Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HFzdILcpvDjSpRcEsp7EAFJgw80.roa
File: HFzdILcpvDjSpRcEsp7EAFJgw80.roa (raw, json)
Hash identifier: 5HtEiiLp3bOEiG7bj7+be4nUrnMSd54NQcJgxq5D7AI=
Subject key identifier: 1C:5C:DD:20:B7:29:BC:38:D2:A5:17:04:B2:9E:C4:00:52:60:C3:CD
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96AC754DFC265BC14998AD2E331A06
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HFzdILcpvDjSpRcEsp7EAFJgw80.roa
Signing time: Tue 06 Feb 2024 18:03:17 +0000
ROA not before: Tue 06 Feb 2024 18:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215890
IP address blocks: 2a0f:b241:57::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:ac:75:4d:fc:26:5b:c1:49:98:ad:2e:33:1a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c5cdd20b729bc38d2a51704b29ec4005260c3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:22:03:d5:af:ac:95:b7:20:f4:3e:5a:8f:
b1:bf:ba:25:d4:fe:3e:cf:1e:ad:9e:ef:d0:ac:65:
48:19:87:1e:57:e7:ec:a4:c7:fa:8d:81:65:d3:32:
dd:d1:95:81:3d:d3:56:91:44:d1:f7:ef:1d:54:b3:
7f:06:85:79:66:13:6a:e7:f1:d8:f2:f4:9c:1b:35:
ca:21:b8:57:38:50:84:6c:7d:2f:68:77:f2:87:8c:
0b:32:bf:c2:06:e1:fa:cf:fc:e0:28:ce:b4:a0:91:
6a:4d:70:f4:ad:b9:ce:06:4b:70:90:09:fd:67:d5:
b3:20:c1:4a:70:61:70:3d:e9:e2:26:47:58:0c:cb:
af:7e:0e:5f:aa:ed:e1:de:a6:1a:cd:cf:1b:b3:19:
48:f3:68:bc:cc:53:a8:69:4f:4c:c2:34:c8:32:be:
77:f5:44:42:36:e4:03:d6:af:e7:7d:18:7f:b5:3c:
60:aa:ac:0d:a6:18:a6:98:47:6d:17:be:62:ca:33:
0d:27:f9:1d:01:20:86:61:af:6f:c2:82:aa:34:85:
3f:c9:0c:22:54:27:07:77:b8:e3:71:0d:f6:04:eb:
0e:e3:24:27:28:df:27:bc:af:d2:3d:8c:54:93:7a:
07:31:c8:0f:f3:6c:c2:7f:c3:08:b9:1b:c8:1a:36:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5C:DD:20:B7:29:BC:38:D2:A5:17:04:B2:9E:C4:00:52:60:C3:CD
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HFzdILcpvDjSpRcEsp7EAFJgw80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:57::/48
Signature Algorithm: sha256WithRSAEncryption
81:05:36:1c:64:58:ea:3d:c4:3e:b8:8f:4b:43:7d:11:2e:27:
86:04:4b:b3:5b:90:97:ab:36:bb:20:61:05:8f:36:8d:ca:ff:
9d:88:69:e8:65:0c:3a:c6:e8:00:96:04:21:37:31:d6:1a:2e:
52:27:6f:51:35:33:fb:92:60:11:64:5b:c1:81:39:2a:86:f1:
99:cb:36:5a:1c:e7:4d:2d:87:0c:44:3b:5e:aa:02:03:38:e5:
79:fa:33:f9:d5:02:9a:35:f5:66:e3:1d:53:e5:f2:72:c1:f0:
6d:ce:43:f3:90:c3:c5:2c:d9:7f:2a:5f:58:d0:92:9e:3d:ed:
ab:1d:9f:8c:37:ff:ea:69:fd:e8:76:75:e5:23:27:f1:21:11:
7c:2d:e6:5b:ec:7c:74:ec:d8:bb:8f:58:85:87:10:73:78:5b:
a4:42:f5:22:3c:b8:d5:82:a9:06:53:a6:dd:f9:51:5d:be:3c:
76:c7:d1:d4:a6:39:52:34:68:37:df:80:91:62:9a:34:5c:4d:
6b:3e:8d:b8:a1:68:55:d5:22:52:17:0e:5d:96:02:6d:c3:79:
f4:3b:ee:78:5e:b4:97:f4:04:d6:34:88:67:a0:1b:2f:a1:f1:
ba:9f:84:e7:9e:9e:62:d1:fc:dc:6d:d4:da:3d:0f:f6:f0:84:
07:cb:21:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqx1TfwmW8FJmK0uMxoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVjZGQyMGI3MjliYzM4ZDJhNTE3MDRiMjllYzQwMDUyNjBjM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2oiA9WvrJW3IPQ+Wo+xv7ol1P4+
zx6tnu/QrGVIGYceV+fspMf6jYFl0zLd0ZWBPdNWkUTR9+8dVLN/BoV5ZhNq5/HY
8vScGzXKIbhXOFCEbH0vaHfyh4wLMr/CBuH6z/zgKM60oJFqTXD0rbnOBktwkAn9
Z9WzIMFKcGFwPeniJkdYDMuvfg5fqu3h3qYazc8bsxlI82i8zFOoaU9MwjTIMr53
9URCNuQD1q/nfRh/tTxgqqwNphimmEdtF75iyjMNJ/kdASCGYa9vwoKqNIU/yQwi
VCcHd7jjcQ32BOsO4yQnKN8nvK/SPYxUk3oHMcgP82zCf8MIuRvIGjbcgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBxc3SC3Kbw40qUXBLKexABSYMPNMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSEZ6ZElMY3B2RGpTcFJjRXNwN0VBRkpndzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBX
MA0GCSqGSIb3DQEBCwUAA4IBAQCBBTYcZFjqPcQ+uI9LQ30RLieGBEuzW5CXqza7
IGEFjzaNyv+diGnoZQw6xugAlgQhNzHWGi5SJ29RNTP7kmARZFvBgTkqhvGZyzZa
HOdNLYcMRDteqgIDOOV5+jP51QKaNfVm4x1T5fJywfBtzkPzkMPFLNl/Kl9Y0JKe
Pe2rHZ+MN//qaf3odnXlIyfxIRF8LeZb7Hx07Ni7j1iFhxBzeFukQvUiPLjVgqkG
U6bd+VFdvjx2x9HUpjlSNGg334CRYpo0XE1rPo24oWhV1SJSFw5dlgJtw3n0O+54
XrSX9ATWNIhnoBsvofG6n4Tnnp5i0fzcbdTaPQ/28IQHyyG7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org