Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BdIgkzXBId0zOd8B5z_XQCBZ3mw.roa
File: BdIgkzXBId0zOd8B5z_XQCBZ3mw.roa (raw, json)
Hash identifier: s5jNhn8TQ72gP7AB2ozHPt5NBpRiYmnMo2sk6k+X5iE=
Subject key identifier: 05:D2:20:93:35:C1:21:DD:33:39:DF:01:E7:3F:D7:40:20:59:DE:6C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA7265960604FDAC1C1C07638989C01
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BdIgkzXBId0zOd8B5z_XQCBZ3mw.roa
Signing time: Tue 06 Feb 2024 18:21:17 +0000
ROA not before: Tue 06 Feb 2024 18:21:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199257
IP address blocks: 2a0f:b241:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a7:26:59:60:60:4f:da:c1:c1:c0:76:38:98:9c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:21:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05d2209335c121dd3339df01e73fd7402059de6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:82:c9:c8:58:ae:56:94:60:2e:07:aa:72:1a:
60:6f:de:5b:e8:99:b1:83:3a:b2:11:20:28:66:a3:
14:0f:4e:d8:d2:47:2a:f9:9b:1a:a3:85:73:f8:18:
85:8a:19:f4:98:46:3c:fe:c9:f4:ae:0d:5b:66:ba:
0a:a8:4f:4a:8e:d1:f1:ab:7a:71:d2:ec:a5:93:13:
3b:df:1a:a8:7b:b4:50:9b:01:32:1d:70:3f:7e:cf:
e1:d6:b2:15:fe:22:35:d6:51:4f:dc:38:24:d8:e1:
13:e4:1c:ae:79:5f:9d:cb:bb:7e:57:b8:30:f7:02:
db:2a:8a:5c:1d:86:5a:88:54:f5:d0:6d:75:e3:4d:
f1:31:48:00:5d:d6:4a:cc:f6:7b:36:2c:43:be:7b:
c6:60:71:06:fe:08:d5:6f:5a:4f:28:42:fc:c7:f8:
1b:4e:d9:2c:26:c4:d6:05:6e:b0:2c:d3:50:b3:09:
7e:8a:25:14:fa:e8:87:36:ea:fb:bb:a5:52:58:0b:
60:75:a4:d8:3b:44:86:b5:30:e9:e5:2d:bb:d6:49:
29:c4:e6:c0:35:91:ad:b5:97:62:b0:2a:a0:c1:74:
0f:93:9e:63:b2:6a:00:e9:cb:7b:8c:ed:8d:a2:0e:
86:66:12:65:d0:80:c3:5f:3f:73:ad:66:d6:68:79:
e1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D2:20:93:35:C1:21:DD:33:39:DF:01:E7:3F:D7:40:20:59:DE:6C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BdIgkzXBId0zOd8B5z_XQCBZ3mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:80::/48
Signature Algorithm: sha256WithRSAEncryption
3f:56:b1:e6:ea:a3:2e:2b:9f:1d:9b:1f:19:42:64:c1:e0:97:
a9:b0:f7:51:68:3a:63:5c:c0:6b:98:bf:9a:d8:05:0f:8a:35:
89:f5:c0:a4:75:4f:76:3a:ae:6d:8e:31:a4:dd:59:f7:b7:e2:
5b:75:e8:85:90:d8:24:ac:29:5c:a3:a4:33:f5:c8:80:bc:fc:
ec:62:d2:27:f4:6f:d5:4d:28:dd:d3:24:4b:cf:04:61:92:7a:
a2:81:0f:de:1d:d0:47:97:ad:4e:49:7b:ee:01:e5:99:23:64:
60:7e:91:84:28:49:20:20:6b:79:63:0d:f6:6a:92:cd:8f:e3:
e2:0d:aa:8b:d3:bd:57:48:ab:0f:33:2e:da:e9:bb:d0:6a:db:
e0:19:b5:b4:89:fe:63:d6:76:bb:33:a9:88:24:1f:e4:10:df:
4e:6e:0a:d7:3b:94:f3:d2:a5:f5:6b:16:ec:79:a2:91:ca:7a:
23:82:49:69:d9:0c:a7:79:02:bb:90:1c:49:b6:9a:59:01:06:
34:fd:56:70:f6:a5:18:0d:2e:b5:21:09:ed:71:31:2f:59:0a:
72:68:73:32:04:5f:ad:38:06:54:f0:a7:a1:b5:67:75:d2:85:
39:25:ec:4b:3e:e6:c6:6a:d7:d8:09:6b:44:65:db:02:04:12:
94:2e:0d:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pyZZYGBP2sHBwHY4mJwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQyMjA5MzM1YzEyMWRkMzMzOWRmMDFlNzNmZDc0MDIwNTlkZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoLJyFiuVpRgLgeqchpgb95b6Jmx
gzqyESAoZqMUD07Y0kcq+Zsao4Vz+BiFihn0mEY8/sn0rg1bZroKqE9KjtHxq3px
0uylkxM73xqoe7RQmwEyHXA/fs/h1rIV/iI11lFP3Dgk2OET5ByueV+dy7t+V7gw
9wLbKopcHYZaiFT10G11403xMUgAXdZKzPZ7NixDvnvGYHEG/gjVb1pPKEL8x/gb
TtksJsTWBW6wLNNQswl+iiUU+uiHNur7u6VSWAtgdaTYO0SGtTDp5S271kkpxObA
NZGttZdisCqgwXQPk55jsmoA6ct7jO2Nog6GZhJl0IDDXz9zrWbWaHnh+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAXSIJM1wSHdMznfAec/10AgWd5sMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQmRJZ2t6WEJJZDB6T2Q4QjV6X1hRQ0JaM213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/VrHm6qMuK58dmx8ZQmTB4JepsPdRaDpjXMBr
mL+a2AUPijWJ9cCkdU92Oq5tjjGk3Vn3t+JbdeiFkNgkrClco6Qz9ciAvPzsYtIn
9G/VTSjd0yRLzwRhknqigQ/eHdBHl61OSXvuAeWZI2RgfpGEKEkgIGt5Yw32apLN
j+PiDaqL071XSKsPMy7a6bvQatvgGbW0if5j1na7M6mIJB/kEN9ObgrXO5Tz0qX1
axbseaKRynojgklp2QyneQK7kBxJtppZAQY0/VZw9qUYDS61IQntcTEvWQpyaHMy
BF+tOAZU8KehtWd10oU5JexLPubGatfYCWtEZdsCBBKULg07
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org