Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3BaquDfwOHmJAjEU-KAobv9_ITM.roa
File: 3BaquDfwOHmJAjEU-KAobv9_ITM.roa (raw, json)
Hash identifier: 3MwWmJ7LmOyr33nbtvraiULXCUa/Ety3JyehN3LV/0M=
Subject key identifier: DC:16:AA:B8:37:F0:38:79:89:02:31:14:F8:A0:28:6E:FF:7F:21:33
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B467565C1A786582D6CF0C7830FE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3BaquDfwOHmJAjEU-KAobv9_ITM.roa
Signing time: Wed 07 Feb 2024 05:00:52 +0000
ROA not before: Wed 07 Feb 2024 05:00:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215676
IP address blocks: 2a0f:b241:50::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b4:67:56:5c:1a:78:65:82:d6:cf:0c:78:30:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc16aab837f0387989023114f8a0286eff7f2133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9b:9c:1e:2e:f9:45:84:fb:28:c9:7c:f4:29:
13:59:ca:0a:50:2f:ce:b6:fc:3e:df:dd:31:dc:1e:
bc:c9:ad:7e:7f:95:a4:5b:22:35:db:94:f0:94:4d:
e1:8f:3d:2c:2e:b4:9e:5f:31:37:fc:e9:95:67:bd:
13:b3:42:ee:bc:33:57:d9:ba:b3:6a:89:fb:15:d6:
18:4a:8a:a2:fd:d7:a6:e4:94:ec:4a:47:88:bc:48:
39:45:fd:7a:b5:b2:35:50:4d:34:33:d2:0e:d4:9a:
23:85:79:93:ef:aa:06:ef:d7:c4:37:80:26:72:e6:
51:34:d1:c1:15:58:9e:2d:5b:f1:26:06:34:18:32:
8e:6e:c7:a6:bb:4a:3b:0e:34:e8:af:f8:6d:0f:38:
a5:c3:9f:da:75:73:a1:b3:17:ff:c9:65:e1:53:fa:
aa:62:78:fd:18:d4:92:4e:b4:ae:37:9e:3e:16:ad:
98:5c:b8:90:43:eb:0f:5c:36:22:09:90:15:35:fd:
49:29:68:1b:32:41:9b:48:5e:1f:af:6a:81:73:fc:
dc:03:0c:d7:a0:89:de:d0:87:81:ee:ba:c3:59:23:
a6:b0:87:22:bc:61:5b:05:4f:23:70:f4:d1:af:86:
a2:88:b1:e5:2c:81:c5:8e:3c:9a:b1:5e:2a:9f:fa:
73:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:16:AA:B8:37:F0:38:79:89:02:31:14:F8:A0:28:6E:FF:7F:21:33
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3BaquDfwOHmJAjEU-KAobv9_ITM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:50::/48
Signature Algorithm: sha256WithRSAEncryption
82:dd:df:55:d0:4a:b6:62:9b:87:0b:7e:cc:da:01:20:bf:dd:
b5:4b:ce:5b:36:f7:65:f4:e0:aa:0c:b9:6b:ae:e1:4f:ab:87:
e8:01:53:b7:f5:3d:2b:80:0c:05:1c:15:ec:b6:d2:ce:59:55:
04:1b:0f:d0:2d:6f:c3:8b:ec:63:4a:29:66:70:96:d2:20:f7:
67:cd:fa:2e:78:10:05:98:99:b9:2c:7b:25:85:3c:79:68:8b:
53:5f:3e:a2:a1:f5:03:57:c5:98:63:82:56:9e:d3:d7:cf:0e:
48:fc:30:67:73:fa:20:2b:01:bf:be:08:c9:2f:61:d0:4e:ab:
da:9c:bc:e6:e6:db:46:4e:e8:ce:06:4a:fe:a9:96:00:5a:e3:
c9:dc:3c:3c:71:81:0b:f9:3e:99:ed:33:69:0e:e2:f5:7b:2b:
fa:be:a2:79:93:f4:18:00:f5:aa:3d:04:fd:af:cd:15:95:c2:
fa:db:a0:83:bf:ff:29:dc:34:95:6a:6a:1a:49:2f:c2:cb:8c:
41:e5:41:40:97:31:a9:46:57:5f:fb:43:a9:b0:e7:c2:6c:7a:
e6:4c:a2:a0:b5:a0:7e:fa:b1:5c:b1:55:a5:84:8f:7c:17:dd:
7d:d3:51:3f:47:06:77:e7:ae:0e:60:45:1c:09:d6:6b:bf:b8:
de:2a:fd:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LRnVlwaeGWC1s8MeDD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzE2YWFiODM3ZjAzODc5ODkwMjMxMTRmOGEwMjg2ZWZmN2YyMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZucHi75RYT7KMl89CkTWcoKUC/O
tvw+390x3B68ya1+f5WkWyI125TwlE3hjz0sLrSeXzE3/OmVZ70Ts0LuvDNX2bqz
aon7FdYYSoqi/dem5JTsSkeIvEg5Rf16tbI1UE00M9IO1JojhXmT76oG79fEN4Am
cuZRNNHBFVieLVvxJgY0GDKObsemu0o7DjTor/htDzilw5/adXOhsxf/yWXhU/qq
Ynj9GNSSTrSuN54+Fq2YXLiQQ+sPXDYiCZAVNf1JKWgbMkGbSF4fr2qBc/zcAwzX
oIne0IeB7rrDWSOmsIcivGFbBU8jcPTRr4aiiLHlLIHFjjyasV4qn/pzSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNwWqrg38Dh5iQIxFPigKG7/fyEzMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvM0JhcXVEZndPSG1KQWpFVS1LQW9idjlfSVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCC3d9V0Eq2YpuHC37M2gEgv921S85bNvdl9OCq
DLlrruFPq4foAVO39T0rgAwFHBXsttLOWVUEGw/QLW/Di+xjSilmcJbSIPdnzfou
eBAFmJm5LHslhTx5aItTXz6iofUDV8WYY4JWntPXzw5I/DBnc/ogKwG/vgjJL2HQ
TqvanLzm5ttGTujOBkr+qZYAWuPJ3Dw8cYEL+T6Z7TNpDuL1eyv6vqJ5k/QYAPWq
PQT9r80VlcL626CDv/8p3DSVamoaSS/Cy4xB5UFAlzGpRldf+0OpsOfCbHrmTKKg
taB++rFcsVWlhI98F91901E/RwZ3564OYEUcCdZrv7jeKv2W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org