Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qECqfMjuFGEBC7cxvkoL5zRcBDI.roa
File: qECqfMjuFGEBC7cxvkoL5zRcBDI.roa (raw, json)
Hash identifier: FDsvqeCXhEa4ox5agnAmeY83lY2dIIC/etYCEWKCQOw=
Subject key identifier: A8:40:AA:7C:C8:EE:14:61:01:0B:B7:31:BE:4A:0B:E7:34:5C:04:32
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE78A394B0E1E1DFD9DCC451A902BE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qECqfMjuFGEBC7cxvkoL5zRcBDI.roa
Signing time: Tue 06 Feb 2024 18:29:17 +0000
ROA not before: Tue 06 Feb 2024 18:29:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49975
IP address blocks: 2a0f:b241:119::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:78:a3:94:b0:e1:e1:df:d9:dc:c4:51:a9:02:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a840aa7cc8ee1461010bb731be4a0be7345c0432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:0e:1e:ec:f3:8c:5d:2b:4f:2c:01:ef:af:
8b:46:fe:e1:a3:58:f3:0c:18:8c:7d:d2:56:33:86:
8c:50:f0:ee:17:20:24:43:63:bd:82:dc:d3:30:b9:
19:87:96:af:ab:bd:7a:de:0b:4c:79:b4:07:51:f3:
31:a2:f0:38:5d:38:e0:cc:6f:43:15:56:7b:85:1a:
bd:53:0c:23:be:18:2b:fd:14:63:a5:27:c4:bd:30:
7c:75:b4:5f:f1:ef:16:60:18:b2:51:a7:a7:50:93:
bc:da:3d:37:35:af:7a:59:68:c8:d4:02:fc:aa:c0:
8e:e5:35:0d:d1:33:19:a0:35:c9:c4:63:1c:be:c0:
22:71:f8:f3:0e:2a:a4:fc:83:f6:57:27:9a:87:67:
55:49:ed:c9:7e:1d:2c:fd:82:05:c2:0c:c6:da:37:
ce:d3:82:bc:c3:7a:fa:d9:3a:67:c0:24:97:2c:ce:
24:f1:be:6c:10:cf:95:1e:ff:54:0f:f4:73:8e:70:
08:ee:f6:ad:2c:7e:c5:76:2b:f7:b3:f0:bc:0c:c7:
d1:f8:73:1a:82:0b:02:a1:a0:fd:a5:0b:bf:5b:e0:
19:c6:25:2f:75:f3:86:fa:29:19:44:8a:47:71:c0:
2f:66:5f:66:74:51:75:3e:c3:10:32:09:b2:48:5a:
b7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:40:AA:7C:C8:EE:14:61:01:0B:B7:31:BE:4A:0B:E7:34:5C:04:32
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qECqfMjuFGEBC7cxvkoL5zRcBDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:119::/48
Signature Algorithm: sha256WithRSAEncryption
6c:7c:c6:36:30:ae:15:18:3d:f9:78:6e:26:51:bb:9e:fb:d0:
ca:71:97:bb:55:75:d9:3c:7d:83:ef:ac:e7:c3:b8:fc:2a:c0:
60:9b:04:62:c1:f2:db:f7:0e:94:dc:90:57:7b:de:a6:de:af:
34:8d:27:4c:3b:5d:34:a8:25:56:e8:01:ef:2f:99:52:ab:25:
67:b4:e5:4e:85:ef:35:60:d5:df:f1:24:d1:f6:18:04:f8:7c:
33:f7:ad:21:30:49:da:26:13:3d:c4:0b:af:66:c8:b9:29:35:
12:81:9c:63:ab:1b:9a:24:e4:4b:43:76:ba:ee:b1:66:dc:43:
8a:95:e0:cb:f8:b3:e1:62:4a:7d:ea:05:4c:41:70:6c:3a:0f:
4f:93:b7:be:e7:8e:90:a5:11:1a:99:67:ae:bf:9b:c0:42:26:
3d:7d:e7:71:f7:aa:55:51:51:75:1e:1c:a2:7e:4d:5c:71:4a:
53:0d:9d:af:a6:96:d0:f4:a7:b7:9e:25:d6:08:0f:e1:2a:e1:
c6:93:30:d6:df:82:bc:b0:93:8f:28:0a:45:30:7b:91:02:06:
db:21:9a:4f:0b:ed:27:a5:9e:29:4c:66:4a:cc:e9:20:7d:83:
67:f6:4f:38:45:4e:70:89:cb:7c:09:8f:63:ae:18:4a:dc:60:
74:5e:d2:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnijlLDh4d/Z3MRRqQK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQwYWE3Y2M4ZWUxNDYxMDEwYmI3MzFiZTRhMGJlNzM0NWMwNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi0OHuzzjF0rTywB76+LRv7ho1jz
DBiMfdJWM4aMUPDuFyAkQ2O9gtzTMLkZh5avq7163gtMebQHUfMxovA4XTjgzG9D
FVZ7hRq9Uwwjvhgr/RRjpSfEvTB8dbRf8e8WYBiyUaenUJO82j03Na96WWjI1AL8
qsCO5TUN0TMZoDXJxGMcvsAicfjzDiqk/IP2Vyeah2dVSe3Jfh0s/YIFwgzG2jfO
04K8w3r62TpnwCSXLM4k8b5sEM+VHv9UD/RzjnAI7vatLH7Fdiv3s/C8DMfR+HMa
ggsCoaD9pQu/W+AZxiUvdfOG+ikZRIpHccAvZl9mdFF1PsMQMgmySFq3aQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKhAqnzI7hRhAQu3Mb5KC+c0XAQyMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcUVDcWZNanVGR0VCQzdjeHZrb0w1elJjQkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBsfMY2MK4VGD35eG4mUbue+9DKcZe7VXXZPH2D
76znw7j8KsBgmwRiwfLb9w6U3JBXe96m3q80jSdMO100qCVW6AHvL5lSqyVntOVO
he81YNXf8STR9hgE+Hwz960hMEnaJhM9xAuvZsi5KTUSgZxjqxuaJORLQ3a67rFm
3EOKleDL+LPhYkp96gVMQXBsOg9Pk7e+546QpREamWeuv5vAQiY9fedx96pVUVF1
Hhyifk1ccUpTDZ2vppbQ9Ke3niXWCA/hKuHGkzDW34K8sJOPKApFMHuRAgbbIZpP
C+0npZ4pTGZKzOkgfYNn9k84RU5wict8CY9jrhhK3GB0XtIG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org