Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kXnu147r052u9pCtKki7zxtZmug.roa
File: kXnu147r052u9pCtKki7zxtZmug.roa (raw, json)
Hash identifier: m757sfCGrqeROMk3pHwpXMqB3M5byRgKx9Rc3rENgGc=
Subject key identifier: 91:79:EE:D7:8E:EB:D3:9D:AE:F6:90:AD:2A:48:BB:CF:1B:59:9A:E8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F948F66BEC054F3A89BF44A70E92018
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kXnu147r052u9pCtKki7zxtZmug.roa
Signing time: Tue 06 Feb 2024 18:00:58 +0000
ROA not before: Tue 06 Feb 2024 18:00:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197820
IP address blocks: 2a0f:b241:32::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:94:8f:66:be:c0:54:f3:a8:9b:f4:4a:70:e9:20:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:00:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9179eed78eebd39daef690ad2a48bbcf1b599ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:ca:1b:b1:d8:bb:0b:60:51:d3:0b:f4:7f:
2d:f8:8c:bc:7d:57:3d:32:27:3a:e8:2f:ac:f5:e6:
0d:be:30:9e:c3:e1:29:88:a6:9d:f8:17:31:77:b4:
2f:ed:eb:d4:3e:29:7e:83:f7:2a:d7:9d:81:a8:f4:
79:bb:74:05:d9:15:da:61:0f:03:20:c9:49:cc:d7:
6b:7d:4a:67:c7:24:71:e8:d7:43:36:8a:c9:2d:a9:
a6:0a:72:29:d0:72:f2:b2:44:44:a2:31:10:c2:cf:
ba:24:c7:3e:cf:76:f5:d7:d2:a1:55:4d:7f:84:49:
ad:ae:c1:d2:42:aa:da:d4:7d:0b:bf:a4:1c:8f:58:
34:38:24:cb:16:87:58:db:34:8a:fb:95:30:f8:fc:
7e:53:e4:d5:ce:7d:54:56:7c:1a:b8:14:54:3d:c7:
3e:c7:32:9d:6f:c0:77:14:de:0a:2a:5e:5f:aa:98:
83:44:de:46:c6:6f:59:ad:36:8e:1c:c4:81:58:61:
88:4d:bf:6e:b8:6e:76:c1:8b:e7:d8:e4:f7:3b:a0:
7e:49:62:5f:04:81:5b:ca:b0:a6:e5:0e:38:5d:cc:
b1:f9:c0:b0:2f:51:f0:8d:02:9c:16:4d:15:06:5c:
d7:94:eb:f4:0d:72:84:8f:8e:96:26:57:5f:0c:ae:
d0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:79:EE:D7:8E:EB:D3:9D:AE:F6:90:AD:2A:48:BB:CF:1B:59:9A:E8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kXnu147r052u9pCtKki7zxtZmug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:32::/48
Signature Algorithm: sha256WithRSAEncryption
61:06:ec:90:58:0e:d5:cc:07:17:da:b4:a0:8e:70:d8:a3:da:
d6:44:98:e1:c8:49:47:05:66:2e:7d:a1:84:d2:c0:0b:39:dc:
90:4b:06:48:11:d3:2d:01:dd:0f:e0:ba:84:1e:84:19:35:b2:
f1:99:04:71:28:c4:ed:fc:09:ec:00:00:a7:c8:85:b5:7b:76:
ef:cf:b8:a1:b9:e0:0f:c9:d6:7d:61:1c:6d:8e:57:26:84:34:
60:af:c4:fd:fd:57:91:0c:35:a5:a7:06:b9:5f:ec:a3:b4:5e:
45:ee:98:2d:8c:7b:43:ce:6a:47:c9:d6:c5:f8:bd:16:35:b6:
a8:d9:e2:a6:e7:5f:47:ea:3b:06:c9:23:9c:0e:02:0d:8b:55:
9f:39:3d:25:8c:f3:e9:5c:1e:61:55:5a:44:9a:fd:27:96:6f:
fe:b0:48:26:9c:32:bf:6c:39:e0:e3:cd:98:c2:30:09:0e:79:
8d:46:d6:14:ec:0f:f1:a2:38:6b:30:e2:5a:90:a7:6a:67:fd:
cd:3a:42:76:f1:a6:be:a6:f2:e4:c1:7a:d9:20:a1:5f:dc:9a:
73:46:5c:c5:6e:20:13:fa:dd:9c:98:8e:cf:47:03:64:94:29:
b4:2b:41:60:62:a0:60:42:7a:8f:db:5a:78:d2:8a:1b:aa:46:
66:14:b9:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lI9mvsBU86ib9Epw6SAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc5ZWVkNzhlZWJkMzlkYWVmNjkwYWQyYTQ4YmJjZjFiNTk5YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRnKG7HYuwtgUdML9H8t+Iy8fVc9
Mic66C+s9eYNvjCew+EpiKad+Bcxd7Qv7evUPil+g/cq152BqPR5u3QF2RXaYQ8D
IMlJzNdrfUpnxyRx6NdDNorJLammCnIp0HLyskREojEQws+6JMc+z3b119KhVU1/
hEmtrsHSQqra1H0Lv6Qcj1g0OCTLFodY2zSK+5Uw+Px+U+TVzn1UVnwauBRUPcc+
xzKdb8B3FN4KKl5fqpiDRN5Gxm9ZrTaOHMSBWGGITb9uuG52wYvn2OT3O6B+SWJf
BIFbyrCm5Q44Xcyx+cCwL1HwjQKcFk0VBlzXlOv0DXKEj46WJldfDK7QcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJF57teO69OdrvaQrSpIu88bWZroMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva1hudTE0N3IwNTJ1OXBDdEtraTd6eHRabXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAy
MA0GCSqGSIb3DQEBCwUAA4IBAQBhBuyQWA7VzAcX2rSgjnDYo9rWRJjhyElHBWYu
faGE0sALOdyQSwZIEdMtAd0P4LqEHoQZNbLxmQRxKMTt/AnsAACnyIW1e3bvz7ih
ueAPydZ9YRxtjlcmhDRgr8T9/VeRDDWlpwa5X+yjtF5F7pgtjHtDzmpHydbF+L0W
Nbao2eKm519H6jsGySOcDgINi1WfOT0ljPPpXB5hVVpEmv0nlm/+sEgmnDK/bDng
482YwjAJDnmNRtYU7A/xojhrMOJakKdqZ/3NOkJ28aa+pvLkwXrZIKFf3JpzRlzF
biAT+t2cmI7PRwNklCm0K0FgYqBgQnqP21p40oobqkZmFLkk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org