Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lhWSpJXcnAylFPEcejcy5uNRPls.roa
File: lhWSpJXcnAylFPEcejcy5uNRPls.roa (raw, json)
Hash identifier: yLWHxiYT1UcLiO4mRXvQ+EyMht+o8jGozKM9PkZFXaw=
Subject key identifier: 96:15:92:A4:95:DC:9C:0C:A5:14:F1:1C:7A:37:32:E6:E3:51:3E:5B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6BC59A7946CEE9D140E80922EEE45
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lhWSpJXcnAylFPEcejcy5uNRPls.roa
Signing time: Tue 06 Feb 2024 18:38:18 +0000
ROA not before: Tue 06 Feb 2024 18:38:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205088
IP address blocks: 2a0f:b241:13a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:bc:59:a7:94:6c:ee:9d:14:0e:80:92:2e:ee:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=961592a495dc9c0ca514f11c7a3732e6e3513e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:b0:55:3d:0e:5f:a4:0c:0d:90:71:4e:af:
f3:bb:7a:fc:8e:66:2a:3d:21:fa:9c:35:4f:5e:14:
a4:23:de:5c:e3:f4:39:ed:55:e6:4e:d1:a2:d8:48:
7c:51:35:8c:6b:4b:6e:ad:a6:b8:fa:17:09:0c:df:
98:45:35:47:3f:a5:87:a7:16:6c:18:1c:c4:52:85:
59:f0:c3:3a:0e:fa:46:4d:94:73:1c:1c:a3:a9:34:
ea:1b:ee:1f:68:0d:5b:3b:11:fa:0f:4a:b7:8e:e0:
43:38:10:d5:10:22:b1:2c:34:ac:66:08:a0:29:a2:
2c:d1:a7:3b:03:3a:8a:e6:8e:84:73:b9:45:02:35:
ac:cd:99:ff:d3:cc:7d:ec:8a:08:45:9d:33:8c:32:
6f:58:32:76:b6:93:bf:19:c3:2e:8c:ec:c5:b5:f5:
f6:c2:08:f2:e0:fa:f2:9d:71:a0:07:e2:38:2c:50:
1b:62:46:a7:2e:59:2e:64:65:13:fb:be:13:65:70:
55:af:f1:29:30:c8:17:ab:8c:b9:bd:8a:9e:75:c3:
02:29:28:65:67:8e:c0:2f:f7:4f:22:97:19:ad:6b:
40:7f:7f:e7:7b:21:d8:42:16:cc:49:bf:97:20:1a:
e8:c5:a0:44:b8:b2:ab:73:db:9f:cf:a0:76:ea:c3:
ff:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:15:92:A4:95:DC:9C:0C:A5:14:F1:1C:7A:37:32:E6:E3:51:3E:5B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lhWSpJXcnAylFPEcejcy5uNRPls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:13a::/48
Signature Algorithm: sha256WithRSAEncryption
8b:c9:43:dd:a7:4a:a0:4b:7d:a4:cd:f9:15:d1:f2:a5:82:3f:
a4:17:21:f6:b5:9d:b3:9e:a9:c3:bf:2c:25:4a:c1:00:ca:0f:
0d:16:76:a3:a2:2c:c8:a9:06:5b:2d:9c:2e:de:46:11:6c:3a:
1e:55:f9:bc:4c:0e:0f:90:2f:35:cd:c3:65:11:f7:1a:d6:76:
8e:86:b5:41:8d:7e:b0:be:2d:1a:75:83:91:6d:d1:4f:5d:3f:
31:e7:92:7d:87:77:9b:ed:d2:5d:4e:da:bd:12:ef:cb:94:48:
c9:78:33:a7:5d:6b:68:3f:b3:89:15:a4:4c:b7:4f:9a:e5:cc:
f4:02:8b:eb:4f:73:09:1f:de:75:92:a7:57:13:03:f7:d7:94:
87:6a:c1:36:10:0c:17:a5:97:34:b2:4c:da:a0:43:cc:c1:b8:
ed:c5:df:13:1a:98:f0:a5:08:bf:c6:57:6a:87:df:7d:6b:9a:
fe:63:cd:a6:ac:02:3f:fd:69:13:c0:9e:dd:f7:be:92:e2:ea:
1b:f4:1d:75:6c:f2:49:2b:4f:1b:29:ad:01:df:e1:05:40:43:
fe:44:70:30:d7:36:9b:5f:78:54:b5:c0:aa:65:75:7a:f7:fc:
b2:63:6a:92:67:70:9f:65:e8:31:ad:45:41:a4:ea:49:8f:b6:
f4:ef:2c:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trxZp5Rs7p0UDoCSLu5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE1OTJhNDk1ZGM5YzBjYTUxNGYxMWM3YTM3MzJlNmUzNTEzZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoawVT0OX6QMDZBxTq/zu3r8jmYq
PSH6nDVPXhSkI95c4/Q57VXmTtGi2Eh8UTWMa0turaa4+hcJDN+YRTVHP6WHpxZs
GBzEUoVZ8MM6DvpGTZRzHByjqTTqG+4faA1bOxH6D0q3juBDOBDVECKxLDSsZgig
KaIs0ac7AzqK5o6Ec7lFAjWszZn/08x97IoIRZ0zjDJvWDJ2tpO/GcMujOzFtfX2
wgjy4PrynXGgB+I4LFAbYkanLlkuZGUT+74TZXBVr/EpMMgXq4y5vYqedcMCKShl
Z47AL/dPIpcZrWtAf3/neyHYQhbMSb+XIBroxaBEuLKrc9ufz6B26sP/PwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJYVkqSV3JwMpRTxHHo3MubjUT5bMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbGhXU3BKWGNuQXlsRlBFY2VqY3k1dU5SUGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE6
MA0GCSqGSIb3DQEBCwUAA4IBAQCLyUPdp0qgS32kzfkV0fKlgj+kFyH2tZ2znqnD
vywlSsEAyg8NFnajoizIqQZbLZwu3kYRbDoeVfm8TA4PkC81zcNlEfca1naOhrVB
jX6wvi0adYORbdFPXT8x55J9h3eb7dJdTtq9Eu/LlEjJeDOnXWtoP7OJFaRMt0+a
5cz0AovrT3MJH951kqdXEwP315SHasE2EAwXpZc0skzaoEPMwbjtxd8TGpjwpQi/
xldqh999a5r+Y82mrAI//WkTwJ7d976S4uob9B11bPJJK08bKa0B3+EFQEP+RHAw
1zabX3hUtcCqZXV69/yyY2qSZ3CfZegxrUVBpOpJj7b07yyL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org