Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ndAKvJsvlbmEyOrYOWlHBjxnAvQ.roa
File: ndAKvJsvlbmEyOrYOWlHBjxnAvQ.roa (raw, json)
Hash identifier: x8lxmxyVEtcI8ymeK8rYwMZlWRYehpy9yRpxBYQFw4Y=
Subject key identifier: 9D:D0:0A:BC:9B:2F:95:B9:84:C8:EA:D8:39:69:47:06:3C:67:02:F4
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6B79041D2DE47EC4A669F59DEFE0F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ndAKvJsvlbmEyOrYOWlHBjxnAvQ.roa
Signing time: Tue 06 Feb 2024 18:38:17 +0000
ROA not before: Tue 06 Feb 2024 18:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202627
IP address blocks: 2a0f:b241:134::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:b7:90:41:d2:de:47:ec:4a:66:9f:59:de:fe:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd00abc9b2f95b984c8ead8396947063c6702f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d7:6a:f1:24:86:63:32:64:f3:6b:3c:9f:f3:
ea:8c:d1:77:ab:a0:2c:43:8b:8e:db:08:f3:44:4b:
ac:fb:bb:10:3b:3f:66:04:85:b4:8a:72:9a:f8:70:
20:ca:54:bd:dd:14:67:73:20:27:a8:e6:3e:c3:1b:
ec:38:32:9c:29:92:80:a5:3d:82:d7:e2:02:d8:27:
ce:d2:fe:e2:5f:62:06:41:10:ef:ab:26:1f:70:60:
c9:21:ea:be:cf:5c:19:59:3e:cc:04:25:c4:42:18:
76:ae:bd:e6:95:4e:bd:59:f3:e2:27:97:e0:2a:35:
56:4d:25:f7:70:c9:d1:e5:86:1a:f5:48:c8:eb:61:
da:e5:6d:e7:09:c9:4c:19:a7:ed:69:75:22:f3:2b:
e1:e3:50:22:de:a1:cb:a4:7a:53:c1:b9:b8:45:25:
f3:70:de:d1:84:ed:ee:00:40:64:75:b5:d1:a7:b9:
fc:41:f3:d8:c6:a0:46:42:ef:0e:7b:c0:1e:f1:e3:
50:92:6c:ed:58:bc:14:08:36:96:7e:5c:a9:ec:97:
1c:39:87:65:fe:51:9b:97:d2:d2:30:5b:31:11:fc:
e3:76:d5:4d:b0:c8:0b:87:95:cb:1a:b1:f8:74:b5:
f9:88:ad:f4:7b:ed:78:e3:05:7b:65:3a:dc:11:27:
e4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:0A:BC:9B:2F:95:B9:84:C8:EA:D8:39:69:47:06:3C:67:02:F4
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ndAKvJsvlbmEyOrYOWlHBjxnAvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:134::/48
Signature Algorithm: sha256WithRSAEncryption
8f:53:81:92:cd:45:ba:d0:bf:c0:72:4f:44:82:e0:de:2f:83:
6b:b0:27:74:4c:6a:79:97:f1:85:b9:d9:ca:c7:74:57:d9:8b:
74:70:05:76:2a:3a:92:42:5c:02:13:49:98:6a:74:b1:bb:5c:
71:f1:38:f3:3b:8c:cf:24:06:da:f5:9b:9c:67:07:01:6e:b6:
f1:7e:4c:b5:83:70:46:53:87:1a:1d:e6:dd:10:e1:02:fb:f8:
85:a2:f7:2b:e6:47:c4:01:c5:c5:4a:c3:ba:0c:92:fe:e2:f7:
f9:27:42:c7:fb:21:9b:db:97:1f:54:62:7e:49:19:57:f3:9f:
f3:17:13:8b:ff:ed:9d:3c:93:f3:d8:6b:3d:a6:95:90:3a:97:
ff:e2:d0:44:09:d4:0c:57:66:dc:ba:a0:4f:2b:bf:5e:b0:a5:
bb:57:f0:b7:47:79:dc:43:18:fc:38:ab:6f:b9:f7:27:42:49:
2d:87:e2:48:ba:e3:41:9e:93:c1:68:d7:6d:a4:42:5f:20:5f:
de:cb:36:20:ae:49:82:ac:3b:b0:ce:5a:fb:bf:7d:fe:b2:d7:
69:45:38:8e:1c:27:3d:50:ec:61:44:23:1f:7c:dd:a2:50:c9:
97:36:af:ad:68:fd:90:5f:a8:eb:61:ee:a0:4b:c8:7c:37:5e:
c6:e1:38:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/treQQdLeR+xKZp9Z3v4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQwMGFiYzliMmY5NWI5ODRjOGVhZDgzOTY5NDcwNjNjNjcwMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9dq8SSGYzJk82s8n/PqjNF3q6As
Q4uO2wjzREus+7sQOz9mBIW0inKa+HAgylS93RRncyAnqOY+wxvsODKcKZKApT2C
1+IC2CfO0v7iX2IGQRDvqyYfcGDJIeq+z1wZWT7MBCXEQhh2rr3mlU69WfPiJ5fg
KjVWTSX3cMnR5YYa9UjI62Ha5W3nCclMGaftaXUi8yvh41Ai3qHLpHpTwbm4RSXz
cN7RhO3uAEBkdbXRp7n8QfPYxqBGQu8Oe8Ae8eNQkmztWLwUCDaWflyp7JccOYdl
/lGbl9LSMFsxEfzjdtVNsMgLh5XLGrH4dLX5iK30e+144wV7ZTrcESfk5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3QCrybL5W5hMjq2DlpRwY8ZwL0MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbmRBS3ZKc3ZsYm1FeU9yWU9XbEhCanhuQXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE0
MA0GCSqGSIb3DQEBCwUAA4IBAQCPU4GSzUW60L/Ack9EguDeL4NrsCd0TGp5l/GF
udnKx3RX2Yt0cAV2KjqSQlwCE0mYanSxu1xx8TjzO4zPJAba9ZucZwcBbrbxfky1
g3BGU4caHebdEOEC+/iFovcr5kfEAcXFSsO6DJL+4vf5J0LH+yGb25cfVGJ+SRlX
85/zFxOL/+2dPJPz2Gs9ppWQOpf/4tBECdQMV2bcuqBPK79esKW7V/C3R3ncQxj8
OKtvufcnQkkth+JIuuNBnpPBaNdtpEJfIF/eyzYgrkmCrDuwzlr7v33+stdpRTiO
HCc9UOxhRCMffN2iUMmXNq+taP2QX6jrYe6gS8h8N17G4TjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org