Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-zgwRRmPlHIAVNO7kGyZhENfyKc.roa
File: 1-zgwRRmPlHIAVNO7kGyZhENfyKc.roa (raw, json)
Hash identifier: M0PiucGie9xNF6Qe5EM4JHaGQJB0ewYgsEiG2HMky8M=
Subject key identifier: FB:38:30:45:19:8F:94:72:00:54:D3:BB:90:6C:99:84:43:5F:C8:A7
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C39476EC77EA70E359AADA8F2317
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-zgwRRmPlHIAVNO7kGyZhENfyKc.roa
Signing time: Tue 06 Feb 2024 18:02:17 +0000
ROA not before: Tue 06 Feb 2024 18:02:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213339
IP address blocks: 2a0f:b241:4b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c3:94:76:ec:77:ea:70:e3:59:aa:da:8f:23:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb383045198f94720054d3bb906c9984435fc8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9e:a8:13:48:76:9d:d6:a8:b3:3f:95:f5:0b:
fa:79:d0:a1:c5:1f:af:07:c9:01:3f:8f:a0:99:ae:
11:5a:61:c2:d9:ef:34:eb:d0:d5:bd:f1:ea:8d:ab:
a1:8a:f8:55:44:72:c8:4f:bf:18:43:03:5c:0a:9a:
05:eb:d9:64:f1:bc:1d:fe:8e:4f:76:f1:65:4a:25:
e3:95:52:e4:29:4a:46:af:54:6a:b4:e7:71:d0:84:
5e:8a:c5:32:2e:fa:58:3b:f8:ed:a9:21:2d:62:8e:
4a:2e:b2:e4:64:d9:f8:4d:67:b1:f9:16:f6:d9:81:
5e:c0:0f:a3:fc:ec:3c:58:85:24:26:32:57:7e:f0:
7f:be:ac:6a:42:51:c4:f8:cb:1b:f3:40:08:04:5c:
59:5b:8c:09:a3:49:53:c5:17:93:cf:ba:14:13:3a:
c8:11:5d:e2:65:70:37:91:ee:26:dd:3b:fa:e2:31:
78:21:d0:7a:46:6a:c8:53:7e:e8:15:2e:69:08:e1:
1b:20:4b:c0:69:87:d2:57:83:4d:25:e5:a4:9f:de:
ec:17:12:44:5a:f1:2a:95:fa:48:af:7d:f0:b1:4a:
e8:21:8c:b8:63:fd:c8:7b:74:7a:ab:f5:43:68:7c:
40:f2:9e:38:6d:e6:42:c5:84:61:9c:f6:3f:48:f5:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:38:30:45:19:8F:94:72:00:54:D3:BB:90:6C:99:84:43:5F:C8:A7
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-zgwRRmPlHIAVNO7kGyZhENfyKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4b::/48
Signature Algorithm: sha256WithRSAEncryption
36:9e:95:5f:0f:f3:b7:df:6d:26:c3:c7:2b:bf:b6:8f:52:e4:
04:a0:44:71:5e:39:c2:b2:26:fc:0e:a0:90:6b:6a:5b:6f:41:
14:3c:37:4f:3a:35:d8:17:d0:68:57:39:18:3a:86:e3:0f:ae:
da:fb:5d:fc:4c:ef:47:43:74:f2:e8:cd:01:e1:44:fa:7c:d0:
b9:c3:ef:4f:28:c7:7e:40:ce:8c:12:22:d9:20:e3:b8:dd:83:
e0:85:26:45:11:76:62:8c:fb:71:bf:86:33:8e:d5:9b:e4:cb:
97:ca:12:e5:98:36:26:11:ee:26:15:fa:22:53:54:e8:59:51:
c1:8b:64:60:fe:a2:43:b6:39:4c:dc:7e:cc:95:d6:c8:8d:94:
3e:25:ee:9c:06:1c:37:ea:74:74:f1:73:fd:19:60:ba:4a:ff:
f0:fa:d3:be:4d:76:0b:32:bc:a2:5d:bf:6b:a1:c7:68:19:24:
b1:ee:fd:fb:ed:d3:07:c4:8d:0f:50:29:0f:b6:88:f7:3e:06:
23:2a:37:80:2a:9a:3e:d5:5a:fe:41:36:d1:18:1d:f7:dc:84:
76:d9:29:de:e0:2e:62:34:54:b6:ae:5b:81:19:f2:e6:bf:71:
d4:d2:18:fd:c5:6e:9f:03:49:1a:92:45:77:da:4d:db:79:28:
18:bb:55:20
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY1/lcOUdux36nDjWarajyMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjM4MzA0NTE5OGY5NDcyMDA1NGQzYmI5MDZjOTk4NDQzNWZjOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J6oE0h2ndaosz+V9Qv6edChxR+v
B8kBP4+gma4RWmHC2e8069DVvfHqjauhivhVRHLIT78YQwNcCpoF69lk8bwd/o5P
dvFlSiXjlVLkKUpGr1RqtOdx0IReisUyLvpYO/jtqSEtYo5KLrLkZNn4TWex+Rb2
2YFewA+j/Ow8WIUkJjJXfvB/vqxqQlHE+Msb80AIBFxZW4wJo0lTxReTz7oUEzrI
EV3iZXA3ke4m3Tv64jF4IdB6RmrIU37oFS5pCOEbIEvAaYfSV4NNJeWkn97sFxJE
WvEqlfpIr33wsUroIYy4Y/3Ie3R6q/VDaHxA8p44beZCxYRhnPY/SPWDPwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPs4MEUZj5RyAFTTu5BsmYRDX8inMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS16Z3dSUm1QbEhJQVZOTzdrR3laaEVOZnlLYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEA
SzANBgkqhkiG9w0BAQsFAAOCAQEANp6VXw/zt99tJsPHK7+2j1LkBKBEcV45wrIm
/A6gkGtqW29BFDw3Tzo12BfQaFc5GDqG4w+u2vtd/EzvR0N08ujNAeFE+nzQucPv
TyjHfkDOjBIi2SDjuN2D4IUmRRF2Yoz7cb+GM47Vm+TLl8oS5Zg2JhHuJhX6IlNU
6FlRwYtkYP6iQ7Y5TNx+zJXWyI2UPiXunAYcN+p0dPFz/Rlgukr/8PrTvk12CzK8
ol2/a6HHaBkkse79++3TB8SND1ApD7aI9z4GIyo3gCqaPtVa/kE20Rgd99yEdtkp
3uAuYjRUtq5bgRny5r9x1NIY/cVunwNJGpJFd9pN23koGLtVIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org