Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kQETmo0cvZDIZ5oVQhU9a0EK59s.roa
File: kQETmo0cvZDIZ5oVQhU9a0EK59s.roa (raw, json)
Hash identifier: syQOB40IjCaH4QjurDeHFvq5T+AgWo2wYY1c8zy0Zzo=
Subject key identifier: 91:01:13:9A:8D:1C:BD:90:C8:67:9A:15:42:15:3D:6B:41:0A:E7:DB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F08FE4B3C4207ABEFA07592954A87F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kQETmo0cvZDIZ5oVQhU9a0EK59s.roa
Signing time: Wed 07 Feb 2024 05:00:42 +0000
ROA not before: Wed 07 Feb 2024 05:00:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204660
IP address blocks: 2a0f:b241:138::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:8f:e4:b3:c4:20:7a:be:fa:07:59:29:54:a8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9101139a8d1cbd90c8679a1542153d6b410ae7db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:80:e0:fb:02:a8:f6:54:9f:da:51:06:f4:d6:
27:de:0e:9e:f6:6e:5e:53:d2:9a:1f:a7:b1:89:0f:
b0:4f:59:8b:80:04:6f:de:57:8a:60:67:39:3a:23:
4f:3f:a2:f5:4c:01:43:8f:86:79:66:7d:ae:3c:22:
21:52:ee:e7:67:d4:a0:7b:69:71:95:44:49:ac:f3:
de:d3:7b:d3:06:e1:a9:65:ca:b7:e3:b1:0e:16:82:
df:16:cc:3a:52:31:16:25:04:ee:d7:b0:c5:76:3d:
dd:79:69:0c:da:48:65:2e:60:6a:72:45:6b:23:da:
27:b0:6e:89:c7:85:a9:5f:b0:da:4a:0d:3b:b6:cd:
c6:fe:5a:27:95:6f:e2:cd:ff:97:8d:38:fb:14:bc:
f6:65:04:d4:f8:d1:a0:82:5f:c8:1f:de:71:70:f4:
04:59:23:9a:39:ba:69:0c:67:1a:95:f2:85:1d:c9:
c9:bf:67:14:9a:2e:ba:5c:93:6e:0a:3b:13:6d:7b:
53:71:e2:4e:b7:3a:83:99:70:8c:14:b5:9a:54:c4:
33:b8:fe:af:79:4c:07:53:30:e6:2f:4f:11:d9:8e:
e4:dc:c7:66:93:66:5d:7c:2e:a4:c7:c0:04:49:94:
d5:c9:b7:a2:46:d2:8e:18:90:9d:62:47:d5:00:67:
c4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:01:13:9A:8D:1C:BD:90:C8:67:9A:15:42:15:3D:6B:41:0A:E7:DB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kQETmo0cvZDIZ5oVQhU9a0EK59s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:138::/48
Signature Algorithm: sha256WithRSAEncryption
65:0e:ff:7b:a5:bb:88:fb:22:aa:95:a9:b6:52:7e:52:63:a1:
3c:c8:51:03:06:22:19:f0:41:e8:7f:11:44:00:5e:86:19:b9:
f1:f7:22:49:ce:87:22:fb:92:49:80:52:5d:29:d6:1e:42:69:
87:aa:16:70:07:cc:45:a3:97:39:c5:06:26:e9:65:4f:62:a7:
fa:e8:d7:94:16:87:40:ba:47:c5:0a:55:3b:89:2b:29:00:92:
3b:bf:86:d6:a6:27:54:5b:1d:db:0c:53:f8:c9:63:6c:29:d5:
f3:e2:99:44:0f:ea:96:56:0f:d2:d9:46:bc:39:9a:75:da:af:
94:d7:48:0b:d9:1e:89:95:e4:0f:f9:91:3a:d5:a6:94:93:f9:
f1:82:dc:bc:fe:d4:31:d8:90:96:d6:b2:a9:ce:4f:b4:c1:b4:
72:20:f2:93:5b:b2:de:84:d4:d6:84:1e:04:d5:ae:c8:d2:f6:
12:94:cd:45:5d:f4:a3:1e:4b:23:9a:af:3c:30:ce:0d:60:fc:
cc:ca:41:6c:3f:e6:10:d3:43:ef:2b:c7:b7:0d:c8:ec:ce:b5:
d3:fb:87:d6:2f:b7:53:e0:1d:28:90:d9:20:db:e8:e2:c4:12:
5b:59:88:35:53:e1:e8:49:b9:12:7e:b9:68:4a:65:6a:34:82:
44:ed:79:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8I/ks8Qger76B1kpVKh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTAxMTM5YThkMWNiZDkwYzg2NzlhMTU0MjE1M2Q2YjQxMGFlN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoDg+wKo9lSf2lEG9NYn3g6e9m5e
U9KaH6exiQ+wT1mLgARv3leKYGc5OiNPP6L1TAFDj4Z5Zn2uPCIhUu7nZ9Sge2lx
lURJrPPe03vTBuGpZcq347EOFoLfFsw6UjEWJQTu17DFdj3deWkM2khlLmBqckVr
I9onsG6Jx4WpX7DaSg07ts3G/lonlW/izf+XjTj7FLz2ZQTU+NGggl/IH95xcPQE
WSOaObppDGcalfKFHcnJv2cUmi66XJNuCjsTbXtTceJOtzqDmXCMFLWaVMQzuP6v
eUwHUzDmL08R2Y7k3Mdmk2ZdfC6kx8AESZTVybeiRtKOGJCdYkfVAGfEFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJEBE5qNHL2QyGeaFUIVPWtBCufbMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva1FFVG1vMGN2WkRJWjVvVlFoVTlhMEVLNTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE4
MA0GCSqGSIb3DQEBCwUAA4IBAQBlDv97pbuI+yKqlam2Un5SY6E8yFEDBiIZ8EHo
fxFEAF6GGbnx9yJJzoci+5JJgFJdKdYeQmmHqhZwB8xFo5c5xQYm6WVPYqf66NeU
FodAukfFClU7iSspAJI7v4bWpidUWx3bDFP4yWNsKdXz4plED+qWVg/S2Ua8OZp1
2q+U10gL2R6JleQP+ZE61aaUk/nxgty8/tQx2JCW1rKpzk+0wbRyIPKTW7LehNTW
hB4E1a7I0vYSlM1FXfSjHksjmq88MM4NYPzMykFsP+YQ00PvK8e3DcjszrXT+4fW
L7dT4B0okNkg2+jixBJbWYg1U+HoSbkSfrloSmVqNIJE7Xmx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org