Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Hq4bowwJHUS1lxGqlPzrK6vZ9EQ.roa
File: Hq4bowwJHUS1lxGqlPzrK6vZ9EQ.roa (raw, json)
Hash identifier: NuzZ+0KMDRGwzts2qqu7rL9SuZ+mRPbt/0sQ9gfiIKs=
Subject key identifier: 1E:AE:1B:A3:0C:09:1D:44:B5:97:11:AA:94:FC:EB:2B:AB:D9:F4:44
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F05DD723F909FAA557E15B6ECCB577
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Hq4bowwJHUS1lxGqlPzrK6vZ9EQ.roa
Signing time: Wed 07 Feb 2024 05:00:30 +0000
ROA not before: Wed 07 Feb 2024 05:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48883
IP address blocks: 2a0f:b241:15c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:5d:d7:23:f9:09:fa:a5:57:e1:5b:6e:cc:b5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eae1ba30c091d44b59711aa94fceb2babd9f444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:f0:13:d5:f3:63:12:bf:98:ea:77:75:73:
62:23:2b:54:ff:2b:01:d6:77:4b:55:bd:60:af:40:
f8:88:77:63:9f:ba:3a:b0:6b:95:fc:4e:42:d4:fb:
bb:ae:7b:16:38:59:19:02:bc:95:33:3f:85:e9:02:
e1:af:dc:83:c7:4f:0b:b2:4a:18:63:40:ca:55:c2:
53:c6:8d:f0:83:3e:d7:58:f1:e2:3a:4f:6f:c3:7c:
8d:fb:c4:f8:10:7a:cc:78:04:3f:3e:3f:0e:8d:9a:
40:3d:0c:87:d7:99:0b:a2:32:87:fc:a1:5a:e6:ec:
0b:e3:6e:12:b2:72:b4:05:74:52:03:d5:a7:84:54:
c1:de:98:04:c4:24:f1:6c:17:da:a4:3c:5e:16:dc:
a0:08:5a:d2:73:ce:9e:59:4d:2e:e4:dd:1c:00:d6:
6f:60:85:09:0b:8e:77:74:e5:81:5d:8b:75:50:00:
39:89:f4:e5:95:ab:00:f0:b9:2f:4b:e1:78:46:a6:
40:1f:4c:26:8b:b9:c1:f6:97:de:1d:76:e1:ad:b1:
2b:56:c4:12:32:f0:a5:66:84:05:99:c4:d1:71:b3:
33:f9:14:d9:c8:af:0f:2f:92:5e:45:01:2d:38:94:
9f:21:7f:d1:36:a3:91:0c:f9:fd:65:15:dc:76:46:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:1B:A3:0C:09:1D:44:B5:97:11:AA:94:FC:EB:2B:AB:D9:F4:44
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Hq4bowwJHUS1lxGqlPzrK6vZ9EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:15c::/48
Signature Algorithm: sha256WithRSAEncryption
6a:a6:f8:c1:22:bc:f3:4e:f6:7b:f2:7e:4c:5d:12:ae:b6:ff:
aa:38:5f:fb:28:77:5d:c9:67:17:24:4a:c5:80:89:94:d1:ba:
6b:87:c0:d0:f7:d4:70:ea:90:17:fa:1f:b9:4e:7d:4d:29:fd:
94:cf:c5:9c:da:97:dd:c2:87:90:10:88:c1:b7:a5:e7:36:14:
03:2e:0c:85:34:1d:c5:c6:96:32:c5:a5:7e:b8:32:e4:eb:78:
5d:04:b1:fb:aa:37:2b:df:2a:90:09:fa:2b:ce:b3:c2:b6:eb:
5f:fe:cf:99:d9:16:fd:0b:0c:08:a9:a2:99:5e:b5:d8:92:20:
8e:bf:52:b7:5b:18:5d:0d:00:13:e2:f6:cd:44:21:95:05:19:
15:b5:5b:3b:71:dc:12:ce:2f:24:16:49:5b:16:2c:51:9b:a4:
02:11:85:83:29:32:2d:29:c0:0b:7e:bd:a4:60:40:d5:5e:2d:
df:02:05:5e:63:a9:95:b5:ae:7e:90:8d:47:72:ae:7b:a9:b8:
54:f8:dc:c1:28:3d:d7:be:5e:73:cd:8a:ae:e3:9d:69:d7:17:
33:01:e5:a5:25:68:4c:b5:a9:cd:8b:fa:a3:cb:51:2f:40:3e:
a0:41:e3:4b:0f:47:78:b3:f4:a3:c5:5d:2e:fd:38:1a:68:c3:
fc:97:61:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8F3XI/kJ+qVX4VtuzLV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFlMWJhMzBjMDkxZDQ0YjU5NzExYWE5NGZjZWIyYmFiZDlmNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ErwE9XzYxK/mOp3dXNiIytU/ysB
1ndLVb1gr0D4iHdjn7o6sGuV/E5C1Pu7rnsWOFkZAryVMz+F6QLhr9yDx08LskoY
Y0DKVcJTxo3wgz7XWPHiOk9vw3yN+8T4EHrMeAQ/Pj8OjZpAPQyH15kLojKH/KFa
5uwL424SsnK0BXRSA9WnhFTB3pgExCTxbBfapDxeFtygCFrSc86eWU0u5N0cANZv
YIUJC453dOWBXYt1UAA5ifTllasA8LkvS+F4RqZAH0wmi7nB9pfeHXbhrbErVsQS
MvClZoQFmcTRcbMz+RTZyK8PL5JeRQEtOJSfIX/RNqORDPn9ZRXcdka1xwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB6uG6MMCR1EtZcRqpT86yur2fREMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSHE0Ym93d0pIVVMxbHhHcWxQenJLNnZaOUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFc
MA0GCSqGSIb3DQEBCwUAA4IBAQBqpvjBIrzzTvZ78n5MXRKutv+qOF/7KHddyWcX
JErFgImU0bprh8DQ99Rw6pAX+h+5Tn1NKf2Uz8Wc2pfdwoeQEIjBt6XnNhQDLgyF
NB3FxpYyxaV+uDLk63hdBLH7qjcr3yqQCforzrPCtutf/s+Z2Rb9CwwIqaKZXrXY
kiCOv1K3WxhdDQAT4vbNRCGVBRkVtVs7cdwSzi8kFklbFixRm6QCEYWDKTItKcAL
fr2kYEDVXi3fAgVeY6mVta5+kI1Hcq57qbhU+NzBKD3Xvl5zzYqu451p1xczAeWl
JWhMtanNi/qjy1EvQD6gQeNLD0d4s/SjxV0u/TgaaMP8l2G4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org