Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2iHEE2LTYSOnDkgo2-oovm2k-sk.roa
File: 2iHEE2LTYSOnDkgo2-oovm2k-sk.roa (raw, json)
Hash identifier: OC7Uzmb8UUuKg43vVE1wC2b3OF8TmNF4kSBwBAkurWs=
Subject key identifier: DA:21:C4:13:62:D3:61:23:A7:0E:48:28:DB:EA:28:BE:6D:A4:FA:C9
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F2E466726A719DF4FE098D436C1F24B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2iHEE2LTYSOnDkgo2-oovm2k-sk.roa
Signing time: Tue 06 Feb 2024 16:09:15 +0000
ROA not before: Tue 06 Feb 2024 16:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216227
IP address blocks: 2a0f:b241:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:2e:46:67:26:a7:19:df:4f:e0:98:d4:36:c1:f2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 16:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da21c41362d36123a70e4828dbea28be6da4fac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:66:38:6f:44:c0:03:c2:0e:bf:9a:88:3a:84:
8b:21:f5:3b:66:d0:9a:f8:96:6b:b2:89:6d:24:35:
59:03:75:e1:db:36:3e:85:92:de:04:64:0f:37:df:
de:5c:6d:e7:f6:d9:37:15:c6:46:cf:14:b4:2e:c8:
61:36:15:03:9b:6e:15:43:c4:67:f3:9b:b4:12:67:
9a:5a:7a:47:ed:fa:d4:19:ae:f3:6b:c3:75:2f:9e:
51:b5:02:67:2f:76:29:09:c3:e2:76:c1:de:89:48:
33:3b:22:c7:cf:d8:3c:cd:14:1b:10:d8:bb:a0:dd:
fe:a5:28:d7:cc:75:c9:89:e1:da:06:66:43:4a:d3:
13:90:db:ed:8b:c6:07:ad:a8:3f:b8:70:59:ef:8c:
73:8a:43:ff:03:3f:0a:9f:3f:76:29:dc:e0:05:94:
1a:46:a5:2a:99:6d:c8:28:60:cf:0a:19:9f:5c:f9:
65:a6:79:99:8a:e7:8e:55:e6:7c:01:d1:17:23:05:
4d:da:b7:67:16:ff:39:84:17:f8:e0:30:dd:59:bd:
0e:da:42:0e:33:03:49:a9:21:aa:39:1a:9c:3e:10:
df:3d:a2:c3:ab:1b:91:d3:ed:cf:82:55:9c:bb:8a:
c5:04:d4:f7:7c:f8:2c:fd:4c:35:73:af:eb:29:8a:
f0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:21:C4:13:62:D3:61:23:A7:0E:48:28:DB:EA:28:BE:6D:A4:FA:C9
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2iHEE2LTYSOnDkgo2-oovm2k-sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:13::/48
Signature Algorithm: sha256WithRSAEncryption
38:c7:b9:98:19:d9:e4:af:9c:22:87:c1:75:75:b1:0a:4d:59:
18:d7:2a:8d:68:65:bc:30:7b:41:a4:16:78:ad:13:b5:fb:8c:
32:09:f3:2e:49:cd:87:be:11:e7:91:bd:21:c6:e8:9e:f6:c2:
d4:f5:78:c3:13:3b:40:0c:ce:dd:1f:b6:ce:ed:f4:48:7a:3e:
63:65:f9:ac:ef:25:1a:a6:96:32:04:0c:1c:f6:77:31:fe:08:
b7:d8:e6:19:97:3e:72:67:52:0f:e3:f1:00:56:39:3c:04:c0:
35:a3:3f:92:41:4b:15:b1:51:24:6e:4a:fc:81:5d:c0:bb:fb:
1c:69:0c:69:54:df:7c:f3:f1:35:99:f1:35:51:7f:87:8a:68:
9b:38:8f:f7:87:85:08:73:27:26:5a:3e:05:4b:e0:2c:be:81:
fd:ab:15:3d:ed:3e:0e:82:54:03:5e:3a:ee:f3:f4:9a:f1:dc:
8e:c3:70:da:aa:de:72:39:4d:ff:92:04:10:3a:de:a2:59:0f:
60:58:63:b2:6b:8e:7f:c4:36:65:5b:b8:4f:7f:3f:d0:4c:6d:
e7:c1:9c:d8:65:30:b4:fd:b0:cd:f1:f5:56:f1:cb:27:6d:86:
33:1a:b3:ab:2c:0e:33:44:82:02:40:65:ce:81:9b:99:4a:59:
75:8c:b8:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/LkZnJqcZ30/gmNQ2wfJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTYwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIxYzQxMzYyZDM2MTIzYTcwZTQ4MjhkYmVhMjhiZTZkYTRmYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWY4b0TAA8IOv5qIOoSLIfU7ZtCa
+JZrsoltJDVZA3Xh2zY+hZLeBGQPN9/eXG3n9tk3FcZGzxS0LshhNhUDm24VQ8Rn
85u0EmeaWnpH7frUGa7za8N1L55RtQJnL3YpCcPidsHeiUgzOyLHz9g8zRQbENi7
oN3+pSjXzHXJieHaBmZDStMTkNvti8YHrag/uHBZ74xzikP/Az8Knz92KdzgBZQa
RqUqmW3IKGDPChmfXPllpnmZiueOVeZ8AdEXIwVN2rdnFv85hBf44DDdWb0O2kIO
MwNJqSGqORqcPhDfPaLDqxuR0+3PglWcu4rFBNT3fPgs/Uw1c6/rKYrw/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNohxBNi02Ejpw5IKNvqKL5tpPrJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMmlIRUUyTFRZU09uRGtnbzItb292bTJrLXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAT
MA0GCSqGSIb3DQEBCwUAA4IBAQA4x7mYGdnkr5wih8F1dbEKTVkY1yqNaGW8MHtB
pBZ4rRO1+4wyCfMuSc2HvhHnkb0hxuie9sLU9XjDEztADM7dH7bO7fRIej5jZfms
7yUappYyBAwc9ncx/gi32OYZlz5yZ1IP4/EAVjk8BMA1oz+SQUsVsVEkbkr8gV3A
u/scaQxpVN988/E1mfE1UX+HimibOI/3h4UIcycmWj4FS+AsvoH9qxU97T4OglQD
Xjru8/Sa8dyOw3Daqt5yOU3/kgQQOt6iWQ9gWGOya45/xDZlW7hPfz/QTG3nwZzY
ZTC0/bDN8fVW8csnbYYzGrOrLA4zRIICQGXOgZuZSll1jLjx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org