Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/B4tnhfiyLoAgIWHpzB_iXif_FTk.roa
File: B4tnhfiyLoAgIWHpzB_iXif_FTk.roa (raw, json)
Hash identifier: qt43P2S9gpF0YNIgnPtAcz1MTeo4TFh8r52x1/YagoQ=
Subject key identifier: 07:8B:67:85:F8:B2:2E:80:20:21:61:E9:CC:1F:E2:5E:27:FF:15:39
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81EBA6139D373E44FF0A2B811FD9A433
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/B4tnhfiyLoAgIWHpzB_iXif_FTk.roa
Signing time: Wed 07 Feb 2024 04:55:20 +0000
ROA not before: Wed 07 Feb 2024 04:55:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199344
IP address blocks: 2a0f:b241:6c::/48 maxlen: 48
2a0f:b241:6d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:eb:a6:13:9d:37:3e:44:ff:0a:2b:81:1f:d9:a4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 04:55:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=078b6785f8b22e80202161e9cc1fe25e27ff1539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:95:92:48:65:c0:aa:9a:99:b2:d3:88:41:
37:03:52:2f:5f:eb:ca:f3:36:de:04:f0:39:c0:c9:
2d:18:b8:11:1e:04:fd:4e:24:28:72:4c:5e:1c:cb:
1a:33:1b:a9:9b:55:7a:4c:95:56:45:3a:d1:8c:25:
bd:26:9e:fa:ff:d3:b6:13:a1:cd:bb:26:38:ff:b1:
26:d5:f6:48:f4:be:a6:5e:40:1b:dd:b8:f2:0a:b4:
6e:0b:1d:d5:ab:b2:2f:78:47:c0:e4:c5:e4:57:f2:
a0:0c:de:44:8b:c4:2e:8d:64:63:28:80:e2:ec:a2:
80:56:54:3e:25:45:54:e2:3c:c8:00:fd:89:e4:e0:
a5:ab:1d:ab:6e:dc:2b:35:7d:f8:90:7c:9d:d4:80:
a6:b7:6e:0e:1e:44:a2:a8:57:ad:f9:1d:13:0e:f5:
3a:a2:58:10:d8:ac:91:99:e0:e7:a3:2d:90:54:eb:
32:ea:49:64:c5:6b:f7:2f:a2:30:ed:36:70:61:85:
7c:bc:0c:1f:7c:a2:e2:4f:0d:00:3a:b2:33:1d:75:
1f:a3:47:9d:3c:10:23:b5:87:3c:1a:8f:a1:3d:a5:
6b:be:20:59:0a:6a:b1:58:c4:97:2b:d0:00:d7:29:
67:61:87:1b:70:d4:83:d5:01:34:c7:e4:f4:0e:eb:
ae:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8B:67:85:F8:B2:2E:80:20:21:61:E9:CC:1F:E2:5E:27:FF:15:39
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/B4tnhfiyLoAgIWHpzB_iXif_FTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:6c::/47
Signature Algorithm: sha256WithRSAEncryption
63:38:b7:5e:2c:d2:ae:50:40:3f:19:72:dd:e5:1d:ad:0f:82:
a1:c6:34:8e:56:27:80:34:51:76:b3:aa:8c:ff:37:80:43:9b:
af:da:ee:7d:cb:ce:01:57:18:08:67:57:c4:b7:61:21:34:f2:
3e:52:88:60:26:e2:6e:ec:af:3d:57:68:39:06:1c:91:44:12:
aa:9c:e0:24:81:04:fe:ab:88:bf:1d:80:1e:25:c4:88:b5:be:
89:17:32:df:de:d7:79:8f:c2:4d:67:47:87:c9:f4:57:78:90:
05:7d:13:de:55:27:6c:60:48:55:8c:eb:e2:2a:b8:61:d1:4b:
71:7d:a6:61:2a:c9:d4:89:79:94:9c:d0:05:bd:b9:24:ff:ed:
1f:2c:27:e5:7f:3a:65:3d:36:67:a9:e9:2a:fd:eb:87:2e:b1:
d0:ab:7e:40:29:31:a1:73:80:66:04:d3:84:19:5e:21:dd:ee:
46:46:34:40:17:00:9d:ef:c7:9c:da:cb:f5:5d:8f:f3:ae:b5:
99:2a:30:93:36:5e:3b:9c:3c:64:b9:ef:70:92:ee:50:90:48:
cf:ca:d1:64:52:aa:30:3a:a4:c2:ca:4e:a2:74:30:99:8f:a8:
b6:0d:61:dd:74:f8:c9:6c:4d:bb:19:e6:f1:60:36:7e:21:be:
0e:69:34:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B66YTnTc+RP8KK4Ef2aQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDQ1NTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhiNjc4NWY4YjIyZTgwMjAyMTYxZTljYzFmZTI1ZTI3ZmYxNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIGVkkhlwKqambLTiEE3A1IvX+vK
8zbeBPA5wMktGLgRHgT9TiQockxeHMsaMxupm1V6TJVWRTrRjCW9Jp76/9O2E6HN
uyY4/7Em1fZI9L6mXkAb3bjyCrRuCx3Vq7IveEfA5MXkV/KgDN5Ei8QujWRjKIDi
7KKAVlQ+JUVU4jzIAP2J5OClqx2rbtwrNX34kHyd1ICmt24OHkSiqFet+R0TDvU6
olgQ2KyRmeDnoy2QVOsy6klkxWv3L6Iw7TZwYYV8vAwffKLiTw0AOrIzHXUfo0ed
PBAjtYc8Go+hPaVrviBZCmqxWMSXK9AA1ylnYYcbcNSD1QE0x+T0DuuuswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAeLZ4X4si6AICFh6cwf4l4n/xU5MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQjR0bmhmaXlMb0FnSVdIcHpCX2lYaWZfRlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg+yQQBs
MA0GCSqGSIb3DQEBCwUAA4IBAQBjOLdeLNKuUEA/GXLd5R2tD4KhxjSOVieANFF2
s6qM/zeAQ5uv2u59y84BVxgIZ1fEt2EhNPI+UohgJuJu7K89V2g5BhyRRBKqnOAk
gQT+q4i/HYAeJcSItb6JFzLf3td5j8JNZ0eHyfRXeJAFfRPeVSdsYEhVjOviKrhh
0UtxfaZhKsnUiXmUnNAFvbkk/+0fLCflfzplPTZnqekq/euHLrHQq35AKTGhc4Bm
BNOEGV4h3e5GRjRAFwCd78ec2sv1XY/zrrWZKjCTNl47nDxkue9wku5QkEjPytFk
UqowOqTCyk6idDCZj6i2DWHddPjJbE27GebxYDZ+Ib4OaTRD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org