Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/x49Wlsa1gVGIkPpC0riCPJKeIPk.roa
File: x49Wlsa1gVGIkPpC0riCPJKeIPk.roa (raw, json)
Hash identifier: +BgJV65h3pUpmNh0nmZCwkkuKyjWwTGk5PjuN9q6Y5Q=
Subject key identifier: C7:8F:56:96:C6:B5:81:51:88:90:FA:42:D2:B8:82:3C:92:9E:20:F9
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD8A70AB29F33538A2E6FC6AC6C08F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/x49Wlsa1gVGIkPpC0riCPJKeIPk.roa
Signing time: Tue 06 Feb 2024 18:28:16 +0000
ROA not before: Tue 06 Feb 2024 18:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44570
IP address blocks: 2a0f:b241:110::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:8a:70:ab:29:f3:35:38:a2:e6:fc:6a:c6:c0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c78f5696c6b581518890fa42d2b8823c929e20f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:9c:22:78:1c:ac:15:90:ce:e1:b7:26:4c:
14:aa:0a:a3:5d:21:39:13:0f:6f:5c:5a:68:36:13:
a5:16:92:2b:54:91:00:9e:7e:dd:ce:76:f2:5b:d3:
c2:17:32:f7:19:91:cf:a6:38:1a:bd:16:15:21:4c:
35:fb:45:cb:88:2c:8c:07:3d:ce:86:bc:07:04:ea:
24:55:45:93:b5:e1:80:20:7a:0d:f6:7c:04:11:b4:
46:ae:dd:d0:b0:fe:ca:21:94:32:f3:5b:3c:dd:5d:
d8:a5:fa:8e:01:90:84:49:c1:c0:be:07:8c:ff:1a:
53:7f:19:14:c8:bb:45:d3:80:7f:da:d0:f4:f1:84:
ab:e0:01:c3:93:30:97:39:af:a8:09:ea:2e:ff:aa:
7a:56:6a:2c:6b:c5:dc:cc:62:b6:60:7a:ef:11:cf:
d6:2f:b8:bb:f5:ce:dc:a0:b0:2f:56:4f:5f:80:81:
78:cb:4d:2d:32:47:55:6c:9c:3f:1f:4c:9f:8d:9f:
d9:e1:d3:dd:37:8b:0e:df:b7:d4:4c:51:ae:d1:00:
d5:4d:00:8a:66:a6:0a:fe:7e:be:e2:b9:fa:24:13:
51:1d:ba:67:dd:b5:53:25:ed:f4:99:cf:27:fb:78:
2f:eb:60:f0:d1:4b:65:40:0e:02:f5:3c:7b:ba:87:
5c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8F:56:96:C6:B5:81:51:88:90:FA:42:D2:B8:82:3C:92:9E:20:F9
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/x49Wlsa1gVGIkPpC0riCPJKeIPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:110::/48
Signature Algorithm: sha256WithRSAEncryption
8e:26:d2:c4:80:6a:78:59:02:35:82:9e:c4:11:29:8e:dc:db:
89:21:b7:d2:0d:e6:00:c0:0b:55:71:39:f3:aa:a3:21:6d:1f:
af:7b:b5:42:d9:cc:5c:cc:26:6c:60:c2:2f:3b:1d:c2:df:67:
54:82:53:b5:6b:dc:3f:11:2c:44:1f:ad:36:5d:de:54:a0:8c:
5e:dd:9d:bf:db:41:18:47:b5:57:49:78:42:a6:a9:7e:f5:a2:
e7:09:c5:64:c7:bb:ab:08:9b:e8:df:1a:64:f3:fb:30:5a:b7:
7a:31:62:be:37:5e:66:86:5e:f4:28:88:15:ff:7f:60:2d:0a:
d2:9c:c1:96:0b:26:01:73:46:e7:2a:de:56:9c:b5:e3:a6:9b:
44:f7:83:b7:59:14:0d:40:0d:b2:d6:a7:6e:2e:bc:a9:8c:16:
bc:eb:07:d5:b6:d5:7a:88:cc:df:23:30:08:f0:87:68:59:35:
15:19:fc:3e:99:a7:7d:d3:9e:a5:91:85:e5:f3:9a:b0:c9:5d:
b7:48:ce:fe:fc:7d:d6:44:cc:bb:b6:3e:44:b8:6a:88:ea:55:
9b:86:48:65:ab:31:cc:5b:42:55:ff:8b:69:e6:56:11:58:54:
37:7d:4b:9a:ea:1a:6c:2d:e5:8f:34:2c:c9:42:3d:00:77:ba:
fd:4a:15:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rYpwqynzNTii5vxqxsCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhmNTY5NmM2YjU4MTUxODg5MGZhNDJkMmI4ODIzYzkyOWUyMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPecIngcrBWQzuG3JkwUqgqjXSE5
Ew9vXFpoNhOlFpIrVJEAnn7dznbyW9PCFzL3GZHPpjgavRYVIUw1+0XLiCyMBz3O
hrwHBOokVUWTteGAIHoN9nwEEbRGrt3QsP7KIZQy81s83V3YpfqOAZCEScHAvgeM
/xpTfxkUyLtF04B/2tD08YSr4AHDkzCXOa+oCeou/6p6Vmosa8XczGK2YHrvEc/W
L7i79c7coLAvVk9fgIF4y00tMkdVbJw/H0yfjZ/Z4dPdN4sO37fUTFGu0QDVTQCK
ZqYK/n6+4rn6JBNRHbpn3bVTJe30mc8n+3gv62Dw0UtlQA4C9Tx7uodcXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMePVpbGtYFRiJD6QtK4gjySniD5MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveDQ5V2xzYTFnVkdJa1BwQzByaUNQSktlSVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCOJtLEgGp4WQI1gp7EESmO3NuJIbfSDeYAwAtV
cTnzqqMhbR+ve7VC2cxczCZsYMIvOx3C32dUglO1a9w/ESxEH602Xd5UoIxe3Z2/
20EYR7VXSXhCpql+9aLnCcVkx7urCJvo3xpk8/swWrd6MWK+N15mhl70KIgV/39g
LQrSnMGWCyYBc0bnKt5WnLXjpptE94O3WRQNQA2y1qduLrypjBa86wfVttV6iMzf
IzAI8IdoWTUVGfw+mad9056lkYXl85qwyV23SM7+/H3WRMy7tj5EuGqI6lWbhkhl
qzHMW0JV/4tp5lYRWFQ3fUua6hpsLeWPNCzJQj0Ad7r9ShUe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org