Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6prGJDpBQph6fr7n1i11SD289gg.roa
File: 6prGJDpBQph6fr7n1i11SD289gg.roa (raw, json)
Hash identifier: xKfHXrHfJH40QDLJgTQBj6BFO6g38x8LScxro9+I4i8=
Subject key identifier: EA:9A:C6:24:3A:41:42:98:7A:7E:BE:E7:D6:2D:75:48:3D:BC:F6:08
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09DCEC715E9C966DFFAEA95728952
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6prGJDpBQph6fr7n1i11SD289gg.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209401
IP address blocks: 2a0f:b241:44::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9d:ce:c7:15:e9:c9:66:df:fa:ea:95:72:89:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea9ac6243a4142987a7ebee7d62d75483dbcf608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:98:cd:14:52:3b:c8:33:7f:f5:80:9a:b9:31:
47:d8:0a:7c:a2:ac:93:59:6e:ff:a1:6f:5e:9c:a2:
a8:6a:f6:2d:53:16:5c:95:29:99:38:7c:8b:d8:84:
8b:63:f2:ad:26:33:70:c6:29:b3:b7:33:05:2f:bc:
d9:36:c6:e5:01:2f:e8:c9:d0:db:f6:59:62:ae:a1:
31:d3:9c:4d:dc:97:55:56:a5:2a:3e:67:37:b9:ee:
9b:08:b1:67:1a:dd:c3:f4:14:ed:a4:0e:73:6b:65:
15:0a:5d:41:0c:9e:a8:f2:13:dc:c7:14:d7:f9:5b:
2f:df:67:ca:78:7b:a6:6c:c5:a6:93:75:9c:3c:79:
ea:79:c1:46:c8:16:98:c4:a8:75:32:79:4e:99:5a:
7f:31:d5:ef:d1:d9:cd:0a:66:33:14:b4:3f:10:7b:
f5:c5:32:8c:46:c6:1a:1f:0c:2d:26:7b:ca:98:f8:
70:d3:7f:83:64:17:d0:8f:9f:14:c8:96:cc:ca:3a:
cf:bd:9b:e0:21:55:6e:39:07:3d:86:a0:ef:41:a2:
1c:67:aa:1e:88:c9:a8:71:0a:83:3f:e6:31:cd:b1:
17:48:c9:9b:6f:a2:82:94:71:11:50:b3:56:aa:a2:
57:68:a0:91:0c:d9:8d:80:5e:00:c2:85:4a:9e:dd:
a6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:9A:C6:24:3A:41:42:98:7A:7E:BE:E7:D6:2D:75:48:3D:BC:F6:08
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6prGJDpBQph6fr7n1i11SD289gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:44::/48
Signature Algorithm: sha256WithRSAEncryption
8e:5d:5f:f0:03:7b:cd:da:7e:04:cd:c8:e1:d2:86:d1:cb:88:
f9:80:d1:8b:58:c5:a6:a0:be:0c:cc:39:f6:37:a5:0f:ff:1a:
1b:de:12:2a:29:23:09:d8:44:e9:fd:f6:49:a3:9c:d6:df:c9:
92:42:07:c3:4e:51:41:1e:70:ce:0f:5b:f2:8e:00:4d:9f:07:
fc:0b:80:83:e1:0f:a2:64:f0:39:32:2d:5d:35:0e:a8:26:4e:
16:f8:19:18:24:3e:d0:47:84:db:8c:99:69:83:96:09:dc:06:
be:9e:2a:69:07:99:0d:47:c8:64:7f:a1:fa:76:fe:5e:da:d0:
2a:ca:e5:bb:a4:b9:52:87:a4:60:8c:38:57:9e:2e:ed:bf:f4:
9a:8f:b7:1a:a4:25:68:f4:08:9c:a8:2a:fc:a0:66:c6:c1:92:
44:8b:5e:cf:8b:33:41:fc:4a:4a:a1:c9:7a:bd:f2:bf:6a:14:
dc:02:49:2d:7b:88:62:66:75:96:24:76:f1:76:17:25:e3:b8:
4e:77:88:05:8b:0e:66:e0:06:45:52:e5:18:45:26:0d:e1:a0:
64:b0:5d:65:11:ab:9f:e5:c4:13:82:2f:6a:32:09:1b:59:5c:
a3:63:e6:0f:e5:bb:f9:bd:06:be:1f:ef:ac:61:1b:b9:cf:bd:
85:85:e9:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J3OxxXpyWbf+uqVcolSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTlhYzYyNDNhNDE0Mjk4N2E3ZWJlZTdkNjJkNzU0ODNkYmNmNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15jNFFI7yDN/9YCauTFH2Ap8oqyT
WW7/oW9enKKoavYtUxZclSmZOHyL2ISLY/KtJjNwximztzMFL7zZNsblAS/oydDb
9llirqEx05xN3JdVVqUqPmc3ue6bCLFnGt3D9BTtpA5za2UVCl1BDJ6o8hPcxxTX
+Vsv32fKeHumbMWmk3WcPHnqecFGyBaYxKh1MnlOmVp/MdXv0dnNCmYzFLQ/EHv1
xTKMRsYaHwwtJnvKmPhw03+DZBfQj58UyJbMyjrPvZvgIVVuOQc9hqDvQaIcZ6oe
iMmocQqDP+YxzbEXSMmbb6KClHERULNWqqJXaKCRDNmNgF4AwoVKnt2mvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOqaxiQ6QUKYen6+59YtdUg9vPYIMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvNnByR0pEcEJRcGg2ZnI3bjFpMTFTRDI4OWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBE
MA0GCSqGSIb3DQEBCwUAA4IBAQCOXV/wA3vN2n4Ezcjh0obRy4j5gNGLWMWmoL4M
zDn2N6UP/xob3hIqKSMJ2ETp/fZJo5zW38mSQgfDTlFBHnDOD1vyjgBNnwf8C4CD
4Q+iZPA5Mi1dNQ6oJk4W+BkYJD7QR4TbjJlpg5YJ3Aa+nippB5kNR8hkf6H6dv5e
2tAqyuW7pLlSh6RgjDhXni7tv/Saj7capCVo9AicqCr8oGbGwZJEi17PizNB/EpK
ocl6vfK/ahTcAkkte4hiZnWWJHbxdhcl47hOd4gFiw5m4AZFUuUYRSYN4aBksF1l
Eauf5cQTgi9qMgkbWVyjY+YP5bv5vQa+H++sYRu5z72Fhekw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org