Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-kwQO0U2m2_kAnitHTW9ZLaNZko.roa
File: 1-kwQO0U2m2_kAnitHTW9ZLaNZko.roa (raw, json)
Hash identifier: Ve74hcl8406CRztiVzKCxD0O/JEvXtGj69dfaBXhLsk=
Subject key identifier: FA:4C:10:3B:45:36:9B:6F:E4:02:78:AD:1D:35:BD:64:B6:8D:66:4A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6B9EB2CD6C4436B188F3DC99E135B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-kwQO0U2m2_kAnitHTW9ZLaNZko.roa
Signing time: Tue 06 Feb 2024 18:38:17 +0000
ROA not before: Tue 06 Feb 2024 18:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203655
IP address blocks: 2a0f:b241:137::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:b9:eb:2c:d6:c4:43:6b:18:8f:3d:c9:9e:13:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa4c103b45369b6fe40278ad1d35bd64b68d664a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3a:59:1c:61:5b:e5:eb:09:5f:a3:45:b8:70:
2e:af:e1:5c:af:7e:42:6e:2e:4c:fb:f1:cd:e9:60:
26:24:11:5a:82:63:24:7e:a2:4b:f6:d6:3a:24:45:
aa:14:c0:8a:93:72:86:6b:86:87:88:3e:8d:71:ee:
ec:b0:5e:ec:6f:bc:d3:49:67:a0:83:61:9f:e3:99:
3f:91:93:cc:61:3f:8d:f0:c4:af:48:65:4f:5b:fe:
e2:47:71:0f:3c:f8:80:73:b4:32:ee:ce:3a:74:0f:
04:b0:f2:42:2a:fb:9a:1d:4c:07:a3:7a:12:cc:b1:
8c:59:54:d5:13:d8:06:b1:c1:94:7a:a3:99:a2:ed:
98:50:9e:4d:b0:32:ff:f6:98:b0:ae:28:87:18:25:
bb:d4:a8:98:ac:c7:52:c3:4e:f0:86:9a:ef:a1:24:
8d:89:53:74:54:91:9e:b9:77:a4:ad:ab:a7:81:2c:
21:50:8d:bb:fa:1b:31:e8:1f:58:d5:64:bf:cf:c8:
3a:6a:aa:36:b6:c6:6a:81:d9:39:7b:66:af:f1:bc:
26:37:b6:4f:72:0c:b1:6d:15:7c:e0:8d:30:3b:fe:
94:e3:41:02:1a:6d:b8:ae:9e:0b:c8:ee:58:e4:a7:
b6:78:6a:f5:fb:54:a8:0d:28:8b:87:2e:a4:62:34:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4C:10:3B:45:36:9B:6F:E4:02:78:AD:1D:35:BD:64:B6:8D:66:4A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-kwQO0U2m2_kAnitHTW9ZLaNZko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:137::/48
Signature Algorithm: sha256WithRSAEncryption
85:06:18:b3:aa:15:86:53:6e:71:4e:17:c4:1f:e2:ce:da:d9:
68:ba:27:4c:c9:6a:29:55:a2:85:02:f0:7c:da:10:bd:c6:ce:
94:25:e8:93:5f:6a:d7:3d:7e:d4:d2:d4:b3:08:3f:c0:5e:62:
be:18:f8:8e:6e:dc:20:91:a2:db:29:e1:57:d2:97:ea:24:df:
57:70:54:b3:41:b0:9e:7a:2c:e0:40:b6:71:f8:bf:fd:a8:5e:
51:40:4f:17:91:e2:48:e3:46:98:f6:75:31:b3:6c:a7:86:c3:
8a:0a:25:41:5e:86:5d:88:13:65:38:bc:d7:04:ef:8b:8a:53:
d4:cf:25:18:99:50:58:4f:4f:75:9b:28:9e:69:c1:93:a0:1b:
eb:e0:3c:7a:0a:95:3d:93:03:08:6d:59:61:97:4a:a7:d7:87:
40:dc:da:8a:7b:6a:9f:82:4b:25:60:f4:fb:48:9c:1e:e3:00:
97:13:1d:90:51:39:77:58:50:8d:62:89:f1:c3:d0:ee:a9:97:
e4:34:4a:f9:f2:17:56:41:c2:46:04:4c:43:fd:4f:95:66:46:
9b:f4:0a:6c:05:81:e3:55:a4:7e:76:dd:ae:d4:a5:d4:82:ad:
7e:23:68:6f:df:44:1d:3e:d1:67:f8:37:e8:40:e7:9f:8c:91:
f4:92:e2:f3
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY1/trnrLNbEQ2sYjz3JnhNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRjMTAzYjQ1MzY5YjZmZTQwMjc4YWQxZDM1YmQ2NGI2OGQ2NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zpZHGFb5esJX6NFuHAur+Fcr35C
bi5M+/HN6WAmJBFagmMkfqJL9tY6JEWqFMCKk3KGa4aHiD6Nce7ssF7sb7zTSWeg
g2Gf45k/kZPMYT+N8MSvSGVPW/7iR3EPPPiAc7Qy7s46dA8EsPJCKvuaHUwHo3oS
zLGMWVTVE9gGscGUeqOZou2YUJ5NsDL/9piwriiHGCW71KiYrMdSw07whprvoSSN
iVN0VJGeuXekraungSwhUI27+hsx6B9Y1WS/z8g6aqo2tsZqgdk5e2av8bwmN7ZP
cgyxbRV84I0wO/6U40ECGm24rp4LyO5Y5Ke2eGr1+1SoDSiLhy6kYjQphQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPpMEDtFNptv5AJ4rR01vWS2jWZKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS1rd1FPMFUybTJfa0FuaXRIVFc5WkxhTlprby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEB
NzANBgkqhkiG9w0BAQsFAAOCAQEAhQYYs6oVhlNucU4XxB/iztrZaLonTMlqKVWi
hQLwfNoQvcbOlCXok19q1z1+1NLUswg/wF5ivhj4jm7cIJGi2ynhV9KX6iTfV3BU
s0Gwnnos4EC2cfi//aheUUBPF5HiSONGmPZ1MbNsp4bDigolQV6GXYgTZTi81wTv
i4pT1M8lGJlQWE9PdZsonmnBk6Ab6+A8egqVPZMDCG1ZYZdKp9eHQNzaintqn4JL
JWD0+0icHuMAlxMdkFE5d1hQjWKJ8cPQ7qmX5DRK+fIXVkHCRgRMQ/1PlWZGm/QK
bAWB41WkfnbdrtSl1IKtfiNob99EHT7RZ/g36EDnn4yR9JLi8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org