Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lQxw96SFPyM4WcSQ8AIk4CYjzUI.roa
File: lQxw96SFPyM4WcSQ8AIk4CYjzUI.roa (raw, json)
Hash identifier: 00jzpIMXf3fgcAWJ+bcyK5TZHosYSPoZ9/7xqEjxoMk=
Subject key identifier: 95:0C:70:F7:A4:85:3F:23:38:59:C4:90:F0:02:24:E0:26:23:CD:42
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96ACF9D8CA2F8F2AA02C273E936863
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lQxw96SFPyM4WcSQ8AIk4CYjzUI.roa
Signing time: Tue 06 Feb 2024 18:03:17 +0000
ROA not before: Tue 06 Feb 2024 18:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215908
IP address blocks: 2a0f:b241:59::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:ac:f9:d8:ca:2f:8f:2a:a0:2c:27:3e:93:68:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950c70f7a4853f233859c490f00224e02623cd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f2:e4:67:bb:9b:50:4d:52:04:79:27:09:0e:
f7:a5:e2:43:ca:28:0d:8f:2a:04:8f:aa:94:b8:0a:
18:37:ab:92:5f:dd:ef:0d:cd:b8:0d:1f:df:c1:c3:
28:8d:3e:f1:cc:9e:97:de:58:7e:a5:b3:97:d6:33:
f0:31:db:a5:42:4a:c2:c1:a4:a7:74:8f:3b:b3:11:
5b:99:fe:80:db:e5:95:36:fa:b7:fb:62:52:63:84:
fb:61:1e:87:25:c7:ec:11:5c:1f:00:65:0d:35:de:
8a:ef:c9:f6:72:ca:8a:28:3b:46:39:25:69:9d:d7:
b8:00:4d:f8:1f:bb:0e:fa:87:95:b8:17:b8:41:c8:
30:62:75:c3:7e:f9:fd:59:06:ee:4e:34:18:6b:3e:
78:7e:24:4b:12:40:03:12:79:da:25:9c:5d:11:8f:
96:19:ab:61:85:de:3d:b8:34:cc:02:07:3d:44:f7:
dd:03:41:f5:ab:a6:88:5b:7f:7b:50:64:4e:34:60:
4e:97:29:3d:df:49:46:7e:e2:e4:45:83:47:1f:a8:
1b:b3:28:f5:f5:02:18:cd:74:85:b7:f0:7a:77:05:
18:8e:33:67:2c:5f:b2:e0:e1:34:ad:71:2f:a4:5f:
6a:4f:4d:d4:e9:62:fc:ab:28:f8:28:18:4b:2c:d9:
a3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0C:70:F7:A4:85:3F:23:38:59:C4:90:F0:02:24:E0:26:23:CD:42
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lQxw96SFPyM4WcSQ8AIk4CYjzUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:59::/48
Signature Algorithm: sha256WithRSAEncryption
00:7e:57:ee:86:a7:86:65:7e:68:37:92:47:57:6c:ed:fe:50:
50:05:d2:09:a0:fd:8a:db:66:a5:7e:25:a4:b5:12:f6:5f:f1:
b7:c4:b2:1e:0e:22:10:3e:23:70:61:b8:c9:79:6d:82:08:75:
5a:76:52:4e:d6:57:60:8c:ab:01:4f:97:b9:3d:22:cf:c4:28:
02:fb:e6:65:b8:19:dc:58:53:83:20:cf:48:a2:ac:d5:d0:2c:
23:2b:b5:ca:4e:a6:09:40:db:24:3f:d3:10:22:e2:ec:49:76:
d6:ad:1c:4b:68:34:92:f2:47:20:42:0b:bc:dd:35:b1:0c:a8:
25:c7:f3:08:34:b6:bf:2b:5a:ac:ee:c9:39:d0:b9:48:55:37:
29:e1:d7:e5:1e:0a:59:ea:db:f4:21:c2:9d:39:6b:8a:cd:a9:
91:cd:4e:a4:85:34:8b:57:e2:2d:e2:26:ad:be:de:05:8e:04:
37:fd:be:23:97:9f:04:95:1f:4b:8a:d1:9f:de:31:b1:76:0a:
7e:67:c2:6f:35:fd:ff:1c:ec:87:f2:ac:d7:0b:76:23:10:93:
e4:f9:52:53:41:ed:d6:96:04:8f:b8:c8:87:b7:e5:1a:9b:77:
87:9a:45:a3:f7:2d:54:00:64:e9:af:72:9f:36:b6:f0:92:92:
4c:8f:06:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqz52MovjyqgLCc+k2hjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBjNzBmN2E0ODUzZjIzMzg1OWM0OTBmMDAyMjRlMDI2MjNjZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/LkZ7ubUE1SBHknCQ73peJDyigN
jyoEj6qUuAoYN6uSX93vDc24DR/fwcMojT7xzJ6X3lh+pbOX1jPwMdulQkrCwaSn
dI87sxFbmf6A2+WVNvq3+2JSY4T7YR6HJcfsEVwfAGUNNd6K78n2csqKKDtGOSVp
nde4AE34H7sO+oeVuBe4QcgwYnXDfvn9WQbuTjQYaz54fiRLEkADEnnaJZxdEY+W
Gathhd49uDTMAgc9RPfdA0H1q6aIW397UGRONGBOlyk930lGfuLkRYNHH6gbsyj1
9QIYzXSFt/B6dwUYjjNnLF+y4OE0rXEvpF9qT03U6WL8qyj4KBhLLNmjcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJUMcPekhT8jOFnEkPACJOAmI81CMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbFF4dzk2U0ZQeU00V2NTUThBSWs0Q1lqelVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBZ
MA0GCSqGSIb3DQEBCwUAA4IBAQAAflfuhqeGZX5oN5JHV2zt/lBQBdIJoP2K22al
fiWktRL2X/G3xLIeDiIQPiNwYbjJeW2CCHVadlJO1ldgjKsBT5e5PSLPxCgC++Zl
uBncWFODIM9IoqzV0CwjK7XKTqYJQNskP9MQIuLsSXbWrRxLaDSS8kcgQgu83TWx
DKglx/MINLa/K1qs7sk50LlIVTcp4dflHgpZ6tv0IcKdOWuKzamRzU6khTSLV+It
4iatvt4FjgQ3/b4jl58ElR9LitGf3jGxdgp+Z8JvNf3/HOyH8qzXC3YjEJPk+VJT
Qe3WlgSPuMiHt+Uam3eHmkWj9y1UAGTpr3KfNrbwkpJMjwbV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org