Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xEcbZ2QdCjjJ50WO2T-XrnNROns.roa
File: xEcbZ2QdCjjJ50WO2T-XrnNROns.roa (raw, json)
Hash identifier: g1XI+vvwYFGgJsCWFbuZ8JyQn1ZARyOTjIyLiUQaCzU=
Subject key identifier: C4:47:1B:67:64:1D:0A:38:C9:E7:45:8E:D9:3F:97:AE:73:51:3A:7B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A7C1E8477732C22AEB0809292F8A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xEcbZ2QdCjjJ50WO2T-XrnNROns.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211444
IP address blocks: 2a0f:b241:146::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a7:c1:e8:47:77:32:c2:2a:eb:08:09:29:2f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4471b67641d0a38c9e7458ed93f97ae73513a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ae:63:0d:e4:9b:b2:f1:20:7f:17:db:fa:4c:
7e:be:c9:4e:db:25:5e:e9:2b:43:f3:17:ce:db:4d:
10:e9:6d:d7:53:ce:1c:44:55:38:96:46:63:5a:d5:
7b:6e:4e:f8:8b:67:7c:84:fb:07:7b:ea:fb:4e:a7:
22:6b:8d:49:0e:58:4d:13:00:9c:98:44:ec:12:e5:
5f:18:6a:08:c1:b2:a0:00:48:48:5c:06:e6:72:8c:
bc:98:e2:86:90:ce:f6:87:f7:d2:3e:23:db:73:88:
9e:d3:ce:e4:3f:eb:b8:3e:c6:ec:67:29:c2:e3:69:
3a:b8:13:48:15:c8:30:a3:37:e2:35:b7:8f:8f:ad:
82:49:a3:44:37:c4:4b:61:48:8c:8f:a6:db:4a:7b:
1d:e7:dd:11:96:e7:70:5d:c2:77:6f:a6:6d:d7:ef:
60:39:a0:9c:68:85:e6:29:aa:63:79:9f:a3:cc:8f:
b8:c5:d5:14:9e:05:17:28:82:45:f2:d1:0e:87:d3:
62:9f:34:91:8e:dc:1f:e4:6f:3f:45:dc:e4:4c:7f:
24:33:b8:51:bd:b9:8b:e1:3a:0f:51:72:fd:8d:03:
9f:ab:a2:4b:22:ed:cf:63:e5:3b:90:a7:d9:e1:61:
56:32:30:d2:88:97:b0:bb:95:1c:34:e2:f8:e6:8f:
f7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:47:1B:67:64:1D:0A:38:C9:E7:45:8E:D9:3F:97:AE:73:51:3A:7B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xEcbZ2QdCjjJ50WO2T-XrnNROns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:146::/48
Signature Algorithm: sha256WithRSAEncryption
80:73:50:cf:31:2f:72:1e:53:d0:69:a2:27:9c:f7:3a:73:98:
84:cc:65:3c:f4:9f:b0:61:d6:e2:d1:e6:07:84:4d:5f:4a:5d:
42:af:47:f8:2d:ce:05:95:81:9e:fc:50:01:79:38:05:14:bb:
54:08:34:91:82:63:ac:71:be:6c:c1:7d:82:cf:b6:6c:8f:67:
35:e6:5d:7b:ba:88:1a:d2:87:bb:3d:8d:f2:e9:b0:ac:3c:29:
33:0a:99:5f:9c:c0:f6:a8:00:1c:95:c4:68:93:48:c3:e0:2c:
8a:4d:ed:f3:cc:8c:94:3c:77:21:67:aa:af:e0:2b:43:17:57:
c0:64:e6:00:48:5f:29:12:9e:c2:15:f6:6a:77:28:b7:2b:56:
60:02:5e:c6:72:fb:27:55:41:ac:c6:ff:3a:3d:b1:eb:d6:b2:
c2:61:da:b1:6f:53:18:03:ef:4a:7e:3d:76:79:88:a5:c0:ff:
17:64:8f:57:fc:2d:9d:a1:7e:8a:21:17:4f:5b:37:92:9c:9a:
c7:9b:81:aa:b7:9e:e4:55:57:b3:77:20:16:46:b3:a6:0d:24:
0a:60:f3:4d:79:ba:64:43:d8:49:78:00:a0:7b:90:29:2b:db:
28:26:0c:cd:41:7d:44:0d:2c:3b:f3:c1:ff:59:8e:fe:a4:18:
68:e7:2a:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KfB6Ed3MsIq6wgJKS+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ3MWI2NzY0MWQwYTM4YzllNzQ1OGVkOTNmOTdhZTczNTEzYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm65jDeSbsvEgfxfb+kx+vslO2yVe
6StD8xfO200Q6W3XU84cRFU4lkZjWtV7bk74i2d8hPsHe+r7Tqcia41JDlhNEwCc
mETsEuVfGGoIwbKgAEhIXAbmcoy8mOKGkM72h/fSPiPbc4ie087kP+u4PsbsZynC
42k6uBNIFcgwozfiNbePj62CSaNEN8RLYUiMj6bbSnsd590RludwXcJ3b6Zt1+9g
OaCcaIXmKapjeZ+jzI+4xdUUngUXKIJF8tEOh9NinzSRjtwf5G8/RdzkTH8kM7hR
vbmL4ToPUXL9jQOfq6JLIu3PY+U7kKfZ4WFWMjDSiJewu5UcNOL45o/3DQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMRHG2dkHQo4yedFjtk/l65zUTp7MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveEVjYloyUWRDampKNTBXTzJULVhybk5ST25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFG
MA0GCSqGSIb3DQEBCwUAA4IBAQCAc1DPMS9yHlPQaaInnPc6c5iEzGU89J+wYdbi
0eYHhE1fSl1Cr0f4Lc4FlYGe/FABeTgFFLtUCDSRgmOscb5swX2Cz7Zsj2c15l17
uoga0oe7PY3y6bCsPCkzCplfnMD2qAAclcRok0jD4CyKTe3zzIyUPHchZ6qv4CtD
F1fAZOYASF8pEp7CFfZqdyi3K1ZgAl7GcvsnVUGsxv86PbHr1rLCYdqxb1MYA+9K
fj12eYilwP8XZI9X/C2doX6KIRdPWzeSnJrHm4Gqt57kVVezdyAWRrOmDSQKYPNN
ebpkQ9hJeACge5ApK9soJgzNQX1EDSw788H/WY7+pBho5yqZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org