Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0HCAhi2WgERuYHbQ1z_Fbbfb6gQ.roa
File: 0HCAhi2WgERuYHbQ1z_Fbbfb6gQ.roa (raw, json)
Hash identifier: LU5IHUkAEsLIbwcSjagCdiIShhN7pIdhXWJoBMxeYKI=
Subject key identifier: D0:70:80:86:2D:96:80:44:6E:60:76:D0:D7:3F:C5:6D:B7:DB:EA:04
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA63850B9E428D1ED557072D1648058
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0HCAhi2WgERuYHbQ1z_Fbbfb6gQ.roa
Signing time: Tue 06 Feb 2024 18:20:16 +0000
ROA not before: Tue 06 Feb 2024 18:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198025
IP address blocks: 2a0f:b241:77::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:38:50:b9:e4:28:d1:ed:55:70:72:d1:64:80:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d07080862d9680446e6076d0d73fc56db7dbea04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:01:21:f3:4c:20:76:cf:a1:56:cf:12:95:36:
36:38:d7:fe:d5:7c:08:09:e5:54:da:eb:40:d1:24:
ab:d0:36:78:95:75:47:a7:0c:a9:77:1c:f4:eb:57:
fa:d1:bc:0d:3f:2a:68:d4:b6:b2:92:1e:5b:25:a1:
cc:d0:8e:b9:f2:c7:c7:8b:75:c1:8f:b4:66:c4:34:
f9:60:ec:b5:b0:a8:77:5b:c9:8d:d2:05:1d:e0:77:
4d:a4:c0:9b:bc:8d:66:6c:1c:cf:80:2b:b3:bd:ab:
08:7f:72:6d:d6:11:3f:b0:e5:d0:56:8d:b5:17:d0:
94:af:b5:80:21:4f:f6:80:7a:fd:c2:73:00:bc:63:
4b:d5:f1:e2:56:45:62:01:d9:f7:75:cc:fa:79:7a:
41:57:c3:cf:32:ed:15:f9:85:0c:6c:d6:25:b0:50:
e8:db:c7:bb:05:30:30:1a:db:2e:85:26:da:6c:c7:
96:06:bf:6b:3a:95:03:33:bb:45:df:4e:21:c3:57:
48:33:5c:16:3b:f9:ca:eb:05:7e:72:ea:e8:7b:dd:
1b:eb:ce:34:ba:30:93:b9:91:7b:8c:c5:a2:db:5a:
06:4c:16:9d:47:8f:3e:cf:22:5f:05:71:29:ee:b7:
81:af:11:4e:48:02:78:32:c0:85:25:43:ef:65:00:
77:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:70:80:86:2D:96:80:44:6E:60:76:D0:D7:3F:C5:6D:B7:DB:EA:04
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0HCAhi2WgERuYHbQ1z_Fbbfb6gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:77::/48
Signature Algorithm: sha256WithRSAEncryption
36:2d:30:48:85:97:f9:8c:13:74:54:7c:eb:8d:25:c3:99:db:
af:41:1d:79:73:7c:05:c2:23:2f:df:fe:e3:b6:23:7d:2a:4a:
0a:77:aa:f9:6c:75:6f:d9:aa:bd:bd:be:b4:1f:79:65:7a:e3:
88:b2:c9:a4:19:12:9a:83:ac:37:af:ac:1f:67:0e:f0:52:81:
e6:51:7b:cd:dd:d4:62:28:ee:d2:a4:48:9f:34:43:d6:aa:6e:
44:cc:27:84:30:cd:bf:ea:20:a0:65:df:25:09:5f:4d:ef:41:
94:6d:ff:3a:3b:70:db:6b:80:62:f5:cf:a2:68:17:d4:97:38:
e2:18:fa:40:1e:2a:d6:ed:8b:ac:b5:78:26:9b:b0:3e:e3:9d:
62:71:38:7a:8e:56:ca:6e:66:75:8d:33:18:57:df:6f:98:46:
3c:c3:82:3e:d5:e9:dc:5b:2f:b0:a2:cf:3d:36:50:a2:45:8c:
08:90:5c:bd:bc:68:9f:c3:a9:24:4d:9f:1c:d3:e2:75:91:7a:
0d:4f:46:7c:02:d0:90:70:9b:7f:92:6d:96:fc:d3:00:28:39:
0e:c3:e1:a1:8b:14:13:57:fb:c2:8f:f0:c1:38:3b:f7:20:6f:
ed:13:cf:35:65:ab:94:68:25:8c:98:2a:30:1c:7b:26:c3:5a:
59:83:0a:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjhQueQo0e1VcHLRZIBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcwODA4NjJkOTY4MDQ0NmU2MDc2ZDBkNzNmYzU2ZGI3ZGJlYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wEh80wgds+hVs8SlTY2ONf+1XwI
CeVU2utA0SSr0DZ4lXVHpwypdxz061f60bwNPypo1Laykh5bJaHM0I658sfHi3XB
j7RmxDT5YOy1sKh3W8mN0gUd4HdNpMCbvI1mbBzPgCuzvasIf3Jt1hE/sOXQVo21
F9CUr7WAIU/2gHr9wnMAvGNL1fHiVkViAdn3dcz6eXpBV8PPMu0V+YUMbNYlsFDo
28e7BTAwGtsuhSbabMeWBr9rOpUDM7tF304hw1dIM1wWO/nK6wV+curoe90b6840
ujCTuZF7jMWi21oGTBadR48+zyJfBXEp7reBrxFOSAJ4MsCFJUPvZQB3bQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNBwgIYtloBEbmB20Nc/xW232+oEMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMEhDQWhpMldnRVJ1WUhiUTF6X0ZiYmZiNmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQB3
MA0GCSqGSIb3DQEBCwUAA4IBAQA2LTBIhZf5jBN0VHzrjSXDmduvQR15c3wFwiMv
3/7jtiN9KkoKd6r5bHVv2aq9vb60H3lleuOIssmkGRKag6w3r6wfZw7wUoHmUXvN
3dRiKO7SpEifNEPWqm5EzCeEMM2/6iCgZd8lCV9N70GUbf86O3Dba4Bi9c+iaBfU
lzjiGPpAHirW7YustXgmm7A+451icTh6jlbKbmZ1jTMYV99vmEY8w4I+1encWy+w
os89NlCiRYwIkFy9vGifw6kkTZ8c0+J1kXoNT0Z8AtCQcJt/km2W/NMAKDkOw+Gh
ixQTV/vCj/DBODv3IG/tE881ZauUaCWMmCowHHsmw1pZgwpP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org