Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/txNVHczST1HDtPMTkx5TnQfJE_0.roa
File: txNVHczST1HDtPMTkx5TnQfJE_0.roa (raw, json)
Hash identifier: f2IO9XO+/OR1H4pK8opesQWik+AcKfJ+ARuxfStqOwI=
Subject key identifier: B7:13:55:1D:CC:D2:4F:51:C3:B4:F3:13:93:1E:53:9D:07:C9:13:FD
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95BC0F6E42C072245FEB470BCACAD4
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/txNVHczST1HDtPMTkx5TnQfJE_0.roa
Signing time: Tue 06 Feb 2024 18:02:15 +0000
ROA not before: Tue 06 Feb 2024 18:02:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208787
IP address blocks: 2a0f:b241:40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:bc:0f:6e:42:c0:72:24:5f:eb:47:0b:ca:ca:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b713551dccd24f51c3b4f313931e539d07c913fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:ba:40:0a:68:45:47:76:b6:3f:b6:e7:cd:
47:29:34:72:f4:45:e8:fd:43:33:8c:be:c1:10:23:
28:86:78:01:a0:f6:b4:c2:aa:c8:a4:cc:0f:74:6b:
6c:fc:21:9c:75:ff:37:c1:bd:38:32:78:bf:6c:8b:
85:77:b4:6d:07:68:49:d3:6b:cc:a1:19:8e:0f:83:
45:0a:05:7d:19:80:eb:85:26:7c:b7:72:c6:8f:d3:
30:77:ad:cf:62:8d:24:ff:96:67:e1:5b:09:da:dd:
ed:d1:4f:9b:2c:53:86:80:ff:fb:ae:e0:cd:60:f4:
0e:5c:c8:84:1f:b9:b8:87:04:93:6c:9a:b8:20:6b:
c4:59:07:70:61:53:1b:17:59:0f:ed:22:73:e2:5c:
b6:cb:d9:59:93:60:ad:83:13:c4:3d:1e:08:1c:2d:
e8:cd:3c:3b:d3:46:fe:40:2d:18:b1:3a:c9:08:05:
09:c5:30:dd:58:21:13:c4:04:3c:bf:10:9f:ae:59:
08:c0:d7:94:0f:15:b8:5c:87:6e:5d:0b:31:28:1d:
26:6b:ac:2a:36:01:75:91:ad:f6:77:16:e7:3e:43:
ff:7b:c7:1f:86:4b:1c:5f:c9:22:fb:05:3c:46:df:
df:27:68:eb:2d:98:22:57:77:4f:f9:2a:2b:42:d1:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:13:55:1D:CC:D2:4F:51:C3:B4:F3:13:93:1E:53:9D:07:C9:13:FD
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/txNVHczST1HDtPMTkx5TnQfJE_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:40::/48
Signature Algorithm: sha256WithRSAEncryption
82:e1:29:a3:d7:d9:1e:ac:32:25:f7:9c:47:2e:66:80:aa:c7:
cf:22:55:14:c8:11:09:7e:d5:8a:52:8a:26:8e:67:29:36:5a:
28:5a:e7:69:70:b9:77:e2:d9:fd:13:f0:2e:4c:f1:f9:71:b6:
ca:f6:d9:b7:84:1b:e1:34:2b:ac:47:c3:e2:dd:c4:8d:ac:e1:
dd:15:76:89:70:d6:00:77:6f:a3:15:87:cf:98:07:af:9f:f0:
e6:99:fb:a3:5b:87:ed:d7:0d:b2:80:06:b2:d8:bc:55:e8:66:
a7:d3:ff:ca:9f:e6:ea:1b:13:67:cc:2d:a0:14:d1:0a:45:ae:
d1:6f:17:83:4d:d4:d5:2f:21:25:73:e9:e7:7e:4c:79:d5:e6:
db:18:84:c9:6e:2e:a1:bc:73:99:e3:d8:6e:93:10:7b:64:b4:
72:b6:e5:05:02:8f:90:d6:2c:58:19:d0:10:55:f5:21:d7:f2:
e9:89:00:85:f9:ba:18:2f:d4:22:1c:cc:1d:2f:38:b6:cf:d2:
4e:25:0c:45:e8:24:bf:54:89:ed:bb:08:52:a6:4e:f8:db:70:
ed:c3:ab:93:50:00:fa:e7:1d:38:8e:88:78:5f:03:fb:e5:c4:
8c:88:ee:a6:ac:2e:79:42:14:fc:b4:1e:6e:ec:a2:72:9f:c8:
2a:b0:16:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lbwPbkLAciRf60cLysrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzEzNTUxZGNjZDI0ZjUxYzNiNGYzMTM5MzFlNTM5ZDA3YzkxM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzi6QApoRUd2tj+2581HKTRy9EXo
/UMzjL7BECMohngBoPa0wqrIpMwPdGts/CGcdf83wb04Mni/bIuFd7RtB2hJ02vM
oRmOD4NFCgV9GYDrhSZ8t3LGj9Mwd63PYo0k/5Zn4VsJ2t3t0U+bLFOGgP/7ruDN
YPQOXMiEH7m4hwSTbJq4IGvEWQdwYVMbF1kP7SJz4ly2y9lZk2CtgxPEPR4IHC3o
zTw700b+QC0YsTrJCAUJxTDdWCETxAQ8vxCfrlkIwNeUDxW4XIduXQsxKB0ma6wq
NgF1ka32dxbnPkP/e8cfhkscX8ki+wU8Rt/fJ2jrLZgiV3dP+SorQtHKgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLcTVR3M0k9Rw7TzE5MeU50HyRP9MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdHhOVkhjelNUMUhEdFBNVGt4NVRuUWZKRV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCC4Smj19kerDIl95xHLmaAqsfPIlUUyBEJftWK
UoomjmcpNlooWudpcLl34tn9E/AuTPH5cbbK9tm3hBvhNCusR8Pi3cSNrOHdFXaJ
cNYAd2+jFYfPmAevn/DmmfujW4ft1w2ygAay2LxV6Gan0//Kn+bqGxNnzC2gFNEK
Ra7RbxeDTdTVLyElc+nnfkx51ebbGITJbi6hvHOZ49hukxB7ZLRytuUFAo+Q1ixY
GdAQVfUh1/LpiQCF+boYL9QiHMwdLzi2z9JOJQxF6CS/VIntuwhSpk7423Dtw6uT
UAD65x04joh4XwP75cSMiO6mrC55QhT8tB5u7KJyn8gqsBYn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org