Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/goYK86s92d2PFcvY8N9Q25CRgao.roa
File: goYK86s92d2PFcvY8N9Q25CRgao.roa (raw, json)
Hash identifier: Cs9aNW2QOlLwo11cK4iCTwwsNK+0+4QoJY2Z1Z3nces=
Subject key identifier: 82:86:0A:F3:AB:3D:D9:DD:8F:15:CB:D8:F0:DF:50:DB:90:91:81:AA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA9E9E7B0D137B708D683E740F4EDBD
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/goYK86s92d2PFcvY8N9Q25CRgao.roa
Signing time: Tue 06 Feb 2024 18:24:18 +0000
ROA not before: Tue 06 Feb 2024 18:24:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200907
IP address blocks: 2a0f:b241:d8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a9:e9:e7:b0:d1:37:b7:08:d6:83:e7:40:f4:ed:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:24:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82860af3ab3dd9dd8f15cbd8f0df50db909181aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:43:ee:96:09:dc:85:94:2d:fd:df:06:ed:c9:
e7:d3:8a:df:63:31:0f:d0:b4:b8:ae:27:a5:1b:b0:
95:36:35:3a:0d:49:74:78:ca:35:75:ee:74:fb:7a:
f8:53:17:00:75:58:a5:8a:f4:de:80:a3:e4:f7:83:
ec:c9:33:3d:11:b6:77:77:51:05:12:aa:4d:b6:0c:
a8:75:dc:de:d1:9d:25:c2:5f:d6:02:03:88:a2:62:
13:eb:b5:2f:db:69:35:b9:da:ae:c1:91:9d:29:9b:
5e:df:24:42:5e:2c:42:b1:a8:9f:ed:7f:3d:fe:db:
31:d6:c0:8d:85:6b:f5:51:32:f9:32:cc:c6:6d:6d:
a7:b2:1f:25:7e:7a:d4:c3:ed:35:0a:38:35:d2:69:
eb:c7:00:60:73:19:45:f0:9c:38:d8:71:c5:36:e2:
44:8d:ec:34:a3:70:d8:76:92:a6:45:61:66:05:17:
bf:f2:22:be:32:63:e4:9c:e7:b5:98:51:1f:23:84:
db:f4:8e:75:ec:fe:5a:7b:6c:ca:65:1e:e2:01:64:
33:d8:34:3f:32:02:ff:fe:c7:85:5a:25:f7:71:a0:
a5:81:55:ff:3a:65:83:76:a6:42:34:d9:fe:a5:df:
6a:ad:3a:b8:e0:c3:fd:c3:63:f6:d0:f7:15:79:3d:
46:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:0A:F3:AB:3D:D9:DD:8F:15:CB:D8:F0:DF:50:DB:90:91:81:AA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/goYK86s92d2PFcvY8N9Q25CRgao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:d8::/48
Signature Algorithm: sha256WithRSAEncryption
53:63:d5:33:36:eb:a3:88:be:bc:b4:43:de:6d:c3:09:ce:37:
a0:03:13:2e:66:b7:5e:99:e6:3b:27:47:1c:66:68:27:e5:b6:
93:52:a3:85:f9:df:c9:29:3f:cf:53:93:77:ce:d5:08:61:cc:
93:e1:d8:7f:c3:f5:ec:fa:da:2f:da:ee:6c:44:d4:f9:bd:0c:
93:81:ab:51:1c:1a:4e:fe:c3:86:0e:d8:c9:98:c8:b3:be:4a:
7d:8b:d9:d2:03:b6:ff:0d:f3:3a:60:60:e7:c3:07:b2:aa:17:
fa:c0:f7:59:e3:fb:5f:98:80:9e:6b:d5:4c:74:ca:e6:c6:41:
4d:ba:31:b7:53:ae:b2:9f:56:38:be:de:c7:e8:42:84:b3:a8:
08:01:50:2a:fb:9b:45:7f:37:bb:f4:9b:50:a7:55:88:85:61:
e4:18:e0:6f:32:b1:3c:e3:3c:fd:32:5e:88:3e:d6:9b:db:8a:
86:94:fa:ed:63:10:0f:1c:e0:4f:ba:2b:10:6b:2e:b9:5b:cb:
c5:2b:5d:f0:6a:a0:99:8a:b4:59:45:28:a8:88:59:96:22:6c:
b0:aa:9c:0c:36:f1:a6:c6:e4:17:63:8a:ec:17:ad:83:dc:cf:
ce:c5:73:e7:95:61:dd:42:0b:0a:a6:cc:e4:84:d2:ff:a1:88:
ff:2b:f4:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qennsNE3twjWg+dA9O29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg2MGFmM2FiM2RkOWRkOGYxNWNiZDhmMGRmNTBkYjkwOTE4MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEPulgnchZQt/d8G7cnn04rfYzEP
0LS4rielG7CVNjU6DUl0eMo1de50+3r4UxcAdVilivTegKPk94PsyTM9EbZ3d1EF
EqpNtgyoddze0Z0lwl/WAgOIomIT67Uv22k1udquwZGdKZte3yRCXixCsaif7X89
/tsx1sCNhWv1UTL5MszGbW2nsh8lfnrUw+01Cjg10mnrxwBgcxlF8Jw42HHFNuJE
jew0o3DYdpKmRWFmBRe/8iK+MmPknOe1mFEfI4Tb9I517P5ae2zKZR7iAWQz2DQ/
MgL//seFWiX3caClgVX/OmWDdqZCNNn+pd9qrTq44MP9w2P20PcVeT1GDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIKGCvOrPdndjxXL2PDfUNuQkYGqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZ29ZSzg2czkyZDJQRmN2WThOOVEyNUNSZ2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDY
MA0GCSqGSIb3DQEBCwUAA4IBAQBTY9UzNuujiL68tEPebcMJzjegAxMuZrdemeY7
J0ccZmgn5baTUqOF+d/JKT/PU5N3ztUIYcyT4dh/w/Xs+tov2u5sRNT5vQyTgatR
HBpO/sOGDtjJmMizvkp9i9nSA7b/DfM6YGDnwweyqhf6wPdZ4/tfmICea9VMdMrm
xkFNujG3U66yn1Y4vt7H6EKEs6gIAVAq+5tFfze79JtQp1WIhWHkGOBvMrE84zz9
Ml6IPtab24qGlPrtYxAPHOBPuisQay65W8vFK13waqCZirRZRSioiFmWImywqpwM
NvGmxuQXY4rsF62D3M/OxXPnlWHdQgsKpszkhNL/oYj/K/RB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org