Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qN3cYJtAFx0GzDOH0wJlLg5opDI.roa
File: qN3cYJtAFx0GzDOH0wJlLg5opDI.roa (raw, json)
Hash identifier: kAcNwUAl36jBqlvIp7lHPlf7XlNwJY6iWp6R2WNFOE8=
Subject key identifier: A8:DD:DC:60:9B:40:17:1D:06:CC:33:87:D3:02:65:2E:0E:68:A4:32
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F05F362E37568C3523A3041B31B2AB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qN3cYJtAFx0GzDOH0wJlLg5opDI.roa
Signing time: Wed 07 Feb 2024 05:00:30 +0000
ROA not before: Wed 07 Feb 2024 05:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49187
IP address blocks: 2a0f:b241:115::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:5f:36:2e:37:56:8c:35:23:a3:04:1b:31:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8dddc609b40171d06cc3387d302652e0e68a432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:29:5f:2b:d8:ee:4b:96:a3:68:0c:f6:d1:
71:e3:64:ce:e4:62:32:7b:99:15:d7:62:4a:cd:78:
6b:85:ae:b0:0b:58:14:5e:1f:8a:76:e7:c6:46:26:
67:64:29:0f:d8:c1:49:10:0e:b0:07:37:eb:6d:14:
96:7c:6b:e3:5d:af:be:b0:63:0c:84:a5:04:3e:a8:
9d:a8:9d:9a:2c:ab:ad:ea:06:b2:cf:bd:56:55:e2:
a0:9d:41:84:88:df:6a:75:14:56:ef:a3:7f:ad:90:
65:61:4c:f2:57:2b:e2:cd:a2:86:01:89:cf:a9:1f:
37:91:f1:10:23:45:10:2d:1e:91:57:b5:1d:7f:d0:
4c:75:74:c5:d8:d3:20:6f:7d:a7:d5:31:38:e8:d6:
4d:16:68:c5:b7:f3:47:9c:ab:23:01:3d:30:94:84:
31:e8:09:71:08:8b:b9:39:c0:ad:19:d5:46:2c:ed:
a7:95:5d:58:10:92:e0:bf:98:e4:dd:52:69:ea:11:
0c:b1:78:e4:80:67:e0:60:15:6b:e7:3b:ee:aa:51:
c1:20:26:57:60:e1:e3:e0:d5:30:38:75:85:73:ca:
f6:20:d9:f6:8c:0c:d9:e3:f0:27:f6:33:66:08:af:
f3:2f:21:74:71:62:4d:14:12:44:27:5c:f2:5e:50:
10:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DD:DC:60:9B:40:17:1D:06:CC:33:87:D3:02:65:2E:0E:68:A4:32
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qN3cYJtAFx0GzDOH0wJlLg5opDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:115::/48
Signature Algorithm: sha256WithRSAEncryption
0f:94:c7:e6:ce:02:df:ef:4c:52:49:a5:d7:64:9d:8b:a0:bb:
79:ba:57:0d:de:b0:13:ee:81:72:0e:c3:4b:cb:5a:33:a3:f2:
e7:b4:a8:3e:29:ed:74:69:56:9e:fa:b1:a3:b8:4c:b8:23:bb:
82:05:86:cf:63:75:80:db:e9:aa:da:93:80:8c:91:00:7d:b1:
d9:23:3f:a2:df:f6:ba:68:de:9a:80:62:7f:03:f2:97:84:f9:
12:78:ef:c7:8e:35:1f:22:52:91:31:b3:5f:c6:7f:ca:42:76:
4b:8e:66:18:57:b5:bd:c4:9f:64:ec:7e:a4:09:b5:24:40:22:
92:59:16:1d:56:1d:b8:4c:4c:21:8f:92:6d:de:0a:fa:82:c4:
dd:5e:a6:46:ba:25:11:5f:3e:39:a1:ff:7e:d9:44:e1:0d:9e:
e2:3d:f4:8a:ca:51:56:e4:a5:0d:5b:38:14:6e:84:7f:29:bc:
aa:85:b0:42:4b:c8:cf:79:2e:25:1d:31:e9:4a:26:03:9b:e7:
9a:a8:5b:fd:16:06:93:15:8e:57:35:5e:e0:6b:02:1b:15:5a:
27:02:38:31:6e:ed:35:7d:2f:dc:e7:16:da:51:06:a1:63:a1:
11:40:b5:1b:b5:d0:db:b9:f7:a9:fb:35:9c:74:43:7e:8b:32:
a8:e8:08:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8F82LjdWjDUjowQbMbKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRkZGM2MDliNDAxNzFkMDZjYzMzODdkMzAyNjUyZTBlNjhhNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0wpXyvY7kuWo2gM9tFx42TO5GIy
e5kV12JKzXhrha6wC1gUXh+KdufGRiZnZCkP2MFJEA6wBzfrbRSWfGvjXa++sGMM
hKUEPqidqJ2aLKut6gayz71WVeKgnUGEiN9qdRRW76N/rZBlYUzyVyvizaKGAYnP
qR83kfEQI0UQLR6RV7Udf9BMdXTF2NMgb32n1TE46NZNFmjFt/NHnKsjAT0wlIQx
6AlxCIu5OcCtGdVGLO2nlV1YEJLgv5jk3VJp6hEMsXjkgGfgYBVr5zvuqlHBICZX
YOHj4NUwOHWFc8r2INn2jAzZ4/An9jNmCK/zLyF0cWJNFBJEJ1zyXlAQDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKjd3GCbQBcdBswzh9MCZS4OaKQyMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcU4zY1lKdEFGeDBHekRPSDB3SmxMZzVvcERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEV
MA0GCSqGSIb3DQEBCwUAA4IBAQAPlMfmzgLf70xSSaXXZJ2LoLt5ulcN3rAT7oFy
DsNLy1ozo/LntKg+Ke10aVae+rGjuEy4I7uCBYbPY3WA2+mq2pOAjJEAfbHZIz+i
3/a6aN6agGJ/A/KXhPkSeO/HjjUfIlKRMbNfxn/KQnZLjmYYV7W9xJ9k7H6kCbUk
QCKSWRYdVh24TEwhj5Jt3gr6gsTdXqZGuiURXz45of9+2UThDZ7iPfSKylFW5KUN
WzgUboR/KbyqhbBCS8jPeS4lHTHpSiYDm+eaqFv9FgaTFY5XNV7gawIbFVonAjgx
bu01fS/c5xbaUQahY6ERQLUbtdDbufep+zWcdEN+izKo6Aj8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org