Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tEz9as5VgcCIJb-Pkxr6x3Pqy2g.roa
File: tEz9as5VgcCIJb-Pkxr6x3Pqy2g.roa (raw, json)
Hash identifier: e4ljrhJqoCBMotIqP6QMrYanY+APqIPnmEnf/lSALb0=
Subject key identifier: B4:4C:FD:6A:CE:55:81:C0:88:25:BF:8F:93:1A:FA:C7:73:EA:CB:68
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F08927A7B99DD57FD8CDD978F715E0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tEz9as5VgcCIJb-Pkxr6x3Pqy2g.roa
Signing time: Wed 07 Feb 2024 05:00:41 +0000
ROA not before: Wed 07 Feb 2024 05:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201501
IP address blocks: 2a0f:b241:de::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:89:27:a7:b9:9d:d5:7f:d8:cd:d9:78:f7:15:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b44cfd6ace5581c08825bf8f931afac773eacb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:af:00:a2:18:3e:0d:76:fe:98:b7:ac:ec:03:
10:57:cc:6c:45:9d:23:ed:a9:c7:96:9b:01:de:c5:
ce:3f:f6:f3:66:d5:0b:87:d8:5f:61:7c:4d:f7:b7:
d0:a6:1b:a1:0f:bb:f8:8a:28:02:9d:65:91:73:1f:
ef:13:83:27:94:a3:9f:1e:c4:07:8a:52:e0:51:c3:
81:c8:7c:37:69:04:de:21:a0:bb:00:aa:8f:2e:0d:
a1:ed:9c:75:60:e2:60:8b:f5:52:58:e8:2f:c9:f3:
14:92:6b:b4:b3:b7:8a:b9:07:dd:97:00:79:03:54:
aa:3e:5a:df:a6:0d:fc:c3:19:ef:4f:2e:1c:76:ff:
71:39:d2:ef:2f:42:c8:4b:66:98:30:09:22:a9:2a:
29:99:ce:9e:57:92:66:84:fa:f6:11:34:66:df:21:
1e:0e:4b:63:31:a5:84:43:95:0e:2f:3b:50:17:85:
fa:74:5a:12:61:a0:1c:46:ae:13:4f:fe:e0:97:c4:
dc:6c:5f:66:37:fc:7e:bb:59:60:ed:48:4b:99:56:
3f:75:dc:35:d7:d0:9c:af:06:a3:01:29:55:12:2a:
31:c9:92:9d:53:92:7b:9f:e8:53:d0:52:83:2e:f8:
37:b2:d5:e5:96:66:aa:90:63:20:d9:e8:c7:5b:4d:
53:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4C:FD:6A:CE:55:81:C0:88:25:BF:8F:93:1A:FA:C7:73:EA:CB:68
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tEz9as5VgcCIJb-Pkxr6x3Pqy2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:de::/48
Signature Algorithm: sha256WithRSAEncryption
18:26:e8:fe:08:c2:83:7f:05:7c:e0:cc:44:b2:c5:7e:0f:4b:
3c:b8:b5:06:6b:d6:5d:26:ac:0d:4a:30:e2:6f:3c:3c:6d:ae:
ce:c0:59:ca:db:1a:cf:cd:05:ec:8d:40:d2:9c:a3:2c:fb:ef:
66:f1:aa:1b:9a:93:e8:72:5f:fc:fb:5b:95:d4:6d:64:81:67:
be:97:16:9d:52:d1:c6:21:00:5a:60:58:1a:ce:49:cf:c0:23:
df:5d:f1:94:36:92:18:b0:e3:36:cd:da:2f:a5:3e:fe:16:8f:
7a:e8:09:e3:3b:ac:30:23:2f:e8:81:54:53:c4:d5:b6:fb:70:
7c:3a:0d:fa:25:35:b3:02:66:b4:74:43:d7:7e:6b:72:ba:3b:
c3:fe:a1:a6:04:92:ca:ea:5f:52:a1:80:ee:d5:81:78:43:4e:
09:12:6c:71:7b:30:b8:30:5c:a7:6d:09:2c:e4:9b:39:8e:30:
11:02:58:a6:0f:9a:86:ef:cf:33:04:f0:fe:ff:53:d4:61:c6:
bf:3c:60:90:91:b8:17:98:ca:ff:f8:5f:83:3f:f5:3e:60:70:
0c:ac:9c:78:63:cd:77:6c:29:30:95:da:28:22:9c:d9:f0:10:
98:84:9b:06:eb:ba:b0:7a:99:b4:ba:2b:d7:55:0e:26:39:19:
dd:28:83:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Iknp7md1X/Yzdl49xXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRjZmQ2YWNlNTU4MWMwODgyNWJmOGY5MzFhZmFjNzczZWFjYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka8Aohg+DXb+mLes7AMQV8xsRZ0j
7anHlpsB3sXOP/bzZtULh9hfYXxN97fQphuhD7v4iigCnWWRcx/vE4MnlKOfHsQH
ilLgUcOByHw3aQTeIaC7AKqPLg2h7Zx1YOJgi/VSWOgvyfMUkmu0s7eKuQfdlwB5
A1SqPlrfpg38wxnvTy4cdv9xOdLvL0LIS2aYMAkiqSopmc6eV5JmhPr2ETRm3yEe
DktjMaWEQ5UOLztQF4X6dFoSYaAcRq4TT/7gl8TcbF9mN/x+u1lg7UhLmVY/ddw1
19CcrwajASlVEioxyZKdU5J7n+hT0FKDLvg3stXllmaqkGMg2ejHW01TpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLRM/WrOVYHAiCW/j5Ma+sdz6stoMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdEV6OWFzNVZnY0NJSmItUGt4cjZ4M1BxeTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDe
MA0GCSqGSIb3DQEBCwUAA4IBAQAYJuj+CMKDfwV84MxEssV+D0s8uLUGa9ZdJqwN
SjDibzw8ba7OwFnK2xrPzQXsjUDSnKMs++9m8aobmpPocl/8+1uV1G1kgWe+lxad
UtHGIQBaYFgazknPwCPfXfGUNpIYsOM2zdovpT7+Fo966AnjO6wwIy/ogVRTxNW2
+3B8Og36JTWzAma0dEPXfmtyujvD/qGmBJLK6l9SoYDu1YF4Q04JEmxxezC4MFyn
bQks5Js5jjARAlimD5qG788zBPD+/1PUYca/PGCQkbgXmMr/+F+DP/U+YHAMrJx4
Y813bCkwldooIpzZ8BCYhJsG67qwepm0uivXVQ4mORndKIMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org