Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KQnPkrD4OrDbyKdPh0iw4FeTpuo.roa
File: KQnPkrD4OrDbyKdPh0iw4FeTpuo.roa (raw, json)
Hash identifier: Lme0q/diJcm1hoV9Q+HSB1zxcrOPmm/EjdN8fjLRUHw=
Subject key identifier: 29:09:CF:92:B0:F8:3A:B0:DB:C8:A7:4F:87:48:B0:E0:57:93:A6:EA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0194282579E9D4AC60E072BA645D06207D81
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KQnPkrD4OrDbyKdPh0iw4FeTpuo.roa
Signing time: Thu 02 Jan 2025 17:52:12 +0000
ROA not before: Thu 02 Jan 2025 17:52:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215743
IP address blocks: 2a0f:b241:53::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 23:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:79:e9:d4:ac:60:e0:72:ba:64:5d:06:20:7d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2909cf92b0f83ab0dbc8a74f8748b0e05793a6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:f8:0c:43:e8:12:67:52:b4:ea:d5:2c:05:
cf:05:9d:dd:f2:25:7d:64:de:13:fa:12:af:2a:f7:
3f:4f:6f:4d:6c:1a:01:b2:d9:3e:e5:a2:2c:4e:6c:
8a:df:6f:0f:b9:b9:56:6f:22:9f:cd:9a:31:7c:e9:
8a:6b:7b:e1:b8:fd:95:e3:93:90:fe:d8:ff:f3:7d:
cf:cd:6a:bc:4d:82:f0:6e:1e:f9:c8:d4:80:1d:1c:
73:3c:42:25:79:c0:de:d3:8b:58:df:98:2b:27:0e:
ed:b3:de:2b:a5:af:4d:f9:40:e6:38:c3:0d:b2:c8:
7c:d5:bb:0f:93:86:8c:1e:e0:ce:b5:f3:3c:ad:7e:
db:5c:48:3a:f6:9e:b5:a2:a4:eb:a3:24:13:96:b4:
62:ae:a7:39:d7:21:fc:9f:63:5a:bc:ef:f2:a9:60:
4c:02:b3:b5:19:b0:c2:36:69:21:0f:a4:05:7d:84:
96:05:0f:e4:69:7d:19:42:df:41:b4:b4:88:4c:75:
52:80:73:65:4e:44:45:94:cd:04:f8:22:9e:e2:7d:
4d:e3:a8:dd:2b:96:f2:16:ff:b3:73:e7:14:22:56:
c9:dc:b6:c6:b9:13:7a:74:38:7b:e3:b5:ac:0a:ed:
11:29:27:c2:f5:ac:9b:7a:0c:f8:76:bf:2b:f9:d7:
e6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:09:CF:92:B0:F8:3A:B0:DB:C8:A7:4F:87:48:B0:E0:57:93:A6:EA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KQnPkrD4OrDbyKdPh0iw4FeTpuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:53::/48
Signature Algorithm: sha256WithRSAEncryption
72:30:08:84:6c:03:61:9a:9c:01:33:6d:64:34:78:bf:05:3b:
2f:83:ac:72:ad:a9:de:b7:e6:57:3e:46:e4:56:cc:ff:2c:43:
49:fd:dc:4d:26:af:32:51:12:99:72:04:5d:b3:66:12:32:f7:
97:b7:c2:98:73:5c:f0:b6:8b:df:75:0d:1f:79:f7:19:02:87:
c6:b9:34:87:92:3c:7a:11:0d:9a:1d:9f:dc:ec:dd:d6:37:06:
6e:ef:b1:86:d5:20:7e:1b:4e:b7:d6:87:74:55:2a:05:e0:58:
69:b7:7e:c4:a4:45:20:9d:7d:e8:96:8c:c1:b7:44:28:36:81:
47:20:36:1a:80:04:38:3c:c7:ec:b3:d2:bf:82:a8:df:6b:16:
b3:c0:3e:00:50:e0:f1:23:a1:39:dd:18:fb:43:88:25:21:8d:
bd:0f:f0:e9:12:02:34:68:4c:3f:0b:c9:f9:3e:88:1b:65:a5:
5a:d0:cf:01:d8:d4:f6:2e:41:25:76:99:0b:c7:3d:45:99:b8:
96:23:43:9d:ff:b2:6d:42:d9:6f:a0:27:25:33:bf:91:6f:96:
01:2b:e6:b7:7d:49:08:09:20:a7:da:60:54:e3:28:62:d4:be:
bc:47:76:8f:ac:d8:58:74:c5:a0:31:8f:89:60:20:b3:0d:f4:
6c:2b:5c:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXnp1Kxg4HK6ZF0GIH2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA5Y2Y5MmIwZjgzYWIwZGJjOGE3NGY4NzQ4YjBlMDU3OTNhNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv74DEPoEmdStOrVLAXPBZ3d8iV9
ZN4T+hKvKvc/T29NbBoBstk+5aIsTmyK328PublWbyKfzZoxfOmKa3vhuP2V45OQ
/tj/833PzWq8TYLwbh75yNSAHRxzPEIlecDe04tY35grJw7ts94rpa9N+UDmOMMN
ssh81bsPk4aMHuDOtfM8rX7bXEg69p61oqTroyQTlrRirqc51yH8n2NavO/yqWBM
ArO1GbDCNmkhD6QFfYSWBQ/kaX0ZQt9BtLSITHVSgHNlTkRFlM0E+CKe4n1N46jd
K5byFv+zc+cUIlbJ3LbGuRN6dDh747WsCu0RKSfC9aybegz4dr8r+dfmDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCkJz5Kw+Dqw28inT4dIsOBXk6bqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvS1FuUGtyRDRPckRieUtkUGgwaXc0RmVUcHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBT
MA0GCSqGSIb3DQEBCwUAA4IBAQByMAiEbANhmpwBM21kNHi/BTsvg6xyranet+ZX
PkbkVsz/LENJ/dxNJq8yURKZcgRds2YSMveXt8KYc1zwtovfdQ0fefcZAofGuTSH
kjx6EQ2aHZ/c7N3WNwZu77GG1SB+G0631od0VSoF4Fhpt37EpEUgnX3olozBt0Qo
NoFHIDYagAQ4PMfss9K/gqjfaxazwD4AUODxI6E53Rj7Q4glIY29D/DpEgI0aEw/
C8n5PogbZaVa0M8B2NT2LkEldpkLxz1FmbiWI0Od/7JtQtlvoCclM7+Rb5YBK+a3
fUkICSCn2mBU4yhi1L68R3aPrNhYdMWgMY+JYCCzDfRsK1zJ
-----END CERTIFICATE-----
Generated at Tue Apr 15 08:00:23 2025 by rpki-client