Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zfXIhEfCLBpAcS_wmK-o3AIahvU.roa
File: zfXIhEfCLBpAcS_wmK-o3AIahvU.roa (raw, json)
Hash identifier: 7gc9ad3hCNNlp7hhZFlDCI9jierWZvhNweMGmvfuxD0=
Subject key identifier: CD:F5:C8:84:47:C2:2C:1A:40:71:2F:F0:98:AF:A8:DC:02:1A:86:F5
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0AC53F1BA8CCB0C4A49676A1E3E6C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zfXIhEfCLBpAcS_wmK-o3AIahvU.roa
Signing time: Wed 07 Feb 2024 05:00:50 +0000
ROA not before: Wed 07 Feb 2024 05:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212164
IP address blocks: 2a0f:b241:9d::/48 maxlen: 48
2a0f:b241:ff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:ac:53:f1:ba:8c:cb:0c:4a:49:67:6a:1e:3e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdf5c88447c22c1a40712ff098afa8dc021a86f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:63:ff:a4:40:6f:8c:43:87:5a:8c:c8:31:36:
95:b2:83:9a:3a:3d:f5:d3:2d:61:d7:04:42:51:19:
b9:40:24:0a:99:46:bb:90:71:21:9d:0b:18:29:d8:
00:7c:b9:15:f6:a5:12:23:5a:a6:21:04:13:7a:cd:
91:2d:14:e1:b5:17:48:ef:85:33:03:75:77:44:21:
ec:5c:05:99:cc:b9:5d:c2:98:1b:6f:6b:ea:1b:ac:
6d:46:7c:de:cb:d4:7e:70:9c:e8:35:a7:5a:42:be:
82:30:ff:b5:ad:53:9a:e0:cb:97:73:ea:e0:25:a3:
03:f7:a2:cc:97:bf:cd:56:b3:be:89:30:50:fc:1b:
14:3b:2e:65:fb:76:88:29:be:fd:95:9b:47:b4:cb:
43:c5:b4:9a:b8:93:b3:d4:41:4a:41:f0:85:d9:4b:
a0:dd:04:95:5a:1c:01:17:12:14:c2:78:ef:f3:7b:
2e:7c:a3:46:36:9f:da:ff:d3:20:ef:ef:91:9c:27:
d1:d1:cb:9d:b8:65:d4:22:1f:57:c9:2d:41:e1:51:
86:a7:4c:b9:64:ae:13:8b:a5:f0:22:83:35:e9:51:
8a:d2:9f:39:62:67:c8:11:cc:42:21:7c:b6:85:be:
49:0e:9a:84:cc:33:6c:2a:0e:fc:d1:5d:48:08:49:
be:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F5:C8:84:47:C2:2C:1A:40:71:2F:F0:98:AF:A8:DC:02:1A:86:F5
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zfXIhEfCLBpAcS_wmK-o3AIahvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:9d::/48
2a0f:b241:ff::/48
Signature Algorithm: sha256WithRSAEncryption
73:dd:7d:94:43:54:51:a2:2f:36:4b:6a:75:5c:2e:5c:9a:69:
5f:37:92:dc:5a:26:aa:84:48:39:4f:87:04:d3:c2:bb:48:74:
b7:4d:66:93:cb:4c:c5:4b:c3:73:c1:e2:d0:83:45:f4:07:34:
47:f6:da:6f:cc:38:17:0e:7c:97:ea:76:e2:e4:f9:3a:b8:11:
7d:8d:fb:16:14:4c:ec:a7:51:b0:d8:76:e2:34:a0:c4:9f:4f:
aa:9c:65:f9:1b:83:53:ee:22:ad:6c:ef:1e:2e:a2:f5:b9:ca:
85:0e:cc:6f:3b:f3:61:33:0b:57:7e:2a:c7:6e:20:a6:2b:01:
70:9b:1c:e1:2d:cd:59:d1:ea:3a:e1:fe:7a:87:70:67:a0:c4:
67:b7:96:93:2c:0d:3e:ac:e7:1f:e4:66:fc:f0:c0:c7:1f:46:
ee:af:23:fd:1a:b3:34:2f:75:92:c2:a6:98:e5:8d:45:d4:03:
da:28:a6:d4:ba:4d:36:10:54:9f:ad:5c:b6:2b:ae:4f:a1:81:
a1:9c:56:1a:22:8b:dd:28:07:40:2f:0d:ef:44:fd:14:7f:25:
ac:61:9e:87:66:33:de:fc:f6:43:81:69:02:91:f4:90:20:90:
85:b3:7e:e0:b3:fe:bf:cd:6b:c1:65:3d:9e:19:86:fc:f8:8f:
de:22:06:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2B8KxT8bqMywxKSWdqHj5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGY1Yzg4NDQ3YzIyYzFhNDA3MTJmZjA5OGFmYThkYzAyMWE4NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmP/pEBvjEOHWozIMTaVsoOaOj31
0y1h1wRCURm5QCQKmUa7kHEhnQsYKdgAfLkV9qUSI1qmIQQTes2RLRThtRdI74Uz
A3V3RCHsXAWZzLldwpgbb2vqG6xtRnzey9R+cJzoNadaQr6CMP+1rVOa4MuXc+rg
JaMD96LMl7/NVrO+iTBQ/BsUOy5l+3aIKb79lZtHtMtDxbSauJOz1EFKQfCF2Uug
3QSVWhwBFxIUwnjv83sufKNGNp/a/9Mg7++RnCfR0cuduGXUIh9XyS1B4VGGp0y5
ZK4Ti6XwIoM16VGK0p85YmfIEcxCIXy2hb5JDpqEzDNsKg780V1ICEm+bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM31yIRHwiwaQHEv8JivqNwCGob1MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvemZYSWhFZkNMQnBBY1Nfd21LLW8zQUlhaHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQCd
AwcAKg+yQQD/MA0GCSqGSIb3DQEBCwUAA4IBAQBz3X2UQ1RRoi82S2p1XC5cmmlf
N5LcWiaqhEg5T4cE08K7SHS3TWaTy0zFS8NzweLQg0X0BzRH9tpvzDgXDnyX6nbi
5Pk6uBF9jfsWFEzsp1Gw2HbiNKDEn0+qnGX5G4NT7iKtbO8eLqL1ucqFDsxvO/Nh
MwtXfirHbiCmKwFwmxzhLc1Z0eo64f56h3BnoMRnt5aTLA0+rOcf5Gb88MDHH0bu
ryP9GrM0L3WSwqaY5Y1F1APaKKbUuk02EFSfrVy2K65PoYGhnFYaIovdKAdALw3v
RP0UfyWsYZ6HZjPe/PZDgWkCkfSQIJCFs37gs/6/zWvBZT2eGYb8+I/eIgZK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org