:05:08:e7:73:2a:ec:
11:de:67:8a:ad:aa:c7:31:e8:b7:68:b8:2a:10:2b:
af:a4:69:80:d4:fe:cc:f1:7a:5d:63:f2:21:d0:69:
7b:b8:5b:b7:c2:cf:fe:99:f4:fe:f9:4c:cb:56:bc:
0d:c5:76:60:bf:e7:9e:ef:ea:d6:8c:89:55:cf:79:
49:59:ce:3c:20:74:ca:ca:ec:7b:e5:0e:bd:22:52:
1e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:37:8F:4E:0D:E6:20:BC:1A:6C:6C:0B:BF:DA:63:17:4A:6D:E8:92
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gjePTg3mILwabGwLv9pjF0pt6JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:db::/48
Signature Algorithm: sha256WithRSAEncryption
86:d4:6b:83:88:cf:bc:61:b3:3f:b0:04:19:99:4d:4c:25:68:
83:0e:82:98:59:a8:ff:37:52:9c:dd:d0:d4:95:e8:20:9f:af:
ac:86:93:47:c0:96:d2:50:28:20:13:fd:1b:69:99:96:d0:42:
09:66:f1:aa:da:1c:02:13:17:0c:ff:dd:c8:76:23:1f:00:72:
e8:1e:14:1f:97:43:27:28:3c:65:f6:22:03:cb:20:d8:ac:1c:
87:63:6f:d8:f9:2b:50:bb:30:ca:53:e8:1a:e8:a0:03:ae:dd:
3a:4c:61:8c:14:91:76:4b:a2:e8:3c:7d:24:cf:11:d0:1f:01:
8a:09:b4:0d:ef:93:2c:12:eb:c1:ca:7d:75:b8:b3:ac:4c:9e:
87:cc:af:7c:fe:52:7b:5c:b8:54:44:f9:93:38:80:f4:ec:42:
b9:bf:66:6c:3c:3c:26:56:39:15:ec:43:0b:f6:90:b0:c0:4c:
81:03:74:3e:79:1f:81:4f:bf:a7:49:75:2a:de:52:b4:bc:20:
bf:ad:5d:c5:67:e6:0b:18:35:cb:1f:8b:27:2d:7d:71:e5:38:
3d:a3:86:35:92:5b:fe:0d:40:59:c8:dd:40:f3:91:d4:37:a8:
d8:87:eb:fa:e3:7e:7e:16:58:81:27:f4:c7:d6:49:4f:40:09:
0d:92:00:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qsz0PnnDm2JtigG/+hELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM3OGY0ZTBkZTYyMGJjMWE2YzZjMGJiZmRhNjMxNzRhNmRlODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZLjKJmq458QnbmppwkSx++DRi+u
3C6wx6CSDPbu58dernsYXFjuDE8RZnR8fJ8WI24j/ZkpYsdxWx54My+6TFagVr/E
JWnAvvC5tKAjNkA72LNG44prE7FEOmVvF4zviGgReG6GMs0eyjLNaC1CLJeJy1eE
7lFzYvGpDvw3CYsmIv5sWcgNVMbvAFTk0tlI8PuLr64xse94B7EZYJ+FS1sCsB0A
66vLNy58+GoFCOdzKuwR3meKrarHMei3aLgqECuvpGmA1P7M8XpdY/Ih0Gl7uFu3
ws/+mfT++UzLVrwNxXZgv+ee7+rWjIlVz3lJWc48IHTKyux75Q69IlIeFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFII3j04N5iC8GmxsC7/aYxdKbeiSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZ2plUFRnM21JTHdhYkd3THY5cGpGMHB0NkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDb
MA0GCSqGSIb3DQEBCwUAA4IBAQCG1GuDiM+8YbM/sAQZmU1MJWiDDoKYWaj/N1Kc
3dDUleggn6+shpNHwJbSUCggE/0baZmW0EIJZvGq2hwCExcM/93IdiMfAHLoHhQf
l0MnKDxl9iIDyyDYrByHY2/Y+StQuzDKU+ga6KADrt06TGGMFJF2S6LoPH0kzxHQ
HwGKCbQN75MsEuvByn11uLOsTJ6HzK98/lJ7XLhURPmTOID07EK5v2ZsPDwmVjkV
7EML9pCwwEyBA3Q+eR+BT7+nSXUq3lK0vCC/rV3FZ+YLGDXLH4snLX1x5Tg9o4Y1
klv+DUBZyN1A85HUN6jYh+v6435+FliBJ/TH1klPQAkNkgD5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org