Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/z3oYTjf_nC6ZjgK0-LofE4IJwzo.roa
File: z3oYTjf_nC6ZjgK0-LofE4IJwzo.roa (raw, json)
Hash identifier: gc+sM0Sgh/AoujektPWy07eZHmp+kX5NquqQ1EAKoIs=
Subject key identifier: CF:7A:18:4E:37:FF:9C:2E:99:8E:02:B4:F8:BA:1F:13:82:09:C3:3A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F08D60FA377C989CB12F4D0FA11E6F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/z3oYTjf_nC6ZjgK0-LofE4IJwzo.roa
Signing time: Wed 07 Feb 2024 05:00:42 +0000
ROA not before: Wed 07 Feb 2024 05:00:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203314
IP address blocks: 2a0f:b241:136::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:8d:60:fa:37:7c:98:9c:b1:2f:4d:0f:a1:1e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7a184e37ff9c2e998e02b4f8ba1f138209c33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d0:f2:42:26:b5:c9:dc:cd:08:ff:2e:3e:fa:
ee:87:67:9e:16:da:10:32:f9:a1:13:6c:73:20:80:
d1:8b:63:42:98:2f:cd:05:ab:6a:72:bb:07:f7:0b:
66:85:79:80:ce:7d:ad:b2:0f:27:cc:a1:4c:f2:58:
e7:3e:63:07:9a:ae:c2:e1:93:48:06:37:b9:ef:a8:
0c:9c:51:8a:a6:01:b8:f9:f3:a7:be:b7:9c:88:4a:
e6:07:b1:35:1a:fb:aa:2f:ed:7e:c4:6d:8c:b3:84:
7e:c6:a4:c2:41:d1:0a:97:f6:65:a3:4e:68:3c:8f:
da:86:b1:5e:30:ef:67:5b:52:05:f7:35:d7:b4:68:
be:8d:31:8d:d3:ed:af:95:75:87:e4:f6:8f:fb:fa:
28:41:f2:63:cc:09:11:19:be:87:75:ee:4e:6b:7d:
3b:42:cc:4d:51:19:e3:d1:04:19:2c:d9:9f:76:86:
45:34:b0:ba:9d:2f:cf:7e:b5:a3:28:52:78:ff:b6:
f2:2f:d8:a7:36:42:67:95:90:ec:0c:6d:83:30:f0:
9f:bd:a1:50:17:22:33:df:ba:6c:19:f0:dd:fd:97:
83:52:85:d1:ef:a2:0f:20:8c:7e:ce:38:34:8b:fc:
ae:9e:77:05:a8:a5:39:e9:6b:41:e0:46:48:81:8b:
b5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7A:18:4E:37:FF:9C:2E:99:8E:02:B4:F8:BA:1F:13:82:09:C3:3A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/z3oYTjf_nC6ZjgK0-LofE4IJwzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:136::/48
Signature Algorithm: sha256WithRSAEncryption
1d:e3:c9:dc:f3:02:ef:5d:06:e7:a3:5b:46:d5:27:86:12:85:
70:17:60:0f:b5:f6:3a:24:cc:a5:46:cb:f5:97:5e:90:30:07:
9c:cb:97:f0:27:c5:4a:39:02:a9:0d:91:9d:89:1c:d7:99:c0:
0e:af:f5:a6:9b:95:be:d6:b1:af:ae:3f:7f:53:32:ec:d5:49:
5e:f7:d2:d0:ab:09:39:ee:27:5a:d0:f6:be:a4:3c:d4:74:35:
f5:fc:4e:31:7e:7a:01:11:89:41:f0:5e:2a:70:d0:69:ce:64:
f8:a3:43:4c:39:34:d7:95:3d:7b:d8:c9:bf:d5:04:a6:de:89:
99:d1:ff:0d:ac:2f:a0:0f:d3:63:91:af:4a:55:5f:97:14:4f:
61:d2:ae:e7:cc:77:23:c7:03:82:f1:55:45:7a:1c:7c:8e:b1:
99:0a:24:25:45:af:d1:24:92:db:69:8a:07:93:88:65:f2:78:
54:9d:bd:ff:61:d4:2f:f1:d4:ba:0b:0b:0c:e9:ae:c2:83:6f:
32:19:9f:16:ca:16:bf:13:c2:df:b6:07:bc:56:e3:32:19:5d:
06:76:b2:39:8b:a5:6e:bf:d5:eb:a0:38:0f:40:61:0c:1f:6d:
f2:2e:71:28:11:97:29:53:a9:62:1c:a4:5d:37:15:dc:93:ab:
50:bf:f0:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8I1g+jd8mJyxL00PoR5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdhMTg0ZTM3ZmY5YzJlOTk4ZTAyYjRmOGJhMWYxMzgyMDljMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNDyQia1ydzNCP8uPvruh2eeFtoQ
MvmhE2xzIIDRi2NCmC/NBatqcrsH9wtmhXmAzn2tsg8nzKFM8ljnPmMHmq7C4ZNI
Bje576gMnFGKpgG4+fOnvreciErmB7E1GvuqL+1+xG2Ms4R+xqTCQdEKl/Zlo05o
PI/ahrFeMO9nW1IF9zXXtGi+jTGN0+2vlXWH5PaP+/ooQfJjzAkRGb6Hde5Oa307
QsxNURnj0QQZLNmfdoZFNLC6nS/PfrWjKFJ4/7byL9inNkJnlZDsDG2DMPCfvaFQ
FyIz37psGfDd/ZeDUoXR76IPIIx+zjg0i/yunncFqKU56WtB4EZIgYu13QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM96GE43/5wumY4CtPi6HxOCCcM6MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvejNvWVRqZl9uQzZaamdLMC1Mb2ZFNElKd3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE2
MA0GCSqGSIb3DQEBCwUAA4IBAQAd48nc8wLvXQbno1tG1SeGEoVwF2APtfY6JMyl
Rsv1l16QMAecy5fwJ8VKOQKpDZGdiRzXmcAOr/Wmm5W+1rGvrj9/UzLs1Ule99LQ
qwk57ida0Pa+pDzUdDX1/E4xfnoBEYlB8F4qcNBpzmT4o0NMOTTXlT172Mm/1QSm
3omZ0f8NrC+gD9Njka9KVV+XFE9h0q7nzHcjxwOC8VVFehx8jrGZCiQlRa/RJJLb
aYoHk4hl8nhUnb3/YdQv8dS6CwsM6a7Cg28yGZ8Wyha/E8Lftge8VuMyGV0GdrI5
i6Vuv9XroDgPQGEMH23yLnEoEZcpU6liHKRdNxXck6tQv/D/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org