Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/l7vRfsKSeCfM9Es3zWfe_nQeUIA.roa
File: l7vRfsKSeCfM9Es3zWfe_nQeUIA.roa (raw, json)
Hash identifier: IrQq8VkN5i3aLsbXbEi76DMfdgzV625kday5xWWlOrE=
Subject key identifier: 97:BB:D1:7E:C2:92:78:27:CC:F4:4B:37:CD:67:DE:FE:74:1E:50:80
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8C93BDEC15B33D4C008AC15903EF31
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/l7vRfsKSeCfM9Es3zWfe_nQeUIA.roa
Signing time: Tue 06 Feb 2024 17:52:15 +0000
ROA not before: Tue 06 Feb 2024 17:52:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200965
IP address blocks: 2a0f:b241:1a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8c:93:bd:ec:15:b3:3d:4c:00:8a:c1:59:03:ef:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:52:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97bbd17ec2927827ccf44b37cd67defe741e5080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:30:c2:26:96:92:6a:b0:95:a3:b5:40:54:
a0:14:5b:c0:d6:7f:c0:cc:08:45:07:cf:89:c6:14:
23:f2:16:86:39:c0:fd:4a:b3:f3:ee:e4:8b:9c:ef:
24:a5:07:5c:31:d6:f8:92:2b:54:5d:d5:db:67:9b:
cf:eb:e3:54:36:e1:0f:ae:52:d3:69:bc:6c:51:ac:
5c:cf:9e:a8:fc:65:1a:81:7f:f2:cf:d4:76:d1:a7:
86:21:c8:93:bd:50:5a:d6:fe:a8:fc:25:5d:6c:83:
80:8b:1c:2c:3d:ca:9c:96:cd:3e:3c:17:47:fd:47:
07:6c:0b:0e:30:bc:64:95:02:2d:19:22:92:58:f7:
44:e5:97:f7:14:48:bc:3e:42:47:a9:8d:56:91:ca:
ea:e3:fd:93:17:14:2b:d6:47:40:95:5b:63:ea:90:
d9:65:f4:fd:13:03:b6:7c:c5:21:91:51:34:f7:b8:
c2:f8:41:13:bb:21:e1:8b:63:f3:f3:e4:84:10:d9:
dc:51:c0:bc:b2:58:64:cd:5c:dc:7d:e0:57:a8:9f:
57:a8:1f:79:fc:79:b7:20:dd:1f:bb:14:5d:77:ed:
69:db:5a:90:cb:f6:d5:d3:73:16:73:0b:62:0f:85:
c9:ba:fa:5b:b1:d4:3a:d2:67:c0:1f:55:91:fe:f5:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BB:D1:7E:C2:92:78:27:CC:F4:4B:37:CD:67:DE:FE:74:1E:50:80
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/l7vRfsKSeCfM9Es3zWfe_nQeUIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:1a::/48
Signature Algorithm: sha256WithRSAEncryption
33:ea:43:1a:18:2e:0e:89:42:5b:56:50:8f:d7:65:b5:ac:d8:
e2:44:b6:18:67:f3:52:aa:8b:24:59:40:0b:24:12:14:fd:3d:
11:d7:05:47:e9:07:16:19:96:31:6d:1d:8c:db:b0:4d:f8:be:
3a:75:6e:bd:83:92:0a:e0:28:a0:4f:8b:16:38:b8:48:61:43:
12:6f:64:67:7c:1e:d3:dd:2f:6c:78:c3:4b:c3:0d:5d:a6:d0:
9c:6a:03:1c:17:06:29:ee:b8:79:d0:74:33:58:c5:58:68:e1:
17:96:1b:d7:1e:62:90:a5:18:fb:39:ec:16:1f:95:c6:0a:1b:
cb:6b:b6:57:35:2c:6b:af:d8:7c:73:e0:b9:fc:85:97:e1:06:
bf:92:77:98:ae:e4:70:71:ef:c9:2b:21:9d:b1:98:d8:46:33:
2d:0e:cf:64:36:25:cb:57:7e:f5:52:75:80:44:59:9c:0b:6d:
21:65:c9:27:b4:23:9f:70:1b:47:be:2a:d9:d4:76:d6:1f:6a:
13:45:57:56:ad:ac:0b:32:54:b1:65:8f:db:02:35:cc:0b:d7:
d8:d2:ae:3f:66:ef:63:72:ac:89:c9:04:e8:d9:e2:02:a1:33:
fb:80:08:af:36:49:d1:31:62:be:95:30:81:28:34:7e:b4:f9:
b1:ba:71:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jJO97BWzPUwAisFZA+8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JiZDE3ZWMyOTI3ODI3Y2NmNDRiMzdjZDY3ZGVmZTc0MWU1MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAAwwiaWkmqwlaO1QFSgFFvA1n/A
zAhFB8+JxhQj8haGOcD9SrPz7uSLnO8kpQdcMdb4kitUXdXbZ5vP6+NUNuEPrlLT
abxsUaxcz56o/GUagX/yz9R20aeGIciTvVBa1v6o/CVdbIOAixwsPcqcls0+PBdH
/UcHbAsOMLxklQItGSKSWPdE5Zf3FEi8PkJHqY1Wkcrq4/2TFxQr1kdAlVtj6pDZ
ZfT9EwO2fMUhkVE097jC+EETuyHhi2Pz8+SEENncUcC8slhkzVzcfeBXqJ9XqB95
/Hm3IN0fuxRdd+1p21qQy/bV03MWcwtiD4XJuvpbsdQ60mfAH1WR/vXN9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJe70X7CkngnzPRLN81n3v50HlCAMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbDd2UmZzS1NlQ2ZNOUVzM3pXZmVfblFlVUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAa
MA0GCSqGSIb3DQEBCwUAA4IBAQAz6kMaGC4OiUJbVlCP12W1rNjiRLYYZ/NSqosk
WUALJBIU/T0R1wVH6QcWGZYxbR2M27BN+L46dW69g5IK4CigT4sWOLhIYUMSb2Rn
fB7T3S9seMNLww1dptCcagMcFwYp7rh50HQzWMVYaOEXlhvXHmKQpRj7OewWH5XG
ChvLa7ZXNSxrr9h8c+C5/IWX4Qa/kneYruRwce/JKyGdsZjYRjMtDs9kNiXLV371
UnWARFmcC20hZckntCOfcBtHvirZ1HbWH2oTRVdWrawLMlSxZY/bAjXMC9fY0q4/
Zu9jcqyJyQTo2eICoTP7gAivNknRMWK+lTCBKDR+tPmxunEm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org