Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/q33mGkCfHUT2ovkkrO9idkJ_z0I.roa
File: q33mGkCfHUT2ovkkrO9idkJ_z0I.roa (raw, json)
Hash identifier: wDWUT6Pq3mq+bC2EcABUfZ+v33lRXmRchvMr1+yrwXg=
Subject key identifier: AB:7D:E6:1A:40:9F:1D:44:F6:A2:F9:24:AC:EF:62:76:42:7F:CF:42
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09074DA447E98F10D3B357141FEF9
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/q33mGkCfHUT2ovkkrO9idkJ_z0I.roa
Signing time: Wed 07 Feb 2024 05:00:42 +0000
ROA not before: Wed 07 Feb 2024 05:00:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204742
IP address blocks: 2a0f:b241:38::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:90:74:da:44:7e:98:f1:0d:3b:35:71:41:fe:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab7de61a409f1d44f6a2f924acef6276427fcf42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f1:5b:e9:97:f1:89:27:13:e8:d4:27:81:5d:
e3:07:ba:de:5f:46:8f:16:ba:d7:9e:da:21:f1:2a:
1b:8e:c4:69:c6:0c:ea:b5:f9:64:e4:e5:3b:79:e0:
f9:66:0d:82:74:ba:40:4c:16:6a:c1:3f:fa:8c:11:
75:17:63:32:a0:0f:2d:04:63:e7:75:c7:96:68:0e:
a7:ef:54:ea:6a:8c:a2:f0:59:e2:24:64:5a:9c:9b:
3d:77:a1:d6:a5:b3:d3:dc:2d:01:01:c7:8a:1c:10:
d4:10:29:07:12:1a:29:6e:57:20:4e:5a:cc:76:52:
56:d9:ab:8b:9b:8f:f2:c7:dd:cf:04:c5:31:ea:43:
6e:17:65:d9:82:38:36:36:d7:73:89:4b:5c:1d:05:
fe:6a:45:8d:1b:b9:1d:b7:1e:9a:6e:f7:ea:f2:94:
4e:92:d3:7d:14:91:56:3d:a3:f9:ae:b7:34:1d:86:
8a:94:bb:36:24:af:19:72:6d:82:35:f4:bc:d5:9f:
65:c9:db:f7:7f:8b:67:44:5b:ec:f8:b1:29:c4:3a:
50:f5:b3:3c:1c:ce:64:28:ee:39:0d:81:db:a4:ba:
c6:d6:2a:1a:57:83:d5:2c:75:4e:d5:85:85:97:df:
4d:e3:38:db:b4:87:32:7b:d7:b1:4c:80:dd:63:60:
fc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7D:E6:1A:40:9F:1D:44:F6:A2:F9:24:AC:EF:62:76:42:7F:CF:42
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/q33mGkCfHUT2ovkkrO9idkJ_z0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:38::/48
Signature Algorithm: sha256WithRSAEncryption
39:c8:6f:ba:21:37:ac:af:e6:8b:bc:8f:1f:52:b6:00:e0:65:
79:47:02:53:7c:e7:1e:83:41:3d:19:e1:8e:3d:cc:6b:a6:80:
09:f9:38:4e:ca:6f:48:19:af:92:6b:a3:f7:de:63:31:ed:16:
af:7a:71:97:7b:8c:e7:ad:66:a6:fa:7e:d0:16:cb:73:48:b1:
f6:4d:36:95:5d:8c:55:14:f3:57:a8:1a:a7:64:46:d6:4b:0a:
65:3f:56:17:c0:73:78:b7:12:ca:e4:9a:25:52:44:be:98:da:
d5:c8:f1:93:99:a2:ce:4e:3b:be:a8:b7:bf:5b:5e:4f:47:29:
3f:fe:e6:38:f5:96:77:f2:55:31:09:1d:ed:a6:23:ab:1b:73:
16:8e:d6:bd:d2:30:6c:02:a3:85:0b:44:1c:71:42:ab:81:61:
83:34:1a:69:5f:12:b0:10:9f:86:dc:ed:2d:a5:f2:ba:d3:e7:
29:b5:f0:ca:24:a4:2f:71:40:97:74:f6:5e:06:8f:34:fb:d5:
a1:fb:68:3f:ef:aa:bf:52:3f:d5:75:91:fd:3a:b3:0c:b8:2e:
2e:93:3f:aa:cd:8a:6c:3d:69:84:11:82:57:03:1f:b9:79:ce:
74:b1:a7:b6:a6:64:37:a7:d1:cc:15:41:2f:ce:b2:49:1a:be:
e3:02:20:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JB02kR+mPENOzVxQf75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdkZTYxYTQwOWYxZDQ0ZjZhMmY5MjRhY2VmNjI3NjQyN2ZjZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPFb6ZfxiScT6NQngV3jB7reX0aP
FrrXntoh8SobjsRpxgzqtflk5OU7eeD5Zg2CdLpATBZqwT/6jBF1F2MyoA8tBGPn
dceWaA6n71Tqaoyi8FniJGRanJs9d6HWpbPT3C0BAceKHBDUECkHEhopblcgTlrM
dlJW2auLm4/yx93PBMUx6kNuF2XZgjg2NtdziUtcHQX+akWNG7kdtx6abvfq8pRO
ktN9FJFWPaP5rrc0HYaKlLs2JK8Zcm2CNfS81Z9lydv3f4tnRFvs+LEpxDpQ9bM8
HM5kKO45DYHbpLrG1ioaV4PVLHVO1YWFl99N4zjbtIcye9exTIDdY2D8mQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKt95hpAnx1E9qL5JKzvYnZCf89CMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcTMzbUdrQ2ZIVVQyb3Zra3JPOWlka0pfejBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA4
MA0GCSqGSIb3DQEBCwUAA4IBAQA5yG+6ITesr+aLvI8fUrYA4GV5RwJTfOceg0E9
GeGOPcxrpoAJ+ThOym9IGa+Sa6P33mMx7RavenGXe4znrWam+n7QFstzSLH2TTaV
XYxVFPNXqBqnZEbWSwplP1YXwHN4txLK5JolUkS+mNrVyPGTmaLOTju+qLe/W15P
Ryk//uY49ZZ38lUxCR3tpiOrG3MWjta90jBsAqOFC0QccUKrgWGDNBppXxKwEJ+G
3O0tpfK60+cptfDKJKQvcUCXdPZeBo80+9Wh+2g/76q/Uj/VdZH9OrMMuC4ukz+q
zYpsPWmEEYJXAx+5ec50sae2pmQ3p9HMFUEvzrJJGr7jAiAW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org