Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rgkIohbMKLoKRGWOPehi5RCC6DA.roa
File: rgkIohbMKLoKRGWOPehi5RCC6DA.roa (raw, json)
Hash identifier: r3m7Au+b/Kh6mMzav6ESYINpEXKrx3dT40g3JxN+CP8=
Subject key identifier: AE:09:08:A2:16:CC:28:BA:0A:44:65:8E:3D:E8:62:E5:10:82:E8:30
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0AAB2CC249F54F9C5B762602BBB04
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rgkIohbMKLoKRGWOPehi5RCC6DA.roa
Signing time: Wed 07 Feb 2024 05:00:49 +0000
ROA not before: Wed 07 Feb 2024 05:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211760
IP address blocks: 2a0f:b241:14a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:aa:b2:cc:24:9f:54:f9:c5:b7:62:60:2b:bb:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0908a216cc28ba0a44658e3de862e51082e830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8f:a2:7c:23:3a:83:04:a3:ad:54:c2:f4:75:
05:68:e2:c7:54:db:f9:2d:2b:93:c4:4d:15:9b:3d:
c4:87:2d:63:9f:5d:7f:bc:24:25:23:1c:5f:f3:c9:
57:5b:13:29:08:03:7b:e3:e3:9d:50:ae:a1:44:77:
32:04:d4:e4:63:f7:e4:82:be:c7:80:b9:c2:77:dc:
8d:c3:2f:09:48:1c:3c:06:13:89:20:ac:89:22:0b:
d8:bf:d9:8b:e7:9c:69:65:76:67:a0:94:46:fd:60:
95:dd:83:41:70:05:5c:84:b1:53:6b:e8:74:a6:a5:
3e:fc:61:07:2b:e1:24:3a:86:6a:c4:56:e7:39:e5:
7f:74:a7:fc:cf:22:f2:63:33:5a:71:39:d1:4a:77:
38:70:86:a7:5b:25:09:a5:56:3e:3d:28:6f:68:68:
a2:5b:ad:d4:74:a3:c0:4b:42:6c:fa:b6:40:81:90:
5b:96:66:85:80:83:5d:3a:f0:b7:21:c2:f9:3c:03:
3d:e7:56:5a:f8:9a:05:18:f2:fa:ad:c5:de:c6:25:
7b:74:05:f3:b3:e3:13:08:f7:10:63:2a:16:0f:8f:
54:ad:d5:75:02:7c:af:ce:42:37:b2:fa:b1:8d:fd:
2a:0a:bb:bb:69:6f:96:49:85:63:6d:c5:60:3b:28:
de:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:09:08:A2:16:CC:28:BA:0A:44:65:8E:3D:E8:62:E5:10:82:E8:30
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rgkIohbMKLoKRGWOPehi5RCC6DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:14a::/48
Signature Algorithm: sha256WithRSAEncryption
28:0f:ea:80:a0:6c:81:25:5e:56:08:a2:79:12:9c:13:02:75:
e0:90:a3:bd:2a:6b:6c:9c:9a:f9:fd:5a:3f:54:cc:ac:5a:2d:
95:66:12:68:e2:d9:e2:4c:66:42:84:ff:32:d1:8f:df:38:2a:
44:61:06:05:d9:68:a3:c1:b7:64:ad:b9:6b:2c:4a:0e:6b:a9:
2d:64:f9:76:c9:7e:61:57:a1:48:cd:7b:87:d4:57:a9:f9:49:
f2:f8:e7:14:22:20:5e:9d:d5:6c:12:d9:fb:c5:6e:0e:aa:ef:
1f:fa:40:90:a2:a1:aa:0a:ec:63:0a:c7:80:b5:3e:10:e3:96:
2d:d9:c3:e5:3c:fe:6e:78:25:ec:5f:b8:ca:ee:aa:e8:10:97:
be:e3:10:de:1b:6f:c3:d3:1c:40:cd:94:19:d7:5f:cf:b2:32:
73:a6:b1:e0:54:32:bd:a1:64:fd:69:d0:56:8b:ea:62:0a:38:
c6:c6:68:c4:80:53:cd:5c:75:e3:d8:cf:58:8d:4d:66:d1:d1:
f5:98:7f:6e:9b:95:3d:c4:8e:04:f6:ac:d3:9a:36:4a:23:a7:
0a:82:af:7d:e5:01:bb:c0:02:ae:a7:ae:2c:fd:76:54:fa:f4:
be:d7:9b:a7:7a:a0:81:97:19:66:dd:1f:e2:18:2e:1f:dc:11:
83:86:67:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KqyzCSfVPnFt2JgK7sEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA5MDhhMjE2Y2MyOGJhMGE0NDY1OGUzZGU4NjJlNTEwODJlODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4+ifCM6gwSjrVTC9HUFaOLHVNv5
LSuTxE0Vmz3Ehy1jn11/vCQlIxxf88lXWxMpCAN74+OdUK6hRHcyBNTkY/fkgr7H
gLnCd9yNwy8JSBw8BhOJIKyJIgvYv9mL55xpZXZnoJRG/WCV3YNBcAVchLFTa+h0
pqU+/GEHK+EkOoZqxFbnOeV/dKf8zyLyYzNacTnRSnc4cIanWyUJpVY+PShvaGii
W63UdKPAS0Js+rZAgZBblmaFgINdOvC3IcL5PAM951Za+JoFGPL6rcXexiV7dAXz
s+MTCPcQYyoWD49UrdV1AnyvzkI3svqxjf0qCru7aW+WSYVjbcVgOyjeIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK4JCKIWzCi6CkRljj3oYuUQgugwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcmdrSW9oYk1LTG9LUkdXT1BlaGk1UkNDNkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFK
MA0GCSqGSIb3DQEBCwUAA4IBAQAoD+qAoGyBJV5WCKJ5EpwTAnXgkKO9KmtsnJr5
/Vo/VMysWi2VZhJo4tniTGZChP8y0Y/fOCpEYQYF2WijwbdkrblrLEoOa6ktZPl2
yX5hV6FIzXuH1Fep+Uny+OcUIiBendVsEtn7xW4Oqu8f+kCQoqGqCuxjCseAtT4Q
45Yt2cPlPP5ueCXsX7jK7qroEJe+4xDeG2/D0xxAzZQZ11/PsjJzprHgVDK9oWT9
adBWi+piCjjGxmjEgFPNXHXj2M9YjU1m0dH1mH9um5U9xI4E9qzTmjZKI6cKgq99
5QG7wAKup64s/XZU+vS+15uneqCBlxlm3R/iGC4f3BGDhmf2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org