Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xk2eXH63xMn4Ck1Rsci1DSdfOas.roa
File: xk2eXH63xMn4Ck1Rsci1DSdfOas.roa (raw, json)
Hash identifier: K+SnZ3AVcMjC72BRS7vMbdbmwUzftLcV72xHs8JqxN8=
Subject key identifier: C6:4D:9E:5C:7E:B7:C4:C9:F8:0A:4D:51:B1:C8:B5:0D:27:5F:39:AB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B36EA6828F5071EAF5CC21B8FAAC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xk2eXH63xMn4Ck1Rsci1DSdfOas.roa
Signing time: Wed 07 Feb 2024 05:00:51 +0000
ROA not before: Wed 07 Feb 2024 05:00:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215648
IP address blocks: 2a0f:b241:4f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b3:6e:a6:82:8f:50:71:ea:f5:cc:21:b8:fa:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64d9e5c7eb7c4c9f80a4d51b1c8b50d275f39ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4c:02:4a:f8:a3:d9:28:80:6a:d0:14:b6:8a:
a4:38:f9:e4:ec:fb:35:82:54:60:80:06:57:ff:c3:
9d:a8:b8:b7:06:33:2c:7e:44:9c:7c:ae:21:02:e3:
b0:63:19:87:1d:f0:8a:a4:4c:15:0c:f0:c7:96:cd:
9d:7f:b8:29:7f:20:a7:dd:5a:70:15:f9:43:05:cc:
57:65:aa:d9:a2:f7:fa:20:c4:15:bb:45:91:28:c1:
cb:1a:86:f7:5c:9c:59:ac:3c:f6:65:d3:f5:96:35:
e4:8e:4a:c0:f8:2d:98:9a:f4:7d:b7:09:09:e5:75:
e0:f9:86:b9:77:55:50:10:1b:ed:37:ed:5c:c7:ff:
53:16:7e:6b:8d:57:f9:d8:22:06:cd:4f:d3:b9:7a:
57:c5:d3:59:d6:66:11:e0:83:2f:06:02:b4:16:2b:
12:51:9f:6d:75:9d:3b:0c:ce:c4:f1:7e:8c:52:f2:
5b:59:3d:f9:74:c2:2a:d3:e4:c2:31:ca:ce:c3:56:
75:a4:50:b2:24:5e:2a:96:4c:56:8b:5e:a3:d8:92:
4a:71:fa:e7:09:61:1b:2f:88:df:84:10:55:18:e1:
9c:8c:94:24:92:6f:af:20:98:86:f0:b3:2b:c5:fb:
bc:b2:3d:11:28:af:a1:03:fb:ab:ce:57:9c:4d:a1:
88:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4D:9E:5C:7E:B7:C4:C9:F8:0A:4D:51:B1:C8:B5:0D:27:5F:39:AB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xk2eXH63xMn4Ck1Rsci1DSdfOas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4f::/48
Signature Algorithm: sha256WithRSAEncryption
5e:5f:b0:55:00:57:b6:c8:47:c0:e8:aa:b5:c7:c8:06:fd:67:
25:96:ed:38:b2:e3:b9:d7:b3:23:63:34:93:31:3a:f7:c1:78:
46:8a:b5:31:39:76:63:b5:95:e4:05:61:40:45:9a:cb:b2:fb:
78:73:34:52:7e:ae:7f:78:6b:87:a6:c9:ff:33:94:1e:6a:cc:
c1:24:37:ca:78:0b:d2:78:66:8a:1f:58:fd:fc:9c:80:cc:3d:
d0:89:e1:e9:79:e1:82:63:31:aa:af:bc:f4:b7:d9:36:23:c4:
d6:b4:eb:13:5b:7b:3a:fe:ec:6e:61:1b:f7:8c:c4:10:d2:66:
e5:3a:0d:13:3b:9f:29:a0:f7:be:1e:e6:84:04:e0:5b:f0:eb:
13:fb:9a:af:4c:5b:fc:91:22:f8:9d:b4:cb:52:5a:82:e2:9f:
3f:34:e7:fa:cf:bf:37:2d:3f:92:79:98:11:72:52:35:bc:dc:
fb:54:87:ce:2f:2f:ff:39:95:31:df:e4:af:5e:98:44:bb:c4:
cb:15:9a:cb:1d:d2:51:5c:72:2d:e3:bf:7c:70:39:bc:c0:06:
7d:7c:4c:9f:f9:e3:f0:39:3a:12:2e:e9:be:67:f8:fd:fc:82:
7d:29:b9:e3:66:11:e0:85:40:e0:86:a3:3a:b2:06:e2:c5:ff:
ba:f4:33:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LNupoKPUHHq9cwhuPqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRkOWU1YzdlYjdjNGM5ZjgwYTRkNTFiMWM4YjUwZDI3NWYzOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEwCSvij2SiAatAUtoqkOPnk7Ps1
glRggAZX/8OdqLi3BjMsfkScfK4hAuOwYxmHHfCKpEwVDPDHls2df7gpfyCn3Vpw
FflDBcxXZarZovf6IMQVu0WRKMHLGob3XJxZrDz2ZdP1ljXkjkrA+C2YmvR9twkJ
5XXg+Ya5d1VQEBvtN+1cx/9TFn5rjVf52CIGzU/TuXpXxdNZ1mYR4IMvBgK0FisS
UZ9tdZ07DM7E8X6MUvJbWT35dMIq0+TCMcrOw1Z1pFCyJF4qlkxWi16j2JJKcfrn
CWEbL4jfhBBVGOGcjJQkkm+vIJiG8LMrxfu8sj0RKK+hA/urzlecTaGImQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZNnlx+t8TJ+ApNUbHItQ0nXzmrMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveGsyZVhINjN4TW40Q2sxUnNjaTFEU2RmT2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBP
MA0GCSqGSIb3DQEBCwUAA4IBAQBeX7BVAFe2yEfA6Kq1x8gG/Wcllu04suO517Mj
YzSTMTr3wXhGirUxOXZjtZXkBWFARZrLsvt4czRSfq5/eGuHpsn/M5QeaszBJDfK
eAvSeGaKH1j9/JyAzD3QieHpeeGCYzGqr7z0t9k2I8TWtOsTW3s6/uxuYRv3jMQQ
0mblOg0TO58poPe+HuaEBOBb8OsT+5qvTFv8kSL4nbTLUlqC4p8/NOf6z783LT+S
eZgRclI1vNz7VIfOLy//OZUx3+SvXphEu8TLFZrLHdJRXHIt4798cDm8wAZ9fEyf
+ePwOToSLum+Z/j9/IJ9KbnjZhHghUDghqM6sgbixf+69DNC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org