Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3gPwwCXkNrjFPWqItJ40Qs6NlXw.roa
File: 3gPwwCXkNrjFPWqItJ40Qs6NlXw.roa (raw, json)
Hash identifier: Mki0+H0uWszTd5R0y/ducXOjJwif9n4BjT5UsRZPgaI=
Subject key identifier: DE:03:F0:C0:25:E4:36:B8:C5:3D:6A:88:B4:9E:34:42:CE:8D:95:7C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F06F15B0E22659FA7582BD6136D0B4
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3gPwwCXkNrjFPWqItJ40Qs6NlXw.roa
Signing time: Wed 07 Feb 2024 05:00:34 +0000
ROA not before: Wed 07 Feb 2024 05:00:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197951
IP address blocks: 2a0f:b241:12a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:6f:15:b0:e2:26:59:fa:75:82:bd:61:36:d0:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de03f0c025e436b8c53d6a88b49e3442ce8d957c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cf:c5:12:31:da:d5:c1:0f:f4:fc:6b:11:ef:
63:ca:1d:17:93:93:05:00:a0:ae:6d:1b:35:ff:3b:
50:53:23:99:db:8c:08:52:de:6f:52:fb:91:8f:f2:
74:fa:d4:9a:35:74:d2:3e:c4:17:55:94:e8:a7:73:
d1:a5:3b:41:85:06:f3:99:f0:e7:2f:2a:89:d9:be:
fb:0d:41:79:bd:fa:20:db:3e:ab:a2:fe:ca:c9:5b:
f8:d4:63:86:a3:e1:c4:fe:d7:15:ab:7b:59:3e:c8:
9d:08:22:6a:ae:c5:a2:bc:c4:21:ce:56:9c:b8:b1:
03:70:d5:2d:0b:0c:ec:b6:c2:e7:90:31:74:58:57:
ae:ff:e9:e5:41:be:64:63:32:54:9d:d2:ee:66:b2:
ba:56:76:57:85:34:dd:33:05:7e:2b:12:d2:26:49:
89:f1:76:1f:b9:36:3c:2b:53:43:9a:20:9e:06:c6:
d2:de:c7:2f:5d:1b:05:03:68:22:1f:2c:7b:ac:cb:
43:36:14:1e:2b:b6:6e:72:e5:5e:b3:70:94:07:af:
1d:8c:ab:c8:39:02:6c:4b:95:d0:b6:60:f0:0e:39:
52:d5:d1:d1:1c:d0:92:8f:dc:8a:ff:b1:ea:6b:57:
b3:5a:5e:67:71:36:3d:00:08:1b:58:64:1e:d3:b7:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:03:F0:C0:25:E4:36:B8:C5:3D:6A:88:B4:9E:34:42:CE:8D:95:7C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3gPwwCXkNrjFPWqItJ40Qs6NlXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:12a::/48
Signature Algorithm: sha256WithRSAEncryption
89:0c:62:4f:66:38:79:f7:42:c3:ac:68:f2:1f:96:36:68:39:
1f:f9:33:08:f5:65:cf:09:50:54:ab:1d:31:21:bb:46:ae:5e:
7a:21:9a:59:15:59:31:5f:bf:42:d6:62:c6:0b:17:30:eb:ad:
9c:c7:1b:c3:85:90:01:75:a4:26:5f:66:71:3f:86:cd:0f:7f:
4c:53:ad:0e:fa:35:5a:ca:8f:fd:35:0a:64:24:be:fa:ae:57:
1a:74:1f:2a:22:ee:a7:e6:76:a8:5e:49:21:6c:ef:0b:21:2f:
6c:e1:3b:7c:04:22:56:4d:bf:ad:90:9b:a2:eb:df:dc:d6:56:
71:7b:f2:ad:37:6a:0d:c6:7d:25:86:c9:72:98:5a:6e:d5:bb:
9e:16:7a:a8:bf:e9:ec:7f:b7:bd:97:b3:23:0a:73:87:1e:4b:
cd:f4:74:1f:e4:d2:8a:f1:10:af:93:bf:fc:1c:bb:4b:31:e1:
d4:75:77:83:6d:2f:b6:d6:64:02:8c:9d:9f:e3:33:5c:5c:ad:
12:8c:02:a0:1f:1e:97:9f:0a:b5:37:07:28:4b:0a:44:d6:09:
8d:2c:27:a6:1a:db:7b:66:e8:c2:93:dc:c6:d7:76:fe:49:76:
e4:9d:23:ba:45:0c:69:40:7e:fa:7e:f0:a9:16:de:7a:39:73:
db:3c:fd:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8G8VsOImWfp1gr1hNtC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAzZjBjMDI1ZTQzNmI4YzUzZDZhODhiNDllMzQ0MmNlOGQ5NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc/FEjHa1cEP9PxrEe9jyh0Xk5MF
AKCubRs1/ztQUyOZ24wIUt5vUvuRj/J0+tSaNXTSPsQXVZTop3PRpTtBhQbzmfDn
LyqJ2b77DUF5vfog2z6rov7KyVv41GOGo+HE/tcVq3tZPsidCCJqrsWivMQhzlac
uLEDcNUtCwzstsLnkDF0WFeu/+nlQb5kYzJUndLuZrK6VnZXhTTdMwV+KxLSJkmJ
8XYfuTY8K1NDmiCeBsbS3scvXRsFA2giHyx7rMtDNhQeK7ZucuVes3CUB68djKvI
OQJsS5XQtmDwDjlS1dHRHNCSj9yK/7Hqa1ezWl5ncTY9AAgbWGQe07e6lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN4D8MAl5Da4xT1qiLSeNELOjZV8MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvM2dQd3dDWGtOcmpGUFdxSXRKNDBRczZObFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEq
MA0GCSqGSIb3DQEBCwUAA4IBAQCJDGJPZjh590LDrGjyH5Y2aDkf+TMI9WXPCVBU
qx0xIbtGrl56IZpZFVkxX79C1mLGCxcw662cxxvDhZABdaQmX2ZxP4bND39MU60O
+jVayo/9NQpkJL76rlcadB8qIu6n5naoXkkhbO8LIS9s4Tt8BCJWTb+tkJui69/c
1lZxe/KtN2oNxn0lhslymFpu1bueFnqov+nsf7e9l7MjCnOHHkvN9HQf5NKK8RCv
k7/8HLtLMeHUdXeDbS+21mQCjJ2f4zNcXK0SjAKgHx6Xnwq1NwcoSwpE1gmNLCem
Gtt7ZujCk9zG13b+SXbknSO6RQxpQH76fvCpFt56OXPbPP3U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org