Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pqETKEXbXumxYspX2whOPBDWNg8.roa
File: pqETKEXbXumxYspX2whOPBDWNg8.roa (raw, json)
Hash identifier: RGyz4Tf1gfP6reo+BSbf2o98I+Kg8w7+Xa36G+algjY=
Subject key identifier: A6:A1:13:28:45:DB:5E:E9:B1:62:CA:57:DB:08:4E:3C:10:D6:36:0F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07C4C0277256DCAAB487F715CFEFB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pqETKEXbXumxYspX2whOPBDWNg8.roa
Signing time: Wed 07 Feb 2024 05:00:37 +0000
ROA not before: Wed 07 Feb 2024 05:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199762
IP address blocks: 2a0f:b241:130::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7c:4c:02:77:25:6d:ca:ab:48:7f:71:5c:fe:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6a1132845db5ee9b162ca57db084e3c10d6360f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:48:db:e9:1b:18:0f:3a:84:cb:77:5a:4d:f1:
1e:94:15:71:c2:e6:f5:90:eb:f2:83:ef:c7:84:a1:
be:3b:ac:84:fc:b1:a4:41:95:1b:3f:b0:d4:73:ed:
8a:dc:59:a5:7b:16:af:b0:5f:d0:44:ef:f7:07:05:
69:dd:8c:89:4c:c8:af:b8:59:99:0f:38:fa:98:1f:
31:34:60:3a:26:47:3c:c7:2b:62:db:de:d7:92:2e:
fe:7d:13:fa:a3:7d:19:65:d8:db:81:a1:0b:eb:17:
ae:34:6f:08:1d:48:d0:81:20:c7:02:51:35:b2:c4:
58:e2:53:c4:2f:27:17:e4:26:fe:9b:3a:db:fc:3e:
88:8a:0f:1e:f2:5d:ee:89:59:58:0c:a9:b8:73:29:
73:31:c8:64:3a:35:57:58:4d:78:b1:3b:6a:25:a2:
e9:2a:37:e6:5e:54:34:d3:de:ec:3b:70:78:13:10:
04:0a:66:3c:7d:00:23:ab:94:bc:6f:72:1e:85:d2:
f3:a3:f6:5c:1f:14:55:b0:5a:b3:59:a5:ea:f5:5a:
36:ed:51:31:dd:b0:f2:be:7b:a1:cc:b0:59:4b:83:
3d:a1:46:f6:e6:d3:ac:0b:b6:2a:b0:54:bd:bc:2b:
c5:ed:3b:f4:70:ec:9d:5f:91:52:9e:08:f6:80:bf:
a5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A1:13:28:45:DB:5E:E9:B1:62:CA:57:DB:08:4E:3C:10:D6:36:0F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pqETKEXbXumxYspX2whOPBDWNg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:130::/48
Signature Algorithm: sha256WithRSAEncryption
87:df:9d:c9:d8:6b:66:90:9c:f2:66:83:d0:e4:c4:cc:3d:e6:
1c:5c:cf:95:b9:48:1c:08:03:27:08:0d:fe:a3:20:fa:28:f4:
0c:f0:a4:49:09:61:f9:5b:e4:18:d6:58:95:46:41:e2:3d:2c:
3c:99:cc:47:06:7b:94:73:68:8e:2b:6e:33:d6:f5:91:4b:53:
d9:ca:db:44:d8:46:fb:f2:ca:b4:dd:d7:e2:35:15:dc:3d:7b:
77:74:05:77:43:ab:f1:7e:66:38:f5:65:0d:fd:3b:50:a3:5c:
04:28:3e:62:24:3a:d1:e7:0b:88:4b:ac:80:8a:72:a1:93:4e:
22:d4:66:e3:00:e4:f0:b7:95:65:79:79:7f:1e:7b:d2:0d:4c:
89:6f:f1:e8:01:67:42:eb:72:c5:4e:d8:fb:fa:17:5f:74:84:
f2:57:8c:62:67:40:50:aa:de:8c:1e:50:9b:ec:f8:8b:6b:22:
0e:7b:98:97:b0:01:f6:2a:ff:09:5c:33:71:10:35:45:15:8a:
52:fc:21:1e:6b:61:2f:4c:87:7a:de:fe:f8:39:11:cd:62:f7:
50:4e:89:6d:ba:c0:2e:ef:3a:dc:e3:37:b0:37:77:83:4d:bd:
74:d6:84:b3:9b:3e:52:e9:fb:10:5c:2b:71:a0:1d:bd:3b:e4:
04:b4:f9:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8HxMAnclbcqrSH9xXP77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmExMTMyODQ1ZGI1ZWU5YjE2MmNhNTdkYjA4NGUzYzEwZDYzNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0jb6RsYDzqEy3daTfEelBVxwub1
kOvyg+/HhKG+O6yE/LGkQZUbP7DUc+2K3FmlexavsF/QRO/3BwVp3YyJTMivuFmZ
Dzj6mB8xNGA6Jkc8xyti297Xki7+fRP6o30ZZdjbgaEL6xeuNG8IHUjQgSDHAlE1
ssRY4lPELycX5Cb+mzrb/D6Iig8e8l3uiVlYDKm4cylzMchkOjVXWE14sTtqJaLp
KjfmXlQ0097sO3B4ExAECmY8fQAjq5S8b3IehdLzo/ZcHxRVsFqzWaXq9Vo27VEx
3bDyvnuhzLBZS4M9oUb25tOsC7YqsFS9vCvF7Tv0cOydX5FSngj2gL+l4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKahEyhF217psWLKV9sITjwQ1jYPMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcHFFVEtFWGJYdW14WXNwWDJ3aE9QQkRXTmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEw
MA0GCSqGSIb3DQEBCwUAA4IBAQCH353J2GtmkJzyZoPQ5MTMPeYcXM+VuUgcCAMn
CA3+oyD6KPQM8KRJCWH5W+QY1liVRkHiPSw8mcxHBnuUc2iOK24z1vWRS1PZyttE
2Eb78sq03dfiNRXcPXt3dAV3Q6vxfmY49WUN/TtQo1wEKD5iJDrR5wuIS6yAinKh
k04i1GbjAOTwt5VleXl/HnvSDUyJb/HoAWdC63LFTtj7+hdfdITyV4xiZ0BQqt6M
HlCb7PiLayIOe5iXsAH2Kv8JXDNxEDVFFYpS/CEea2EvTId63v74ORHNYvdQTolt
usAu7zrc4zewN3eDTb101oSzmz5S6fsQXCtxoB29O+QEtPkQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org