Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4sJI5VsGhOBopAreU3YVEtqtGSw.roa
File: 4sJI5VsGhOBopAreU3YVEtqtGSw.roa (raw, json)
Hash identifier: 3LpwdxMIl/1Q8WF7px4tFxh2CeFDxW+6/Jx6zbIiKL8=
Subject key identifier: E2:C2:48:E5:5B:06:84:E0:68:A4:0A:DE:53:76:15:12:DA:AD:19:2C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09F6C12BC0DC388D27C17C1EBDC01
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4sJI5VsGhOBopAreU3YVEtqtGSw.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209735
IP address blocks: 2a0f:b241:46::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9f:6c:12:bc:0d:c3:88:d2:7c:17:c1:eb:dc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c248e55b0684e068a40ade53761512daad192c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:7e:dd:03:d5:57:f0:47:db:6b:d5:9d:da:
ad:31:b2:f5:74:05:d9:99:8b:f2:52:39:0a:50:6f:
91:e3:f9:4c:de:fe:c7:ea:eb:8c:d7:1a:99:a3:e5:
0f:3c:00:1b:b5:ef:ab:74:aa:2e:f7:94:12:82:ee:
a6:16:d1:7e:56:be:91:14:c8:e6:12:c0:bc:09:20:
2f:f7:ab:84:0e:25:a7:f8:97:a9:60:cc:9d:6c:62:
69:02:67:7e:d7:75:1b:49:5f:b6:a1:e2:77:0b:7c:
d5:ed:b5:21:41:57:c2:3f:42:29:a4:98:c6:bf:49:
ed:16:ba:16:8d:be:30:7e:c8:f0:35:79:f7:61:2d:
2f:b3:43:7b:b7:67:12:3b:09:ac:dc:57:30:e9:3d:
53:e9:16:e3:6c:b2:70:c4:44:c9:4f:1c:96:21:d8:
03:5c:70:c3:a1:26:19:05:8a:ee:a7:2c:01:0f:47:
92:fe:f8:ad:d1:f3:5b:d8:fb:16:bf:2e:da:db:5c:
89:3d:e5:d9:4d:67:c6:65:80:12:f9:9e:f0:6e:ac:
6f:8d:65:19:f1:f0:a6:21:76:fa:2b:e3:fa:bd:18:
0b:83:fd:19:ae:a6:d8:89:ec:ad:8d:cb:3a:03:01:
61:b0:39:11:e2:47:57:22:4e:74:4f:1a:23:0d:e9:
40:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C2:48:E5:5B:06:84:E0:68:A4:0A:DE:53:76:15:12:DA:AD:19:2C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4sJI5VsGhOBopAreU3YVEtqtGSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:46::/48
Signature Algorithm: sha256WithRSAEncryption
35:8d:63:43:ad:72:15:e3:a3:fc:b9:3b:77:5b:20:b6:13:a2:
93:9a:72:0d:0b:59:05:fa:7e:93:db:90:5e:b0:0d:24:98:7e:
dd:70:5b:9b:47:9b:ec:88:82:22:72:8f:44:70:d8:72:57:4b:
5d:c4:bb:ed:70:cb:92:ad:5b:3d:bf:7a:44:f1:d4:84:55:83:
b3:fd:7c:33:84:53:66:56:3a:b8:c8:a6:9f:4e:1b:1c:7e:fe:
46:ef:97:1a:37:c4:b8:10:33:79:f7:9d:3f:36:c3:1d:86:50:
b4:ca:70:81:12:61:c9:e9:0d:0d:d5:19:41:d0:24:89:2d:14:
a4:5a:3b:cb:22:74:5b:9f:6f:15:23:c6:19:df:65:ae:19:07:
07:97:2b:f2:c5:f1:2b:ee:ce:34:7e:08:14:64:b3:66:98:9b:
25:f7:0e:b4:3c:76:b0:b9:4b:e0:a4:69:73:a2:3c:d1:b9:6e:
b2:1a:97:19:85:61:88:9c:b6:fa:80:9f:8c:df:1b:12:a0:ca:
ab:14:b7:92:a4:e7:69:23:88:15:40:3c:e6:43:b2:0a:dd:3c:
32:df:1e:1d:41:68:ec:41:d2:4a:ee:64:9e:23:77:05:aa:41:
06:0f:3c:66:9c:87:b5:f6:d7:8f:9f:e6:f1:87:e8:97:e4:1c:
f9:86:25:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J9sErwNw4jSfBfB69wBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMyNDhlNTViMDY4NGUwNjhhNDBhZGU1Mzc2MTUxMmRhYWQxOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCh+3QPVV/BH22vVndqtMbL1dAXZ
mYvyUjkKUG+R4/lM3v7H6uuM1xqZo+UPPAAbte+rdKou95QSgu6mFtF+Vr6RFMjm
EsC8CSAv96uEDiWn+JepYMydbGJpAmd+13UbSV+2oeJ3C3zV7bUhQVfCP0IppJjG
v0ntFroWjb4wfsjwNXn3YS0vs0N7t2cSOwms3Fcw6T1T6RbjbLJwxETJTxyWIdgD
XHDDoSYZBYrupywBD0eS/vit0fNb2PsWvy7a21yJPeXZTWfGZYAS+Z7wbqxvjWUZ
8fCmIXb6K+P6vRgLg/0ZrqbYieytjcs6AwFhsDkR4kdXIk50TxojDelAhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOLCSOVbBoTgaKQK3lN2FRLarRksMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvNHNKSTVWc0doT0JvcEFyZVUzWVZFdHF0R1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBG
MA0GCSqGSIb3DQEBCwUAA4IBAQA1jWNDrXIV46P8uTt3WyC2E6KTmnINC1kF+n6T
25BesA0kmH7dcFubR5vsiIIico9EcNhyV0tdxLvtcMuSrVs9v3pE8dSEVYOz/Xwz
hFNmVjq4yKafThscfv5G75caN8S4EDN5950/NsMdhlC0ynCBEmHJ6Q0N1RlB0CSJ
LRSkWjvLInRbn28VI8YZ32WuGQcHlyvyxfEr7s40fggUZLNmmJsl9w60PHawuUvg
pGlzojzRuW6yGpcZhWGInLb6gJ+M3xsSoMqrFLeSpOdpI4gVQDzmQ7IK3Twy3x4d
QWjsQdJK7mSeI3cFqkEGDzxmnIe19tePn+bxh+iX5Bz5hiUW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org