Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2JdZBlt2YUM8CsHXyV0xDemkGEo.roa
File: 2JdZBlt2YUM8CsHXyV0xDemkGEo.roa (raw, json)
Hash identifier: gXMaGc1/sAWtttqGmoiR+ja8JsUONEwXKkl+vtG87LM=
Subject key identifier: D8:97:59:06:5B:76:61:43:3C:0A:C1:D7:C9:5D:31:0D:E9:A4:18:4A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB7A2EAF55A3F02100CC7B6E3413E43
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2JdZBlt2YUM8CsHXyV0xDemkGEo.roa
Signing time: Tue 06 Feb 2024 18:39:17 +0000
ROA not before: Tue 06 Feb 2024 18:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211184
IP address blocks: 2a0f:b241:145::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b7:a2:ea:f5:5a:3f:02:10:0c:c7:b6:e3:41:3e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d89759065b7661433c0ac1d7c95d310de9a4184a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:27:bd:65:e5:f5:c1:09:7b:bf:6c:80:f6:29:
8f:38:62:7e:66:dc:de:b9:90:a3:12:0a:51:14:f7:
98:f3:f3:00:36:70:d4:3c:a9:90:f9:32:1a:21:a7:
48:26:00:2c:3f:e9:df:d3:b6:ae:41:c8:d8:a7:7d:
24:ad:fa:a2:44:13:9b:4f:d7:c5:38:3a:7a:a3:fa:
fe:a3:fc:b0:83:03:66:67:87:74:2a:ce:b0:5f:2e:
04:6e:17:f3:d5:97:2d:86:ea:61:c0:ee:af:6f:a7:
9b:15:ee:91:ce:af:cb:13:f8:e4:88:4f:51:b4:8a:
02:d6:39:48:dc:7b:47:ce:67:80:e6:6c:56:e0:0c:
70:ac:1b:23:4b:88:61:5e:70:46:64:ef:1f:8c:1d:
3a:9b:23:f0:d0:c8:74:7b:9f:5f:bd:e8:a9:ea:6b:
48:06:8c:4d:7a:1c:3a:76:da:6f:cf:b9:2e:cc:30:
49:31:55:8a:a6:b4:d3:1c:c7:c0:21:a7:d0:26:02:
23:96:b5:1d:e0:6b:49:73:d3:50:0b:0b:f7:9f:33:
12:a1:50:08:ee:44:73:35:89:d0:04:dd:1e:e8:7d:
06:d3:cd:1f:3d:94:3d:b5:fb:81:9c:97:68:d5:fe:
03:75:7e:c4:c7:5a:8a:9d:57:ef:a1:22:1f:52:b3:
d6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:97:59:06:5B:76:61:43:3C:0A:C1:D7:C9:5D:31:0D:E9:A4:18:4A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2JdZBlt2YUM8CsHXyV0xDemkGEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:145::/48
Signature Algorithm: sha256WithRSAEncryption
67:ce:a5:48:e2:41:c6:3c:cc:90:2d:4f:33:69:68:b7:17:ba:
b2:9e:62:9a:0a:62:e1:82:ac:a6:f1:dc:a2:1f:37:9f:43:f3:
06:8c:03:e5:e0:a1:55:a1:07:2a:eb:db:bc:19:45:ec:08:bc:
60:9e:ba:96:a5:0f:6d:79:4b:9a:57:b1:29:ab:c1:fa:cd:d7:
cd:64:6e:07:7e:93:6e:d3:ce:18:49:c9:f8:09:1d:0d:ed:d1:
0e:fe:a4:b8:05:91:3a:40:17:81:1c:10:4a:f0:42:1f:0d:b2:
24:a3:cc:b1:5f:a9:9e:84:e1:fc:ac:81:88:4a:42:d2:b0:f1:
a4:cc:31:3a:aa:94:b9:9e:f9:f4:c4:19:9d:34:13:8c:a9:59:
c3:c0:ab:0e:94:3b:5c:af:09:02:66:06:23:b5:bb:47:00:de:
6b:a1:8d:e6:ba:cc:72:e9:7c:39:d5:0d:6c:c2:72:96:e2:fa:
4b:4a:16:68:e4:38:bd:02:4d:1b:f7:ef:0e:9b:d1:e9:03:ad:
f8:05:e3:4d:1f:37:9c:cf:5b:47:56:f7:ea:63:e2:39:1d:23:
b7:87:96:62:8f:38:6f:44:ec:a4:3e:5e:76:63:35:83:96:44:
27:0d:de:05:d0:e8:76:e3:68:ef:8d:4a:f0:fc:86:84:76:9e:
a5:9d:85:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6Lq9Vo/AhAMx7bjQT5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk3NTkwNjViNzY2MTQzM2MwYWMxZDdjOTVkMzEwZGU5YTQxODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSe9ZeX1wQl7v2yA9imPOGJ+Ztze
uZCjEgpRFPeY8/MANnDUPKmQ+TIaIadIJgAsP+nf07auQcjYp30krfqiRBObT9fF
ODp6o/r+o/ywgwNmZ4d0Ks6wXy4Ebhfz1ZcthuphwO6vb6ebFe6Rzq/LE/jkiE9R
tIoC1jlI3HtHzmeA5mxW4AxwrBsjS4hhXnBGZO8fjB06myPw0Mh0e59fveip6mtI
BoxNehw6dtpvz7kuzDBJMVWKprTTHMfAIafQJgIjlrUd4GtJc9NQCwv3nzMSoVAI
7kRzNYnQBN0e6H0G080fPZQ9tfuBnJdo1f4DdX7Ex1qKnVfvoSIfUrPWXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNiXWQZbdmFDPArB18ldMQ3ppBhKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMkpkWkJsdDJZVU04Q3NIWHlWMHhEZW1rR0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFF
MA0GCSqGSIb3DQEBCwUAA4IBAQBnzqVI4kHGPMyQLU8zaWi3F7qynmKaCmLhgqym
8dyiHzefQ/MGjAPl4KFVoQcq69u8GUXsCLxgnrqWpQ9teUuaV7Epq8H6zdfNZG4H
fpNu084YScn4CR0N7dEO/qS4BZE6QBeBHBBK8EIfDbIko8yxX6mehOH8rIGISkLS
sPGkzDE6qpS5nvn0xBmdNBOMqVnDwKsOlDtcrwkCZgYjtbtHAN5roY3musxy6Xw5
1Q1swnKW4vpLShZo5Di9Ak0b9+8Om9HpA634BeNNHzecz1tHVvfqY+I5HSO3h5Zi
jzhvROykPl52YzWDlkQnDd4F0Oh242jvjUrw/IaEdp6lnYXk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org