Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iQU0P0aGOkUkgGzFKTq5JwgdQDA.roa
File: iQU0P0aGOkUkgGzFKTq5JwgdQDA.roa (raw, json)
Hash identifier: Q0xs0UQdjr3QONwQaezDs+KZn7l1zcGPQEE8isjvrcs=
Subject key identifier: 89:05:34:3F:46:86:3A:45:24:80:6C:C5:29:3A:B9:27:08:1D:40:30
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09F9CFE30EEA794914275A493F332
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iQU0P0aGOkUkgGzFKTq5JwgdQDA.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209762
IP address blocks: 2a0f:b241:13f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9f:9c:fe:30:ee:a7:94:91:42:75:a4:93:f3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8905343f46863a4524806cc5293ab927081d4030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b8:25:e2:d0:51:c6:d4:73:32:ca:2e:ac:0e:
c2:32:5b:23:dd:97:fc:55:cc:7b:15:3e:9d:b6:cf:
ff:59:df:13:f5:17:f4:1a:33:fd:db:ee:a6:91:6c:
d5:2b:ff:83:32:65:35:e9:3c:0c:22:36:4e:ad:dc:
18:c8:29:b8:33:d1:cb:bc:a7:a2:85:f4:c0:e3:12:
63:65:35:9e:80:dc:d3:a0:0f:9f:dd:10:0b:cc:3e:
d8:1a:76:0f:b5:d0:b2:43:e3:ef:9f:23:3d:ba:51:
ac:14:7d:52:6a:db:c1:c9:df:b3:ea:53:c0:73:cf:
f9:f7:91:d1:c4:51:23:b4:c1:07:86:c9:5f:13:e2:
93:6a:71:d6:51:26:17:c9:ef:93:2f:53:73:45:72:
85:5d:80:3a:72:4a:ff:c1:95:1e:ec:11:8d:53:ec:
d5:7f:1d:f3:e0:60:b6:e7:0f:71:d3:55:eb:f2:dd:
1b:0c:42:2d:8a:02:7b:c9:e9:57:8b:66:fc:ac:b1:
cb:83:8d:a6:88:60:a9:23:d8:3f:1a:9b:55:71:6c:
e1:c1:cf:55:49:ae:36:07:f5:33:5a:98:84:1d:e7:
18:72:08:1b:cd:60:d0:21:bc:84:49:98:e7:d0:96:
e8:75:ce:b9:59:5f:9a:04:90:8e:65:ec:15:75:a7:
f6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:05:34:3F:46:86:3A:45:24:80:6C:C5:29:3A:B9:27:08:1D:40:30
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iQU0P0aGOkUkgGzFKTq5JwgdQDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:13f::/48
Signature Algorithm: sha256WithRSAEncryption
42:57:ac:52:39:f0:82:8e:2c:bd:98:c7:72:aa:de:63:72:17:
60:75:25:6b:66:ee:52:09:4f:d2:e2:0e:70:bd:2c:16:f3:ba:
86:70:99:ef:c0:55:17:13:f6:1d:27:10:b7:49:90:74:79:86:
44:a5:6a:f9:21:dd:36:b8:03:64:1d:82:4c:a4:92:92:20:87:
5d:4d:24:d9:41:7d:91:e3:37:38:a1:3b:d4:57:77:dd:43:d2:
98:67:65:a4:0a:0e:54:7a:11:a3:1a:b5:95:1a:63:b4:b9:d3:
23:2c:76:19:8a:00:07:57:89:05:34:a0:58:8d:ef:39:7b:fe:
55:d6:3b:27:2d:6f:48:25:d6:e5:d2:48:4c:03:f1:a2:52:d1:
ea:18:a5:a1:d1:34:bb:5a:c1:d7:2e:c0:77:67:43:71:92:6d:
aa:f3:13:b9:4b:66:7d:dd:17:7a:2b:86:43:e8:d8:21:26:ab:
a0:53:ba:42:3c:af:21:39:46:db:90:b1:07:14:1d:f4:7a:c2:
3c:75:4c:b7:29:ee:5d:fa:9d:f7:33:eb:e9:21:ce:33:bf:f7:
ae:ca:f4:5d:af:b1:7a:c4:83:8d:ae:3f:b8:16:f3:a0:f5:0f:
be:be:3e:a2:61:e0:6e:bd:22:b6:1f:30:fd:6e:d0:a7:02:92:
4c:75:86:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J+c/jDup5SRQnWkk/MyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA1MzQzZjQ2ODYzYTQ1MjQ4MDZjYzUyOTNhYjkyNzA4MWQ0MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLgl4tBRxtRzMsourA7CMlsj3Zf8
Vcx7FT6dts//Wd8T9Rf0GjP92+6mkWzVK/+DMmU16TwMIjZOrdwYyCm4M9HLvKei
hfTA4xJjZTWegNzToA+f3RALzD7YGnYPtdCyQ+PvnyM9ulGsFH1SatvByd+z6lPA
c8/595HRxFEjtMEHhslfE+KTanHWUSYXye+TL1NzRXKFXYA6ckr/wZUe7BGNU+zV
fx3z4GC25w9x01Xr8t0bDEItigJ7yelXi2b8rLHLg42miGCpI9g/GptVcWzhwc9V
Sa42B/UzWpiEHecYcggbzWDQIbyESZjn0Jbodc65WV+aBJCOZewVdaf22QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIkFND9GhjpFJIBsxSk6uScIHUAwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaVFVMFAwYUdPa1VrZ0d6RktUcTVKd2dkUURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE/
MA0GCSqGSIb3DQEBCwUAA4IBAQBCV6xSOfCCjiy9mMdyqt5jchdgdSVrZu5SCU/S
4g5wvSwW87qGcJnvwFUXE/YdJxC3SZB0eYZEpWr5Id02uANkHYJMpJKSIIddTSTZ
QX2R4zc4oTvUV3fdQ9KYZ2WkCg5UehGjGrWVGmO0udMjLHYZigAHV4kFNKBYje85
e/5V1jsnLW9IJdbl0khMA/GiUtHqGKWh0TS7WsHXLsB3Z0Nxkm2q8xO5S2Z93Rd6
K4ZD6NghJqugU7pCPK8hOUbbkLEHFB30esI8dUy3Ke5d+p33M+vpIc4zv/euyvRd
r7F6xIONrj+4FvOg9Q++vj6iYeBuvSK2HzD9btCnApJMdYa4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org