Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hrmQLCo7Prhj19zVhwQeBySNh0k.roa
File: hrmQLCo7Prhj19zVhwQeBySNh0k.roa (raw, json)
Hash identifier: 5htnNT2kMlgmZXBxn3j89cgX/H2/4hf1UZOcf1RPbIE=
Subject key identifier: 86:B9:90:2C:2A:3B:3E:B8:63:D7:DC:D5:87:04:1E:07:24:8D:87:49
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96ACD7023E686881E53BC0CD3963CA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hrmQLCo7Prhj19zVhwQeBySNh0k.roa
Signing time: Tue 06 Feb 2024 18:03:17 +0000
ROA not before: Tue 06 Feb 2024 18:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215899
IP address blocks: 2a0f:b241:58::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:ac:d7:02:3e:68:68:81:e5:3b:c0:cd:39:63:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86b9902c2a3b3eb863d7dcd587041e07248d8749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:43:37:a8:85:c7:35:5b:b5:39:da:b6:c5:82:
5b:8e:16:0c:1c:2b:62:3e:80:af:e1:2b:86:70:83:
ee:a8:46:31:89:ce:5d:f5:0b:ec:a3:05:d6:69:75:
ea:e8:b5:54:f4:e9:50:2a:ad:c8:57:83:5a:61:6f:
ca:65:aa:99:02:6a:6f:9c:f6:0c:5e:2c:d7:df:4d:
6c:c3:eb:6a:45:dd:0e:0a:07:52:d3:70:91:a0:9d:
8f:a4:80:2d:79:7c:13:4d:ad:96:96:33:fd:26:e7:
93:e5:b4:07:7f:0f:19:b0:52:53:fc:c7:e4:e7:9e:
1e:83:54:8d:94:53:18:a0:73:af:d6:48:a4:59:05:
2a:5a:b8:85:a9:0c:f5:af:d5:2f:47:5f:a5:8c:c6:
88:d1:17:9f:d8:e2:e8:e9:f2:0a:96:e0:2a:13:57:
b4:45:f3:23:33:f9:20:7f:4d:00:8b:5e:53:6d:3d:
51:41:61:05:ad:e5:8f:41:eb:61:5a:a6:d3:47:b9:
05:38:e6:67:a5:2b:40:c3:67:31:ca:b6:17:d4:6a:
05:ef:cf:b2:ce:5c:b7:4c:78:92:b6:d7:c2:e6:3b:
93:49:7d:4f:70:9b:9f:29:7f:c3:60:f1:d5:30:35:
5c:e7:7b:6e:46:41:21:ce:5e:4f:af:6c:64:af:52:
30:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:90:2C:2A:3B:3E:B8:63:D7:DC:D5:87:04:1E:07:24:8D:87:49
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hrmQLCo7Prhj19zVhwQeBySNh0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:58::/48
Signature Algorithm: sha256WithRSAEncryption
84:0f:c5:36:18:df:8a:50:47:55:44:40:22:f0:77:0b:c6:4b:
38:a4:25:e7:c1:b1:9c:0d:0d:07:88:2b:60:f8:c3:78:97:a5:
a6:05:2c:b3:0e:d9:c2:6f:19:8f:75:1e:34:34:cf:9b:a5:9d:
57:29:c6:27:16:7d:23:48:8c:fa:73:4e:4e:e5:c9:7d:b0:7e:
c9:40:5a:cf:80:c8:4b:67:3b:e9:7a:b0:05:5d:2c:03:b9:13:
77:67:8a:fe:6c:3a:fc:79:4b:61:30:92:aa:09:98:9a:c8:d0:
78:e9:e3:ee:78:eb:2b:2f:43:c5:e0:65:35:f1:3c:e5:cf:5d:
41:fd:9c:37:ae:79:72:f1:18:e3:a5:af:a2:5b:7d:1a:91:d4:
b8:2a:d9:0d:9b:2f:e5:a1:e5:38:cc:61:bc:1d:58:68:23:72:
f5:74:b7:69:56:be:ca:0e:39:b9:f4:d9:71:9c:cf:c7:20:57:
35:7f:eb:8d:53:9b:9d:a0:43:7d:2c:05:68:68:bc:1b:08:8c:
3e:60:e1:17:91:9c:e0:fb:eb:0e:36:71:43:94:91:4a:35:84:
03:61:cf:2a:7b:1c:d4:47:2a:be:fb:15:42:b6:ad:f8:cd:2a:
bb:36:8f:ee:2b:51:76:a0:b1:fe:38:f6:6c:05:27:52:9b:ad:
b1:e4:3a:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqzXAj5oaIHlO8DNOWPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI5OTAyYzJhM2IzZWI4NjNkN2RjZDU4NzA0MWUwNzI0OGQ4NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0M3qIXHNVu1Odq2xYJbjhYMHCti
PoCv4SuGcIPuqEYxic5d9QvsowXWaXXq6LVU9OlQKq3IV4NaYW/KZaqZAmpvnPYM
XizX301sw+tqRd0OCgdS03CRoJ2PpIAteXwTTa2WljP9JueT5bQHfw8ZsFJT/Mfk
554eg1SNlFMYoHOv1kikWQUqWriFqQz1r9UvR1+ljMaI0Ref2OLo6fIKluAqE1e0
RfMjM/kgf00Ai15TbT1RQWEFreWPQethWqbTR7kFOOZnpStAw2cxyrYX1GoF78+y
zly3THiSttfC5juTSX1PcJufKX/DYPHVMDVc53tuRkEhzl5Pr2xkr1Iw0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIa5kCwqOz64Y9fc1YcEHgckjYdJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaHJtUUxDbzdQcmhqMTl6Vmh3UWVCeVNOaDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBY
MA0GCSqGSIb3DQEBCwUAA4IBAQCED8U2GN+KUEdVREAi8HcLxks4pCXnwbGcDQ0H
iCtg+MN4l6WmBSyzDtnCbxmPdR40NM+bpZ1XKcYnFn0jSIz6c05O5cl9sH7JQFrP
gMhLZzvperAFXSwDuRN3Z4r+bDr8eUthMJKqCZiayNB46ePueOsrL0PF4GU18Tzl
z11B/Zw3rnly8Rjjpa+iW30akdS4KtkNmy/loeU4zGG8HVhoI3L1dLdpVr7KDjm5
9NlxnM/HIFc1f+uNU5udoEN9LAVoaLwbCIw+YOEXkZzg++sONnFDlJFKNYQDYc8q
exzURyq++xVCtq34zSq7No/uK1F2oLH+OPZsBSdSm62x5DrQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org