Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hhwQAd7Eh4RgnXf0GBIFIsvQKZM.roa
File: hhwQAd7Eh4RgnXf0GBIFIsvQKZM.roa (raw, json)
Hash identifier: DekDysy2mstLmJGmzjXfKA8MOvlBQttXpWksJIiYZO0=
Subject key identifier: 86:1C:10:01:DE:C4:87:84:60:9D:77:F4:18:12:05:22:CB:D0:29:93
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA8F766E444F189E711551834A22E72
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hhwQAd7Eh4RgnXf0GBIFIsvQKZM.roa
Signing time: Tue 06 Feb 2024 18:23:16 +0000
ROA not before: Tue 06 Feb 2024 18:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200226
IP address blocks: 2a0f:b241:9c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:f7:66:e4:44:f1:89:e7:11:55:18:34:a2:2e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=861c1001dec48784609d77f418120522cbd02993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b9:00:fc:69:12:6c:35:5d:1d:be:44:df:22:
89:cf:66:57:1a:59:23:6e:3a:06:8c:88:51:4b:9f:
41:6f:fc:70:cd:14:48:23:d8:f1:6c:c6:06:68:d7:
01:a5:1b:94:d7:13:30:15:7a:be:a4:f7:50:e2:d3:
33:35:6f:83:9a:e3:d7:0c:e6:0f:96:50:b0:26:ea:
60:52:fb:c5:79:d7:91:50:fa:aa:3d:48:77:f6:9a:
c3:fa:7f:bc:4b:e5:3c:61:d8:86:48:3c:e6:9c:83:
c1:6d:5b:5e:92:a3:1f:78:cd:f1:83:92:98:9b:a9:
5b:d8:a6:9e:e8:db:99:d1:70:5d:b6:a4:98:5d:7b:
9a:f7:6f:2e:db:5c:27:3a:25:cf:c0:9d:5c:7b:57:
3c:ff:34:56:11:cf:95:9c:05:51:49:5f:35:5c:3c:
6d:60:1a:cf:e8:55:2a:7f:ee:49:6b:d3:48:92:e1:
e3:00:9a:f7:50:8c:a0:6e:17:50:e4:c2:84:53:90:
de:9e:ad:1c:95:8f:44:4e:2c:a0:91:1f:7e:4b:dc:
8f:03:19:8b:ee:c4:36:b3:ff:a0:f2:df:ab:4b:67:
03:e6:f9:7e:04:d4:82:30:65:da:e0:38:a4:04:7f:
1d:d3:87:61:54:5c:3e:14:ad:c8:79:9f:33:0d:cc:
0e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1C:10:01:DE:C4:87:84:60:9D:77:F4:18:12:05:22:CB:D0:29:93
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hhwQAd7Eh4RgnXf0GBIFIsvQKZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:9c::/48
Signature Algorithm: sha256WithRSAEncryption
72:14:93:ac:86:cf:f1:79:06:df:2b:b6:96:4f:4e:af:9d:62:
9d:43:2a:10:0d:ce:69:fa:9d:84:b5:98:80:43:96:a3:b7:49:
63:d5:ee:f4:d5:ad:c6:78:62:15:29:2d:24:9e:bd:41:27:bc:
48:4e:50:60:cc:8d:b6:c7:4a:21:fe:1d:86:8d:27:78:00:e0:
fa:99:05:ae:f7:54:9a:ca:73:0f:38:57:00:8b:b4:e4:4f:af:
92:bc:db:03:6f:7c:85:69:e2:15:a4:2c:89:e5:9b:38:0e:c9:
e7:24:a0:11:e1:6f:5a:ab:7b:6e:85:e9:ef:61:aa:2a:fd:43:
4b:c2:11:2a:89:9c:96:1e:6b:46:12:63:f8:b3:5d:1c:e9:8e:
29:c1:16:bf:6b:7c:86:46:10:66:2f:92:f3:ee:c7:b3:da:57:
7f:24:f9:98:53:a9:98:cc:db:76:2d:b1:ef:f5:bb:90:47:ee:
a1:b6:37:76:2d:06:ae:35:74:c8:b5:dc:ca:7c:c5:c9:7e:88:
6f:99:17:6d:f4:ab:8a:54:72:39:e4:4c:36:08:35:23:6b:e7:
b7:d9:79:2a:2c:72:70:76:59:e8:e7:c0:cd:45:01:a8:c4:3e:
04:83:59:f7:50:03:e6:04:cd:4c:e6:36:bb:2b:ae:66:4a:02:
fd:7b:0a:3c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qPdm5ETxiecRVRg0oi5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFjMTAwMWRlYzQ4Nzg0NjA5ZDc3ZjQxODEyMDUyMmNiZDAyOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7kA/GkSbDVdHb5E3yKJz2ZXGlkj
bjoGjIhRS59Bb/xwzRRII9jxbMYGaNcBpRuU1xMwFXq+pPdQ4tMzNW+DmuPXDOYP
llCwJupgUvvFedeRUPqqPUh39prD+n+8S+U8YdiGSDzmnIPBbVtekqMfeM3xg5KY
m6lb2Kae6NuZ0XBdtqSYXXua928u21wnOiXPwJ1ce1c8/zRWEc+VnAVRSV81XDxt
YBrP6FUqf+5Ja9NIkuHjAJr3UIygbhdQ5MKEU5Denq0clY9ETiygkR9+S9yPAxmL
7sQ2s/+g8t+rS2cD5vl+BNSCMGXa4DikBH8d04dhVFw+FK3IeZ8zDcwOGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIYcEAHexIeEYJ139BgSBSLL0CmTMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaGh3UUFkN0VoNFJnblhmMEdCSUZJc3ZRS1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCc
MA0GCSqGSIb3DQEBCwUAA4IBAQByFJOshs/xeQbfK7aWT06vnWKdQyoQDc5p+p2E
tZiAQ5ajt0lj1e701a3GeGIVKS0knr1BJ7xITlBgzI22x0oh/h2GjSd4AOD6mQWu
91SaynMPOFcAi7TkT6+SvNsDb3yFaeIVpCyJ5Zs4DsnnJKAR4W9aq3tuhenvYaoq
/UNLwhEqiZyWHmtGEmP4s10c6Y4pwRa/a3yGRhBmL5Lz7sez2ld/JPmYU6mYzNt2
LbHv9buQR+6htjd2LQauNXTItdzKfMXJfohvmRdt9KuKVHI55Ew2CDUja+e32Xkq
LHJwdlno58DNRQGoxD4Eg1n3UAPmBM1M5ja7K65mSgL9ewo8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org