Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jbNbIpvuy4WnatKVrn5Mr8x7qh8.roa
File: jbNbIpvuy4WnatKVrn5Mr8x7qh8.roa (raw, json)
Hash identifier: xZXQUX32ugYATk6Q6LqbjSLBxTvuOrd4Z30W9gY8EfE=
Subject key identifier: 8D:B3:5B:22:9B:EE:CB:85:A7:6A:D2:95:AE:7E:4C:AF:CC:7B:AA:1F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB88A891E86AB95D865AE697AB473BA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jbNbIpvuy4WnatKVrn5Mr8x7qh8.roa
Signing time: Tue 06 Feb 2024 18:40:16 +0000
ROA not before: Tue 06 Feb 2024 18:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213392
IP address blocks: 2a0f:b241:14d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b8:8a:89:1e:86:ab:95:d8:65:ae:69:7a:b4:73:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8db35b229beecb85a76ad295ae7e4cafcc7baa1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:03:36:93:39:05:28:2d:fe:2e:e5:c8:6a:bf:
36:5a:1b:2e:41:a3:22:c2:1f:5b:74:48:91:79:38:
79:ca:ee:2e:43:7e:9c:1f:ce:53:aa:d2:ae:68:13:
4a:72:b9:f9:fe:af:d5:78:c2:8a:f5:df:42:0d:fd:
b1:c8:8d:46:5c:49:9a:4a:88:12:a2:b3:e5:64:38:
c6:cd:a8:f2:19:bd:69:65:0e:15:c8:e0:93:a6:6b:
94:ce:16:5a:14:80:79:2c:2e:6f:7e:3c:3f:e3:ce:
53:f4:79:9a:a4:02:55:c4:7e:7b:a1:88:f4:73:da:
c7:ad:64:a7:29:ad:0c:49:7a:5a:b8:2d:80:cc:67:
b7:db:98:b5:12:1b:ba:1a:53:4f:de:9c:28:77:93:
1d:03:83:d0:61:b3:ed:ee:5b:67:8f:c7:a7:ae:5c:
94:87:7d:1a:8e:7c:64:ee:ea:44:91:f3:67:4b:79:
36:cd:4e:41:9c:fe:e1:24:c3:62:5f:4a:14:23:af:
07:55:58:5f:f7:6f:d9:e1:88:46:cb:27:8d:0e:71:
30:2f:03:3a:1a:74:a1:35:64:1a:18:af:9a:b7:d5:
4c:ee:9c:68:f2:74:62:88:3c:45:e0:ed:2e:60:c7:
a4:ff:f0:27:80:24:1f:4d:a6:27:98:b6:d0:3f:d3:
20:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B3:5B:22:9B:EE:CB:85:A7:6A:D2:95:AE:7E:4C:AF:CC:7B:AA:1F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jbNbIpvuy4WnatKVrn5Mr8x7qh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:14d::/48
Signature Algorithm: sha256WithRSAEncryption
7d:3f:29:72:47:70:5e:96:bc:76:d3:42:ef:d2:39:bc:5e:01:
b6:d5:86:95:31:83:0b:99:9e:60:01:4b:9a:34:07:96:2b:96:
e0:8f:69:a1:bd:9a:0f:85:ce:13:3b:10:62:fb:44:da:f2:66:
14:57:6e:ca:01:e0:cb:96:c1:3e:6e:ed:5e:00:7f:2d:bd:33:
50:09:89:07:c8:33:70:63:68:61:0f:37:da:64:2a:8c:13:c6:
c9:38:3c:ea:5e:41:2d:35:9b:d0:2e:ce:4a:3b:dd:10:c5:81:
1b:d2:ed:1d:f9:82:e2:8a:94:e0:cd:61:0d:2d:75:36:52:a1:
d9:ff:36:54:eb:28:55:e5:3d:c8:a0:ee:25:7f:de:69:f8:f6:
5c:a5:2b:e4:85:9e:2a:8f:8f:dd:b2:29:24:73:f0:db:1c:03:
d6:23:39:19:3d:5d:30:db:44:fd:f3:54:9f:42:1d:d5:f6:f4:
61:f5:f2:da:2b:17:ae:fc:6d:3c:98:d4:0d:06:21:66:e8:61:
42:25:66:1b:1a:f9:74:e3:54:26:68:b5:19:7b:71:1a:a9:ec:
9a:6e:88:aa:ba:ce:ca:64:fe:22:84:27:e7:fd:78:9c:aa:a7:
4d:21:58:b9:ca:57:72:7a:37:1f:4a:b0:75:c6:e5:c4:2c:2d:
40:c7:b1:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uIqJHoarldhlrml6tHO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGIzNWIyMjliZWVjYjg1YTc2YWQyOTVhZTdlNGNhZmNjN2JhYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgM2kzkFKC3+LuXIar82WhsuQaMi
wh9bdEiReTh5yu4uQ36cH85TqtKuaBNKcrn5/q/VeMKK9d9CDf2xyI1GXEmaSogS
orPlZDjGzajyGb1pZQ4VyOCTpmuUzhZaFIB5LC5vfjw/485T9HmapAJVxH57oYj0
c9rHrWSnKa0MSXpauC2AzGe325i1Ehu6GlNP3pwod5MdA4PQYbPt7ltnj8enrlyU
h30ajnxk7upEkfNnS3k2zU5BnP7hJMNiX0oUI68HVVhf92/Z4YhGyyeNDnEwLwM6
GnShNWQaGK+at9VM7pxo8nRiiDxF4O0uYMek//AngCQfTaYnmLbQP9MgwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI2zWyKb7suFp2rSla5+TK/Me6ofMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvamJOYklwdnV5NFduYXRLVnJuNU1yOHg3cWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFN
MA0GCSqGSIb3DQEBCwUAA4IBAQB9PylyR3Belrx200Lv0jm8XgG21YaVMYMLmZ5g
AUuaNAeWK5bgj2mhvZoPhc4TOxBi+0Ta8mYUV27KAeDLlsE+bu1eAH8tvTNQCYkH
yDNwY2hhDzfaZCqME8bJODzqXkEtNZvQLs5KO90QxYEb0u0d+YLiipTgzWENLXU2
UqHZ/zZU6yhV5T3IoO4lf95p+PZcpSvkhZ4qj4/dsikkc/DbHAPWIzkZPV0w20T9
81SfQh3V9vRh9fLaKxeu/G08mNQNBiFm6GFCJWYbGvl041QmaLUZe3Eaqeyaboiq
us7KZP4ihCfn/XicqqdNIVi5yldyejcfSrB1xuXELC1Ax7Ez
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org