Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HdgufWovXTt5ztazAb0rsyex5Fo.roa
File: HdgufWovXTt5ztazAb0rsyex5Fo.roa (raw, json)
Hash identifier: SsRd/8iXOzpouNYMDDMV4GtkNmbaMKAMBtNB61Ti9nU=
Subject key identifier: 1D:D8:2E:7D:6A:2F:5D:3B:79:CE:D6:B3:01:BD:2B:B3:27:B1:E4:5A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A55ECF48B753DD87C1FE1B009981
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HdgufWovXTt5ztazAb0rsyex5Fo.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210956
IP address blocks: 2a0f:b241:144::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a5:5e:cf:48:b7:53:dd:87:c1:fe:1b:00:99:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd82e7d6a2f5d3b79ced6b301bd2bb327b1e45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6a:87:2c:3e:0c:20:c0:31:fc:82:58:7b:b7:
62:05:bc:3f:e8:9c:06:b4:05:d1:1f:a2:22:57:2a:
8c:aa:01:32:8f:f4:67:c4:db:81:3b:1c:b2:03:bc:
69:81:75:4b:98:ac:33:08:ea:b9:9c:9a:dc:ce:81:
a1:11:73:f0:94:2a:43:eb:dc:ac:03:fa:5f:fc:ec:
3a:dd:6a:3c:d9:56:7f:82:25:fc:ca:70:67:e7:77:
8d:c9:64:47:ed:03:b8:87:8a:0a:d2:61:f8:7c:3b:
f7:dd:42:34:47:21:65:09:6d:b3:f4:63:b4:4e:d6:
c2:17:7c:91:fd:29:c6:c0:79:64:b1:05:59:ef:4d:
26:25:58:d7:76:f0:5c:67:de:5b:f8:12:4f:c6:fa:
dc:02:bf:cc:56:2d:47:f9:71:32:09:c2:d6:05:f8:
e3:f6:be:73:e6:d9:89:8b:9e:3c:a4:f4:ba:a2:b6:
e6:b3:9b:80:d1:1e:c6:e8:06:17:77:f7:69:19:4d:
f3:8a:04:4a:f4:00:7c:bd:b0:87:8f:09:8c:a0:df:
94:12:ff:ce:28:76:bb:eb:48:29:4f:c8:72:13:3b:
dd:a7:a7:fe:f1:75:7e:ef:05:e9:97:58:ed:2d:2c:
69:11:f7:ce:c3:e5:1b:57:35:cb:5d:08:18:54:e5:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D8:2E:7D:6A:2F:5D:3B:79:CE:D6:B3:01:BD:2B:B3:27:B1:E4:5A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HdgufWovXTt5ztazAb0rsyex5Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:144::/48
Signature Algorithm: sha256WithRSAEncryption
69:41:5f:53:2c:c4:1c:9e:69:3d:c4:ba:02:c8:d1:da:aa:23:
55:c4:96:28:5f:ca:52:e7:83:fa:95:8e:2f:12:53:df:4e:b4:
9c:9d:72:3a:8e:aa:78:c9:57:d0:0f:20:5b:b3:48:e7:f9:30:
51:78:36:9d:9f:ad:27:3e:5a:cb:45:7b:d2:93:f2:e9:0b:17:
20:d2:64:0c:0c:74:7c:77:03:a5:97:ea:81:9c:5a:53:dc:12:
93:7a:9c:02:54:06:85:6b:07:7e:4f:d1:df:c4:5b:32:4f:e0:
52:7c:a1:6d:d1:f2:f8:c3:98:94:66:9d:8f:f1:8b:4c:c0:4f:
2a:73:37:49:ab:e4:fc:1c:b9:df:4e:14:da:63:28:e3:76:1e:
00:8d:29:9d:80:4c:27:70:e9:92:8a:55:e5:02:ea:6f:14:dc:
d2:fd:84:2c:cf:44:2e:63:9f:9f:a8:d5:38:30:16:2b:95:ba:
f4:31:df:08:12:36:25:76:5c:cf:90:04:3f:44:bf:f6:4a:ff:
50:01:62:49:d3:b1:54:60:70:09:1b:3b:ee:3e:8f:ac:4e:96:
01:be:c9:36:d4:70:d3:e9:7f:fe:34:40:8c:71:2d:d7:38:b5:
f4:a4:0a:b1:92:4c:c5:56:a7:52:a2:56:3c:a0:59:bb:b1:66:
ea:f9:fd:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KVez0i3U92Hwf4bAJmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ4MmU3ZDZhMmY1ZDNiNzljZWQ2YjMwMWJkMmJiMzI3YjFlNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2qHLD4MIMAx/IJYe7diBbw/6JwG
tAXRH6IiVyqMqgEyj/RnxNuBOxyyA7xpgXVLmKwzCOq5nJrczoGhEXPwlCpD69ys
A/pf/Ow63Wo82VZ/giX8ynBn53eNyWRH7QO4h4oK0mH4fDv33UI0RyFlCW2z9GO0
TtbCF3yR/SnGwHlksQVZ700mJVjXdvBcZ95b+BJPxvrcAr/MVi1H+XEyCcLWBfjj
9r5z5tmJi548pPS6orbms5uA0R7G6AYXd/dpGU3zigRK9AB8vbCHjwmMoN+UEv/O
KHa760gpT8hyEzvdp6f+8XV+7wXpl1jtLSxpEffOw+UbVzXLXQgYVOWOLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB3YLn1qL107ec7WswG9K7MnseRaMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSGRndWZXb3ZYVHQ1enRhekFiMHJzeWV4NUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFE
MA0GCSqGSIb3DQEBCwUAA4IBAQBpQV9TLMQcnmk9xLoCyNHaqiNVxJYoX8pS54P6
lY4vElPfTrScnXI6jqp4yVfQDyBbs0jn+TBReDadn60nPlrLRXvSk/LpCxcg0mQM
DHR8dwOll+qBnFpT3BKTepwCVAaFawd+T9HfxFsyT+BSfKFt0fL4w5iUZp2P8YtM
wE8qczdJq+T8HLnfThTaYyjjdh4AjSmdgEwncOmSilXlAupvFNzS/YQsz0QuY5+f
qNU4MBYrlbr0Md8IEjYldlzPkAQ/RL/2Sv9QAWJJ07FUYHAJGzvuPo+sTpYBvsk2
1HDT6X/+NECMcS3XOLX0pAqxkkzFVqdSolY8oFm7sWbq+f02
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org