Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/p8IsNcpcDzMHpkU0r2sv64IzjR8.roa
File: p8IsNcpcDzMHpkU0r2sv64IzjR8.roa (raw, json)
Hash identifier: 26ILXFGnxoptUVMDzrP3+PLSOWNubxR3I9Xb+WTIiHc=
Subject key identifier: A7:C2:2C:35:CA:5C:0F:33:07:A6:45:34:AF:6B:2F:EB:82:33:8D:1F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C5508085D7AF305777CBA2369C54
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/p8IsNcpcDzMHpkU0r2sv64IzjR8.roa
Signing time: Tue 06 Feb 2024 18:02:18 +0000
ROA not before: Tue 06 Feb 2024 18:02:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215614
IP address blocks: 2a0f:b241:4d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c5:50:80:85:d7:af:30:57:77:cb:a2:36:9c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7c22c35ca5c0f3307a64534af6b2feb82338d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:95:27:41:d5:83:20:1e:11:3c:19:bd:6d:
d9:ea:42:6c:da:70:02:01:88:df:b0:8c:b6:81:3a:
e7:eb:a4:5d:67:30:be:f2:34:e8:c5:9e:d0:0b:9e:
02:87:1a:a9:33:ee:68:16:ef:e0:d8:76:ce:8e:db:
3a:2a:b2:4a:ef:8c:7c:8e:ed:36:13:83:ac:ef:72:
32:b8:28:34:aa:c2:59:53:a3:4f:0e:ae:4e:d2:02:
4f:d4:3f:08:16:54:fc:47:35:3d:dc:0b:b8:90:1f:
b5:88:4a:d7:0d:76:90:93:97:15:ce:19:6e:5b:b1:
ca:96:f6:88:55:f0:a5:69:8a:2f:5d:2e:30:c8:11:
16:f8:64:f0:96:64:94:0e:b2:01:01:af:83:14:23:
9d:ee:3e:98:4f:ef:62:03:25:1e:a6:bb:4a:d9:8b:
a0:8c:f9:fe:20:4d:3f:05:8b:54:f4:e5:9d:78:8f:
68:3c:76:67:c5:52:4a:be:8d:93:15:ad:a1:cd:e7:
53:e6:68:e7:8a:7e:81:0c:90:b2:aa:71:37:14:9c:
c4:21:51:d5:be:ff:17:70:ba:39:4a:1e:81:6e:c3:
68:9d:24:64:a7:ed:69:e7:be:6d:9b:20:5c:4b:5a:
44:01:af:04:a5:bd:d5:1f:79:61:05:96:ca:cb:9d:
7e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C2:2C:35:CA:5C:0F:33:07:A6:45:34:AF:6B:2F:EB:82:33:8D:1F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/p8IsNcpcDzMHpkU0r2sv64IzjR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4d::/48
Signature Algorithm: sha256WithRSAEncryption
02:20:34:4a:96:3c:b8:a7:36:3c:48:73:fa:85:4b:c4:2e:1c:
50:43:da:c3:e9:d6:50:6e:c1:d8:d5:4e:8d:1f:7d:b7:30:7c:
4a:18:91:61:0a:30:f1:fc:e6:7f:ef:37:ba:bc:3a:12:b4:58:
95:f8:d4:b4:00:96:23:2f:d2:56:af:96:7f:0a:7d:9a:0c:7f:
e4:91:23:8d:3f:ea:58:79:a0:26:fa:9c:56:4c:48:17:0a:28:
b6:f7:58:1e:e7:78:70:49:5c:39:31:c9:71:e2:84:a9:68:d5:
49:f4:35:62:5f:01:bd:fb:98:68:c9:1a:4c:98:73:ef:ad:95:
2f:d9:07:fc:97:3d:66:75:c0:eb:d0:83:e4:39:c4:48:1b:6d:
86:fa:30:b0:65:bd:2e:64:41:74:1f:e2:1d:2f:1f:e7:e0:eb:
c7:cd:36:53:03:23:d9:d0:5a:4d:7c:2b:d8:c1:aa:34:80:36:
5c:d0:f2:c8:90:30:05:9d:fb:e0:d0:67:60:e0:61:47:95:d8:
bb:1d:5e:69:20:7c:34:ef:15:ab:a8:e9:b4:26:0a:6a:1b:4c:
a9:3c:14:a3:d3:a3:93:27:91:39:51:db:ba:d7:9e:90:32:ae:
6b:b9:30:0c:3c:4b:06:b4:fe:c1:0f:c8:64:4a:bd:e6:3d:54:
2c:aa:06:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcVQgIXXrzBXd8uiNpxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2MyMmMzNWNhNWMwZjMzMDdhNjQ1MzRhZjZiMmZlYjgyMzM4ZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHmVJ0HVgyAeETwZvW3Z6kJs2nAC
AYjfsIy2gTrn66RdZzC+8jToxZ7QC54ChxqpM+5oFu/g2HbOjts6KrJK74x8ju02
E4Os73IyuCg0qsJZU6NPDq5O0gJP1D8IFlT8RzU93Au4kB+1iErXDXaQk5cVzhlu
W7HKlvaIVfClaYovXS4wyBEW+GTwlmSUDrIBAa+DFCOd7j6YT+9iAyUeprtK2Yug
jPn+IE0/BYtU9OWdeI9oPHZnxVJKvo2TFa2hzedT5mjnin6BDJCyqnE3FJzEIVHV
vv8XcLo5Sh6BbsNonSRkp+1p575tmyBcS1pEAa8Epb3VH3lhBZbKy51+GwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKfCLDXKXA8zB6ZFNK9rL+uCM40fMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcDhJc05jcGNEek1IcGtVMHIyc3Y2NEl6alI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBN
MA0GCSqGSIb3DQEBCwUAA4IBAQACIDRKljy4pzY8SHP6hUvELhxQQ9rD6dZQbsHY
1U6NH323MHxKGJFhCjDx/OZ/7ze6vDoStFiV+NS0AJYjL9JWr5Z/Cn2aDH/kkSON
P+pYeaAm+pxWTEgXCii291ge53hwSVw5Mclx4oSpaNVJ9DViXwG9+5hoyRpMmHPv
rZUv2Qf8lz1mdcDr0IPkOcRIG22G+jCwZb0uZEF0H+IdLx/n4OvHzTZTAyPZ0FpN
fCvYwao0gDZc0PLIkDAFnfvg0Gdg4GFHldi7HV5pIHw07xWrqOm0JgpqG0ypPBSj
06OTJ5E5Udu6156QMq5ruTAMPEsGtP7BD8hkSr3mPVQsqgYW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org