Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DOFduaifTmgRq4zqMGxZ3Tloq9U.roa
File: DOFduaifTmgRq4zqMGxZ3Tloq9U.roa (raw, json)
Hash identifier: XDPPEUfYX5ml37uN0TTNQMReDYVPz9gF6wcJ0bWvTik=
Subject key identifier: 0C:E1:5D:B9:A8:9F:4E:68:11:AB:8C:EA:30:6C:59:DD:39:68:AB:D5
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0BBF4004122C012DF2A2B7922D3EB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DOFduaifTmgRq4zqMGxZ3Tloq9U.roa
Signing time: Wed 07 Feb 2024 05:00:53 +0000
ROA not before: Wed 07 Feb 2024 05:00:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216041
IP address blocks: 2a0f:b241:29::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:bb:f4:00:41:22:c0:12:df:2a:2b:79:22:d3:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce15db9a89f4e6811ab8cea306c59dd3968abd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cc:b0:71:ae:5d:dd:57:8a:01:97:eb:ac:6f:
f0:d3:65:af:6c:c1:68:b3:77:7f:54:36:1c:b9:fc:
7a:17:a9:b5:ae:76:f1:ef:89:e4:aa:3b:3c:c5:9d:
bc:04:6f:8c:ab:b1:e8:d0:b6:fc:ee:5e:2a:f4:34:
d9:22:c1:b8:33:9e:0b:ef:33:4f:66:98:a9:22:d7:
a9:63:04:1c:6b:bb:e0:84:6a:d3:aa:bb:10:72:64:
c4:fd:45:68:28:1c:3e:72:b2:3e:0b:84:d6:f4:ce:
90:55:ab:33:f3:5b:eb:64:40:84:f4:38:b8:2b:b0:
fa:41:83:4c:8f:07:76:ba:f6:05:c4:7f:9e:75:8b:
72:23:9c:69:23:57:57:32:63:b6:27:cf:ab:70:f5:
23:a3:1e:bf:66:ea:a1:ce:28:08:e7:a5:3c:cf:b3:
02:3b:e0:93:9e:67:dd:68:df:63:f4:f1:8c:8c:fe:
01:78:19:f9:55:df:26:79:c4:38:ab:6b:8b:3c:9e:
cf:57:47:56:03:1d:8f:27:9a:dd:5d:2c:64:b9:23:
35:a5:ce:b4:e5:15:c0:57:85:57:21:ca:7a:1f:ae:
d4:c6:1a:28:b2:a0:4a:cd:53:84:95:b4:a3:f6:b3:
52:b8:8f:16:85:f6:66:19:a6:ba:ad:91:6b:8d:14:
95:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E1:5D:B9:A8:9F:4E:68:11:AB:8C:EA:30:6C:59:DD:39:68:AB:D5
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DOFduaifTmgRq4zqMGxZ3Tloq9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:29::/48
Signature Algorithm: sha256WithRSAEncryption
0d:c3:59:df:98:20:4f:f6:93:a6:eb:c9:00:a7:e8:3f:da:e0:
67:ba:4e:cd:d6:07:85:f2:6c:ce:8d:1f:10:03:cc:4e:58:ec:
02:54:0c:5d:aa:1c:7b:dd:16:39:b1:fb:a1:21:06:ba:55:65:
52:40:84:9a:8b:26:dd:1c:8c:81:db:b1:e4:c4:5e:58:a2:09:
79:9b:92:bf:07:39:14:54:f7:84:18:9a:3d:86:c5:c3:e3:53:
df:1d:cd:2a:11:fb:de:ab:cf:64:ae:c0:b9:c5:d9:ea:00:19:
e1:65:b0:a8:49:73:e4:29:6b:b3:24:b6:ab:ab:a2:8f:22:b0:
7e:9c:34:82:e4:e4:b2:f3:b1:d4:c6:bf:5d:cd:81:ff:ff:71:
35:24:0c:3a:90:96:a0:27:d8:4b:03:70:b5:fa:e1:12:4b:8b:
21:12:65:b4:f9:58:e3:1e:69:5e:7f:59:f7:a7:46:cf:c9:eb:
2b:59:47:d7:b7:7e:18:34:ed:94:3b:9e:0d:e4:28:4e:2e:4b:
69:61:0e:29:58:92:9e:14:5b:20:59:e1:e8:fb:14:31:c6:38:
0a:75:d6:02:27:4c:2f:49:86:eb:fa:e7:16:99:cc:32:3d:5a:
b6:35:67:22:ee:d2:45:4f:70:2c:0d:4c:40:0a:29:e3:29:01:
75:8a:38:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Lv0AEEiwBLfKit5ItPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UxNWRiOWE4OWY0ZTY4MTFhYjhjZWEzMDZjNTlkZDM5NjhhYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsywca5d3VeKAZfrrG/w02WvbMFo
s3d/VDYcufx6F6m1rnbx74nkqjs8xZ28BG+Mq7Ho0Lb87l4q9DTZIsG4M54L7zNP
ZpipItepYwQca7vghGrTqrsQcmTE/UVoKBw+crI+C4TW9M6QVasz81vrZECE9Di4
K7D6QYNMjwd2uvYFxH+edYtyI5xpI1dXMmO2J8+rcPUjox6/ZuqhzigI56U8z7MC
O+CTnmfdaN9j9PGMjP4BeBn5Vd8mecQ4q2uLPJ7PV0dWAx2PJ5rdXSxkuSM1pc60
5RXAV4VXIcp6H67UxhoosqBKzVOElbSj9rNSuI8WhfZmGaa6rZFrjRSVfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAzhXbmon05oEauM6jBsWd05aKvVMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRE9GZHVhaWZUbWdScTR6cU1HeFozVGxvcTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAp
MA0GCSqGSIb3DQEBCwUAA4IBAQANw1nfmCBP9pOm68kAp+g/2uBnuk7N1geF8mzO
jR8QA8xOWOwCVAxdqhx73RY5sfuhIQa6VWVSQISaiybdHIyB27HkxF5Yogl5m5K/
BzkUVPeEGJo9hsXD41PfHc0qEfveq89krsC5xdnqABnhZbCoSXPkKWuzJLarq6KP
IrB+nDSC5OSy87HUxr9dzYH//3E1JAw6kJagJ9hLA3C1+uESS4shEmW0+VjjHmle
f1n3p0bPyesrWUfXt34YNO2UO54N5ChOLktpYQ4pWJKeFFsgWeHo+xQxxjgKddYC
J0wvSYbr+ucWmcwyPVq2NWci7tJFT3AsDUxACinjKQF1ijiT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org