Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F0sLfwAEci3C4GrxBi6kTDQ9-Yg.roa
File: F0sLfwAEci3C4GrxBi6kTDQ9-Yg.roa (raw, json)
Hash identifier: 18dRJampAV+vLNXYDAoI8Qt/EFByDPpDERY2yGByfpk=
Subject key identifier: 17:4B:0B:7F:00:04:72:2D:C2:E0:6A:F1:06:2E:A4:4C:34:3D:F9:88
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7DF7E8DD632B3BB2EF6712F589FAB475
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F0sLfwAEci3C4GrxBi6kTDQ9-Yg.roa
Signing time: Tue 06 Feb 2024 10:30:15 +0000
ROA not before: Tue 06 Feb 2024 10:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197510
IP address blocks: 2a0f:b241:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:f7:e8:dd:63:2b:3b:b2:ef:67:12:f5:89:fa:b4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 10:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=174b0b7f0004722dc2e06af1062ea44c343df988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:60:aa:21:dc:71:58:70:d8:11:c2:de:1b:94:
67:4b:04:8d:cc:c3:58:3b:f4:db:f2:19:e7:04:9b:
51:c2:c7:a0:2c:72:1e:f0:2f:d5:0f:9e:6d:19:b2:
b8:b3:0c:01:ed:05:ff:ad:41:70:0f:82:59:0a:4c:
46:17:8b:5f:7d:c7:6e:36:58:a0:aa:a8:d2:91:99:
20:9b:7f:48:b0:ee:73:9d:bd:35:50:1c:b2:a2:a1:
4f:76:9c:9d:06:4a:50:34:7f:33:66:c0:64:1e:85:
dc:b9:14:bb:a3:5c:61:c3:db:93:b1:9a:c2:cc:f4:
51:1c:31:3b:a0:3b:e6:89:79:ab:ca:d9:6d:c1:44:
0c:b0:34:7f:6c:6b:40:94:7a:d9:d2:1e:b1:8e:86:
fb:47:9e:25:cc:83:2d:6e:92:2b:a0:64:df:b7:43:
c3:46:25:d2:ce:1a:f0:cb:fb:d5:30:b3:f2:65:52:
c6:88:ea:e3:3f:8c:e5:b4:9b:be:31:1b:62:c9:52:
e2:f4:80:c4:d8:7c:52:1e:7e:4d:96:c2:cd:d1:cf:
5c:14:c3:7d:9d:77:06:d1:ab:e9:9b:50:6c:00:8b:
43:c0:98:f1:d6:a8:6b:99:0c:fa:a8:42:36:f0:e8:
5a:f3:f2:01:47:fa:6d:52:2f:a3:9b:02:9e:f8:7f:
c8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4B:0B:7F:00:04:72:2D:C2:E0:6A:F1:06:2E:A4:4C:34:3D:F9:88
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F0sLfwAEci3C4GrxBi6kTDQ9-Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:b::/48
Signature Algorithm: sha256WithRSAEncryption
0f:58:ca:af:a2:8a:fd:78:40:eb:f5:e1:65:db:e1:3d:04:26:
fa:80:31:7a:22:0a:59:ae:4a:1f:1f:95:44:01:42:4d:0f:a8:
5b:a5:d6:2b:b6:88:6b:74:4d:e3:dc:bb:b4:c3:8a:01:5e:e2:
64:bb:d4:dc:b6:bf:06:aa:89:90:11:06:7e:e6:c1:80:6c:5d:
43:20:a1:67:7d:b0:ba:7e:6f:60:0c:b1:07:27:82:35:79:68:
f7:7f:79:0e:e3:1a:b5:ed:b9:68:ed:db:25:e9:a7:75:3e:57:
f5:e2:59:48:b0:e8:c8:6d:91:a0:50:f4:d8:8b:10:18:f7:4d:
4c:7e:9b:a8:55:5e:85:55:7b:0c:02:d6:66:14:a0:24:db:71:
dd:07:d4:0c:01:5d:12:7d:30:d1:a7:a8:70:b9:e9:4d:0d:40:
ae:e2:d4:93:5d:66:91:de:e9:e0:b1:0e:f8:20:ee:6b:fa:c2:
b2:21:5d:5b:59:d0:d7:6a:56:96:b2:1d:06:e5:5d:99:58:72:
0f:f1:84:3c:52:99:07:be:e8:c9:51:c1:1a:05:c1:47:b7:eb:
98:04:2a:13:ed:ef:b5:74:81:e7:95:03:af:f5:5b:7f:62:e1:
ff:09:58:6f:2b:46:5b:32:48:ab:56:2a:21:5f:c2:43:a3:43:
bb:41:e3:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY199+jdYys7su9nEvWJ+rR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzRiMGI3ZjAwMDQ3MjJkYzJlMDZhZjEwNjJlYTQ0YzM0M2RmOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GCqIdxxWHDYEcLeG5RnSwSNzMNY
O/Tb8hnnBJtRwsegLHIe8C/VD55tGbK4swwB7QX/rUFwD4JZCkxGF4tffcduNlig
qqjSkZkgm39IsO5znb01UByyoqFPdpydBkpQNH8zZsBkHoXcuRS7o1xhw9uTsZrC
zPRRHDE7oDvmiXmrytltwUQMsDR/bGtAlHrZ0h6xjob7R54lzIMtbpIroGTft0PD
RiXSzhrwy/vVMLPyZVLGiOrjP4zltJu+MRtiyVLi9IDE2HxSHn5NlsLN0c9cFMN9
nXcG0avpm1BsAItDwJjx1qhrmQz6qEI28Oha8/IBR/ptUi+jmwKe+H/IZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBdLC38ABHItwuBq8QYupEw0PfmIMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRjBzTGZ3QUVjaTNDNEdyeEJpNmtURFE5LVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAL
MA0GCSqGSIb3DQEBCwUAA4IBAQAPWMqvoor9eEDr9eFl2+E9BCb6gDF6IgpZrkof
H5VEAUJND6hbpdYrtohrdE3j3Lu0w4oBXuJku9Tctr8GqomQEQZ+5sGAbF1DIKFn
fbC6fm9gDLEHJ4I1eWj3f3kO4xq17blo7dsl6ad1Plf14llIsOjIbZGgUPTYixAY
901MfpuoVV6FVXsMAtZmFKAk23HdB9QMAV0SfTDRp6hwuelNDUCu4tSTXWaR3ung
sQ74IO5r+sKyIV1bWdDXalaWsh0G5V2ZWHIP8YQ8UpkHvujJUcEaBcFHt+uYBCoT
7e+1dIHnlQOv9Vt/YuH/CVhvK0ZbMkirViohX8JDo0O7QeMe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org