Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/K5XBlPxSKkwmAdvhWhbnvRU0Srg.roa
File: K5XBlPxSKkwmAdvhWhbnvRU0Srg.roa (raw, json)
Hash identifier: zQQq/p4G6q+YmD6KEn/L25si8WT0iPK4tWSb/r4kN90=
Subject key identifier: 2B:95:C1:94:FC:52:2A:4C:26:01:DB:E1:5A:16:E7:BD:15:34:4A:B8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6B31367FB8A3BF70CC4B75B6A81CD
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/K5XBlPxSKkwmAdvhWhbnvRU0Srg.roa
Signing time: Tue 06 Feb 2024 18:38:16 +0000
ROA not before: Tue 06 Feb 2024 18:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199340
IP address blocks: 2a0f:b241:12c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:b3:13:67:fb:8a:3b:f7:0c:c4:b7:5b:6a:81:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b95c194fc522a4c2601dbe15a16e7bd15344ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:4d:35:e5:16:be:ec:7c:ca:be:89:5a:8f:
66:c3:7a:f5:49:11:23:c9:44:05:a1:2a:db:36:fa:
2a:31:b7:36:2d:dc:fe:3d:a3:88:4f:58:5d:dc:70:
ac:22:f3:cd:d5:b6:83:4b:30:a5:48:57:fe:37:47:
2c:07:a8:9f:5f:c0:f5:3d:3c:e6:00:b7:24:63:8e:
62:f3:2a:e6:d1:01:4f:aa:ed:b5:ca:1f:4b:fe:d5:
c2:03:19:82:23:31:76:68:b5:84:ef:01:da:2e:c6:
dd:f3:99:5b:ff:34:7e:bf:c7:27:1a:95:43:32:d9:
30:64:1a:52:9a:75:ae:0d:26:01:2f:e5:9f:53:e7:
ba:a7:19:6b:41:38:25:c3:a6:22:22:c5:94:3c:be:
45:19:07:40:d1:e7:6f:b7:fe:67:62:68:0b:ff:c2:
ca:78:17:77:86:67:2a:f5:4a:ea:9d:b4:05:55:c4:
c0:bb:94:89:46:b3:25:a9:15:40:63:0a:6b:2f:07:
18:7d:5e:51:6c:ab:83:ba:c1:fd:1d:ee:6c:46:57:
33:4b:3c:b1:8b:3e:26:5f:0e:e1:a9:5b:ba:6c:fb:
5c:ea:0d:4b:3f:36:d7:1a:19:89:9d:6d:8c:7c:8b:
5c:6e:fe:ff:a3:be:e9:de:19:b1:3c:05:a8:56:17:
96:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:95:C1:94:FC:52:2A:4C:26:01:DB:E1:5A:16:E7:BD:15:34:4A:B8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/K5XBlPxSKkwmAdvhWhbnvRU0Srg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:12c::/48
Signature Algorithm: sha256WithRSAEncryption
5f:fb:43:9c:de:33:47:7c:1f:54:22:78:34:cf:a2:df:e4:34:
cc:72:c1:72:33:05:98:02:64:91:35:a2:d5:14:8f:0c:10:1c:
27:8e:0c:9a:e2:dc:c7:dc:07:f0:c3:d8:d7:01:a8:fc:61:ba:
4c:2f:5b:53:6a:47:e1:ff:9b:51:b3:3b:8e:c9:e1:2b:e6:5f:
82:20:85:cd:f1:60:1a:08:ca:ab:09:04:ba:f1:72:3b:49:5d:
cc:1b:43:9c:d3:6d:8b:c5:63:65:81:b4:d9:8e:5c:0b:5e:5c:
0b:8d:7a:af:05:c5:17:dd:de:1a:93:ac:a2:8b:43:cf:aa:fc:
ed:09:25:7c:e8:f1:89:40:f8:3a:50:f0:22:50:9d:45:74:71:
5f:24:b7:43:e6:b6:9c:ab:1e:aa:e1:cc:5f:41:da:ed:83:15:
19:9d:57:83:24:13:1a:7f:c6:af:60:9b:ff:e3:4c:45:77:a6:
1c:8c:ff:da:d2:b3:83:ac:1b:64:f0:97:37:c3:72:c4:50:8f:
59:53:05:73:38:8e:72:7b:7e:f7:75:98:73:0b:45:4c:9b:5b:
3b:ad:0d:db:7d:6e:98:1d:c8:e1:19:5e:77:82:82:eb:96:24:
3e:81:4b:14:a7:91:43:94:ba:01:0a:3e:da:03:1a:f0:43:a8:
8e:1a:4c:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trMTZ/uKO/cMxLdbaoHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk1YzE5NGZjNTIyYTRjMjYwMWRiZTE1YTE2ZTdiZDE1MzQ0YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYRNNeUWvux8yr6JWo9mw3r1SREj
yUQFoSrbNvoqMbc2Ldz+PaOIT1hd3HCsIvPN1baDSzClSFf+N0csB6ifX8D1PTzm
ALckY45i8yrm0QFPqu21yh9L/tXCAxmCIzF2aLWE7wHaLsbd85lb/zR+v8cnGpVD
MtkwZBpSmnWuDSYBL+WfU+e6pxlrQTglw6YiIsWUPL5FGQdA0edvt/5nYmgL/8LK
eBd3hmcq9UrqnbQFVcTAu5SJRrMlqRVAYwprLwcYfV5RbKuDusH9He5sRlczSzyx
iz4mXw7hqVu6bPtc6g1LPzbXGhmJnW2MfItcbv7/o77p3hmxPAWoVheWNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCuVwZT8UipMJgHb4VoW570VNEq4MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSzVYQmxQeFNLa3dtQWR2aFdoYm52UlUwU3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEs
MA0GCSqGSIb3DQEBCwUAA4IBAQBf+0Oc3jNHfB9UIng0z6Lf5DTMcsFyMwWYAmSR
NaLVFI8MEBwnjgya4tzH3Afww9jXAaj8YbpML1tTakfh/5tRszuOyeEr5l+CIIXN
8WAaCMqrCQS68XI7SV3MG0Oc022LxWNlgbTZjlwLXlwLjXqvBcUX3d4ak6yii0PP
qvztCSV86PGJQPg6UPAiUJ1FdHFfJLdD5racqx6q4cxfQdrtgxUZnVeDJBMaf8av
YJv/40xFd6YcjP/a0rODrBtk8Jc3w3LEUI9ZUwVzOI5ye373dZhzC0VMm1s7rQ3b
fW6YHcjhGV53goLrliQ+gUsUp5FDlLoBCj7aAxrwQ6iOGkzl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org