Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFIudYCBC70XDeywHryoYCg-PAU.roa
File: lFIudYCBC70XDeywHryoYCg-PAU.roa (raw, json)
Hash identifier: S9clDXHg3X9+mSF8kpZcfMnHVj/cfOx5tLtTlAcgBlA=
Subject key identifier: 94:52:2E:75:80:81:0B:BD:17:0D:EC:B0:1E:BC:A8:60:28:3E:3C:05
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D852C22A5439950D33B00039D46EE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFIudYCBC70XDeywHryoYCg-PAU.roa
Signing time: Tue 06 Feb 2024 17:53:17 +0000
ROA not before: Tue 06 Feb 2024 17:53:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215953
IP address blocks: 2a0f:b241:27::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:85:2c:22:a5:43:99:50:d3:3b:00:03:9d:46:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94522e7580810bbd170decb01ebca860283e3c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:16:61:be:df:66:8c:52:89:01:23:49:7c:ef:
40:0e:32:cf:d1:44:22:0c:36:cc:b3:00:8e:74:8f:
43:a1:c6:10:fd:a2:c6:b9:58:1e:5d:66:05:f8:0b:
bc:9a:7c:91:6a:96:93:b9:db:dd:4f:4a:d4:02:84:
36:4e:08:00:6c:a3:63:00:dd:e5:21:1f:e2:2c:78:
69:32:33:fd:81:f7:88:3c:bc:ff:12:86:88:9b:50:
c0:1d:e5:3c:ec:23:f7:c2:d8:e1:b8:e1:1e:e0:38:
18:b7:b8:4e:1e:c1:a7:3d:79:96:48:db:93:66:ef:
7b:bd:7c:c4:bf:48:33:4f:52:28:3d:5d:6e:94:f6:
ee:bc:84:9d:19:a6:ca:13:72:4b:37:53:c5:4e:f1:
6d:8e:a9:e4:cc:8f:6d:df:2b:24:0c:e8:10:0d:ff:
57:b4:bd:38:2d:2c:a6:19:55:2e:93:9f:0e:54:ae:
62:c2:70:0f:2d:b0:71:c9:c9:8e:2c:43:61:7d:54:
db:4d:95:4e:ea:48:a4:c6:b1:4e:ce:49:27:26:52:
5e:74:cc:9d:a4:d6:f9:3c:2c:25:26:97:4e:37:ac:
79:41:44:fb:e6:6c:44:11:ba:74:1c:2e:7d:c3:26:
51:9b:ab:dc:17:29:bd:68:ff:22:a7:e3:86:a8:de:
dc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:52:2E:75:80:81:0B:BD:17:0D:EC:B0:1E:BC:A8:60:28:3E:3C:05
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFIudYCBC70XDeywHryoYCg-PAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:27::/48
Signature Algorithm: sha256WithRSAEncryption
0b:2b:51:3b:0d:bd:6a:65:ff:e3:b6:38:ac:06:7e:d0:dd:c9:
5b:d9:b0:c2:40:11:5a:5e:d0:75:09:07:f0:e9:be:18:96:ef:
58:14:51:25:cf:5d:76:e4:ed:53:a6:6e:57:a2:c2:51:1e:87:
df:62:da:ad:56:fb:54:0d:83:17:8b:66:07:86:e6:ec:53:ea:
55:88:ef:91:8f:e0:e8:f1:97:cf:42:82:9c:42:02:9c:90:f7:
6e:95:04:45:0f:64:c0:4a:75:42:16:99:b3:55:f7:c9:69:a6:
ff:4e:d7:08:32:f5:c8:45:22:45:12:44:71:f9:58:91:91:36:
e3:df:04:d3:15:ae:fb:63:56:6b:3b:bc:63:3a:f5:f0:3b:e3:
4f:2f:72:8c:45:2a:d5:72:96:08:88:6d:7f:01:7d:6f:9e:27:
07:13:85:5a:31:32:d6:7c:26:4f:97:77:14:4f:87:86:9b:3a:
f2:29:83:ea:30:31:b0:d8:6a:5a:83:c0:61:33:0f:0f:cb:78:
da:8c:f3:8d:26:ac:42:21:ac:30:14:f3:29:03:f6:66:9d:2d:
d9:dc:f0:9b:c7:56:5b:62:16:42:62:36:49:dd:bc:0e:d8:72:
d1:b7:8d:0e:1e:6e:b0:24:c0:d3:bc:52:0c:51:36:dc:34:5f:
dc:78:a5:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jYUsIqVDmVDTOwADnUbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUyMmU3NTgwODEwYmJkMTcwZGVjYjAxZWJjYTg2MDI4M2UzYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRZhvt9mjFKJASNJfO9ADjLP0UQi
DDbMswCOdI9DocYQ/aLGuVgeXWYF+Au8mnyRapaTudvdT0rUAoQ2TggAbKNjAN3l
IR/iLHhpMjP9gfeIPLz/EoaIm1DAHeU87CP3wtjhuOEe4DgYt7hOHsGnPXmWSNuT
Zu97vXzEv0gzT1IoPV1ulPbuvISdGabKE3JLN1PFTvFtjqnkzI9t3yskDOgQDf9X
tL04LSymGVUuk58OVK5iwnAPLbBxycmOLENhfVTbTZVO6kikxrFOzkknJlJedMyd
pNb5PCwlJpdON6x5QUT75mxEEbp0HC59wyZRm6vcFym9aP8ip+OGqN7cDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJRSLnWAgQu9Fw3ssB68qGAoPjwFMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbEZJdWRZQ0JDNzBYRGV5d0hyeW9ZQ2ctUEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAn
MA0GCSqGSIb3DQEBCwUAA4IBAQALK1E7Db1qZf/jtjisBn7Q3clb2bDCQBFaXtB1
CQfw6b4Ylu9YFFElz1125O1Tpm5XosJRHoffYtqtVvtUDYMXi2YHhubsU+pViO+R
j+Do8ZfPQoKcQgKckPdulQRFD2TASnVCFpmzVffJaab/TtcIMvXIRSJFEkRx+ViR
kTbj3wTTFa77Y1ZrO7xjOvXwO+NPL3KMRSrVcpYIiG1/AX1vnicHE4VaMTLWfCZP
l3cUT4eGmzryKYPqMDGw2Gpag8BhMw8Py3jajPONJqxCIawwFPMpA/ZmnS3Z3PCb
x1ZbYhZCYjZJ3bwO2HLRt40OHm6wJMDTvFIMUTbcNF/ceKUE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org