Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVfnDQXQuZWh3mM0qTRsAvjygjE.roa
File: kVfnDQXQuZWh3mM0qTRsAvjygjE.roa (raw, json)
Hash identifier: tzpOCZGEEYf4zzF3c9KRD4kocnm72OVpPWmKqsII2WM=
Subject key identifier: 91:57:E7:0D:05:D0:B9:95:A1:DE:63:34:A9:34:6C:02:F8:F2:82:31
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D7E34D7AB18A8FB1807C04BA59F8A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVfnDQXQuZWh3mM0qTRsAvjygjE.roa
Signing time: Tue 06 Feb 2024 17:53:15 +0000
ROA not before: Tue 06 Feb 2024 17:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204828
IP address blocks: 2a0f:b241:1f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:7e:34:d7:ab:18:a8:fb:18:07:c0:4b:a5:9f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9157e70d05d0b995a1de6334a9346c02f8f28231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:7b:44:07:65:5b:26:ab:c7:1e:2b:ef:19:
f1:2a:89:b5:71:a8:62:07:69:8a:8b:0c:85:04:ef:
42:cf:8b:a5:8d:22:25:f1:9e:71:68:fc:a3:6a:0d:
a0:50:90:a3:e6:48:e4:92:59:33:ce:60:33:b2:e3:
2a:40:54:83:d0:39:c1:8f:30:eb:40:c4:7e:04:a4:
c1:55:b0:41:50:0a:8e:00:84:e3:3a:4b:c3:7c:45:
fd:df:e0:e3:c8:a1:92:d3:71:b3:53:f2:09:ea:d7:
c3:41:8b:78:e9:d1:ec:13:ab:91:1c:93:54:c6:e5:
d9:18:2c:f9:d3:6a:0b:ec:5b:d1:1a:9c:39:28:3f:
ae:0b:e2:84:ac:ca:90:1d:01:09:02:a6:b4:bc:4c:
a4:bb:db:dc:52:96:66:81:11:34:e1:18:56:bb:2d:
d3:7a:ff:c5:33:65:68:5a:a9:57:dc:28:20:81:85:
8c:82:de:b9:97:d7:e9:9a:6d:a1:4a:38:e5:b3:60:
51:d2:70:4a:49:b3:f8:dd:e9:d3:e4:a0:b9:77:66:
c9:6f:e1:70:f4:b9:fc:75:6d:2e:ea:45:16:6d:9e:
24:6b:b2:dd:8f:b4:42:70:a8:01:c3:2b:e2:b7:a1:
22:0e:c2:23:b3:f8:c6:5f:7c:ac:a3:a2:17:4a:11:
ab:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:57:E7:0D:05:D0:B9:95:A1:DE:63:34:A9:34:6C:02:F8:F2:82:31
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVfnDQXQuZWh3mM0qTRsAvjygjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:1f::/48
Signature Algorithm: sha256WithRSAEncryption
58:19:da:a1:a6:48:fa:b6:4e:e1:95:7d:2d:e6:29:e1:0d:31:
e8:eb:84:df:aa:76:85:06:a3:53:f2:19:f7:3e:f5:de:29:91:
ee:75:bf:f4:7d:7c:81:9b:2f:68:fb:71:88:a4:45:97:f2:35:
3e:88:59:e7:9d:b6:b9:73:d4:71:37:99:45:97:f0:75:d5:c2:
af:e1:0b:62:47:2c:50:69:b1:2e:63:b8:2e:9d:b8:79:bf:19:
76:13:0e:45:62:03:63:55:b8:b1:da:90:20:23:92:9b:f1:80:
78:4b:c5:05:cd:df:6c:a6:ec:b6:43:1f:a3:83:f8:9d:a4:af:
a4:d8:43:b1:c0:50:19:7e:33:c3:b7:af:5b:33:dd:66:41:49:
72:e7:20:b0:aa:fd:1e:bc:6d:fa:9f:74:a7:ec:aa:a9:b9:97:
9c:26:3c:b1:5c:a1:1c:61:f3:56:90:07:93:1c:93:08:c3:0e:
11:7c:47:35:69:60:3d:8a:6c:16:75:62:fd:f3:5f:bf:a3:e2:
2e:09:e2:70:6f:9a:f1:76:59:90:2f:7d:82:12:c8:6c:10:9c:
f4:15:7c:e8:cc:bc:07:a2:1c:20:25:1a:a0:47:db:33:cd:f4:
a0:a9:84:74:fc:91:d9:24:7a:b1:3c:ba:a6:dc:84:0a:87:af:
6b:ed:bc:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jX4016sYqPsYB8BLpZ+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU3ZTcwZDA1ZDBiOTk1YTFkZTYzMzRhOTM0NmMwMmY4ZjI4MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifV7RAdlWyarxx4r7xnxKom1cahi
B2mKiwyFBO9Cz4uljSIl8Z5xaPyjag2gUJCj5kjkklkzzmAzsuMqQFSD0DnBjzDr
QMR+BKTBVbBBUAqOAITjOkvDfEX93+DjyKGS03GzU/IJ6tfDQYt46dHsE6uRHJNU
xuXZGCz502oL7FvRGpw5KD+uC+KErMqQHQEJAqa0vEyku9vcUpZmgRE04RhWuy3T
ev/FM2VoWqlX3CgggYWMgt65l9fpmm2hSjjls2BR0nBKSbP43enT5KC5d2bJb+Fw
9Ln8dW0u6kUWbZ4ka7Ldj7RCcKgBwyvit6EiDsIjs/jGX3yso6IXShGruQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJFX5w0F0LmVod5jNKk0bAL48oIxMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva1ZmbkRRWFF1WldoM21NMHFUUnNBdmp5Z2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAf
MA0GCSqGSIb3DQEBCwUAA4IBAQBYGdqhpkj6tk7hlX0t5inhDTHo64TfqnaFBqNT
8hn3PvXeKZHudb/0fXyBmy9o+3GIpEWX8jU+iFnnnba5c9RxN5lFl/B11cKv4Qti
RyxQabEuY7gunbh5vxl2Ew5FYgNjVbix2pAgI5Kb8YB4S8UFzd9spuy2Qx+jg/id
pK+k2EOxwFAZfjPDt69bM91mQUly5yCwqv0evG36n3Sn7KqpuZecJjyxXKEcYfNW
kAeTHJMIww4RfEc1aWA9imwWdWL981+/o+IuCeJwb5rxdlmQL32CEshsEJz0FXzo
zLwHohwgJRqgR9szzfSgqYR0/JHZJHqxPLqm3IQKh69r7byH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org