Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/s92KNIC3GIPEdJdWQvHhtGxqyes.roa
File: s92KNIC3GIPEdJdWQvHhtGxqyes.roa (raw, json)
Hash identifier: OfgR8gubYpRn42VR6qIJOrT9OIlCdgH1sGXUZoCCWjk=
Subject key identifier: B3:DD:8A:34:80:B7:18:83:C4:74:97:56:42:F1:E1:B4:6C:6A:C9:EB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F93A75AD19E1B76981D7CD9E34681E8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/s92KNIC3GIPEdJdWQvHhtGxqyes.roa
Signing time: Tue 06 Feb 2024 17:59:59 +0000
ROA not before: Tue 06 Feb 2024 17:59:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216278
IP address blocks: 2a0f:b241:2c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:93:a7:5a:d1:9e:1b:76:98:1d:7c:d9:e3:46:81:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:59:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3dd8a3480b71883c474975642f1e1b46c6ac9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:91:75:6e:41:6e:53:ad:e8:a0:fd:92:34:
1e:91:ff:1a:fa:be:58:dd:8c:18:90:1a:48:00:6c:
85:a5:cc:2e:43:82:51:d9:fb:49:57:ea:03:a2:b1:
ab:81:28:0e:43:76:3b:0a:bf:5e:e2:0a:df:52:e9:
5a:53:92:e4:2e:aa:b8:66:1f:81:76:9a:a7:cb:d6:
ca:dd:ad:28:29:dd:9c:d7:ba:62:fb:24:47:d5:a3:
69:f6:f0:0c:9c:a6:62:f3:b3:dd:9e:31:7c:8f:cf:
b1:29:1d:73:53:63:44:80:0f:41:b7:b7:5f:02:1e:
59:de:6a:fe:c5:c6:1d:65:3c:42:63:8c:74:6a:ae:
c8:15:4c:75:80:77:2e:7b:90:d1:2a:b9:ce:6a:8a:
be:19:44:aa:ed:53:05:8a:51:23:53:93:3c:d8:1d:
9e:8f:62:4f:ca:98:6d:83:2b:1d:05:72:b2:20:6b:
5c:df:13:43:f5:21:ca:31:28:b9:41:02:5f:1a:3c:
17:6e:15:6a:e2:9e:01:c5:ae:08:4b:a9:93:92:93:
21:18:1e:1e:51:8b:dd:81:15:89:06:c6:28:69:e7:
d8:27:b3:a0:96:8a:f7:4b:9d:22:f2:b0:ba:31:e9:
66:1e:d3:66:84:52:a7:71:5f:89:47:fa:cc:85:72:
43:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DD:8A:34:80:B7:18:83:C4:74:97:56:42:F1:E1:B4:6C:6A:C9:EB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/s92KNIC3GIPEdJdWQvHhtGxqyes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:2c::/48
Signature Algorithm: sha256WithRSAEncryption
41:f6:33:48:07:3a:97:94:93:1a:e7:1b:e5:36:27:9a:ae:ee:
fe:02:60:b1:75:8f:13:53:23:f3:e4:4c:18:89:8e:f4:8d:0f:
2c:ab:4c:f9:eb:d0:9e:b2:7a:bd:73:d1:b3:73:6b:82:ad:e3:
68:45:a1:1b:32:1c:7f:16:3c:46:c4:c4:d0:36:84:20:40:95:
16:22:75:b4:19:7d:cf:85:7c:5e:58:b0:25:38:3e:05:a7:7f:
89:b6:1d:a4:0e:29:b8:2b:e7:c8:cd:b9:1d:89:14:a2:a5:96:
78:13:b9:42:a7:4a:c4:b3:a9:24:b9:41:5e:cc:4b:45:c1:03:
bc:69:59:63:ab:d6:9b:44:33:b9:1f:91:c6:4b:f4:1e:9e:85:
61:e1:1e:65:2e:de:f8:e9:01:0e:71:32:d2:2d:c9:6c:2e:e1:
7b:35:96:c5:5c:89:0d:48:57:1b:08:53:b5:e1:3d:79:a4:57:
26:2e:81:fd:21:b3:b4:ba:a0:14:d1:0c:e3:94:a7:6b:70:86:
15:db:47:7f:57:5b:9e:e6:a3:b7:58:26:fb:4a:ce:0e:39:1e:
28:48:4f:fe:c4:f1:c4:e6:f3:2e:ce:55:66:4a:94:25:a1:f7:
da:33:35:b5:e7:91:83:44:5d:50:95:0c:ea:16:e2:0b:47:8d:
35:ba:30:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/k6da0Z4bdpgdfNnjRoHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RkOGEzNDgwYjcxODgzYzQ3NDk3NTY0MmYxZTFiNDZjNmFjOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSiRdW5BblOt6KD9kjQekf8a+r5Y
3YwYkBpIAGyFpcwuQ4JR2ftJV+oDorGrgSgOQ3Y7Cr9e4grfUulaU5LkLqq4Zh+B
dpqny9bK3a0oKd2c17pi+yRH1aNp9vAMnKZi87PdnjF8j8+xKR1zU2NEgA9Bt7df
Ah5Z3mr+xcYdZTxCY4x0aq7IFUx1gHcue5DRKrnOaoq+GUSq7VMFilEjU5M82B2e
j2JPyphtgysdBXKyIGtc3xND9SHKMSi5QQJfGjwXbhVq4p4Bxa4IS6mTkpMhGB4e
UYvdgRWJBsYoaefYJ7Oglor3S50i8rC6MelmHtNmhFKncV+JR/rMhXJDiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLPdijSAtxiDxHSXVkLx4bRsasnrMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvczkyS05JQzNHSVBFZEpkV1F2SGh0R3hxeWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAs
MA0GCSqGSIb3DQEBCwUAA4IBAQBB9jNIBzqXlJMa5xvlNiearu7+AmCxdY8TUyPz
5EwYiY70jQ8sq0z569Cesnq9c9Gzc2uCreNoRaEbMhx/FjxGxMTQNoQgQJUWInW0
GX3PhXxeWLAlOD4Fp3+Jth2kDim4K+fIzbkdiRSipZZ4E7lCp0rEs6kkuUFezEtF
wQO8aVljq9abRDO5H5HGS/QenoVh4R5lLt746QEOcTLSLclsLuF7NZbFXIkNSFcb
CFO14T15pFcmLoH9IbO0uqAU0QzjlKdrcIYV20d/V1ue5qO3WCb7Ss4OOR4oSE/+
xPHE5vMuzlVmSpQloffaMzW155GDRF1QlQzqFuILR401ujAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org