Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P9gv0wfYnJy3qgyOXLf-YYJnbFM.roa
File: P9gv0wfYnJy3qgyOXLf-YYJnbFM.roa (raw, json)
Hash identifier: OP3gbl/7fgp93pC0OASLgEyCxJfu7PwPkystFQBOh6Y=
Subject key identifier: 3F:D8:2F:D3:07:D8:9C:9C:B7:AA:0C:8E:5C:B7:FE:61:82:67:6C:53
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB88C8BC50EECF14BB01E5A7CF9356C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P9gv0wfYnJy3qgyOXLf-YYJnbFM.roa
Signing time: Tue 06 Feb 2024 18:40:17 +0000
ROA not before: Tue 06 Feb 2024 18:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215748
IP address blocks: 2a0f:b241:151::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b8:8c:8b:c5:0e:ec:f1:4b:b0:1e:5a:7c:f9:35:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fd82fd307d89c9cb7aa0c8e5cb7fe6182676c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c6:18:4c:91:47:61:4e:59:d2:08:8e:23:16:
11:3f:e5:5f:07:2f:6e:40:ec:7c:34:1d:36:e9:f6:
9c:79:9c:28:af:96:c4:3d:6f:8b:f1:19:52:92:66:
8e:0f:39:ac:f4:c5:a9:9c:f5:94:5b:72:e3:e5:a0:
e0:31:8d:e3:c7:c0:a0:b6:9a:83:c2:3c:e6:80:d4:
3a:d5:52:a0:72:31:14:84:ee:f2:9d:ac:c1:17:be:
01:92:8b:98:26:2e:63:bd:6b:06:e8:b1:d0:4f:46:
51:d0:85:84:db:9f:c1:23:2d:5f:27:dd:fd:cf:4a:
f1:06:49:8b:33:08:13:f7:17:c3:92:be:30:b2:a7:
a3:0a:9b:a4:44:44:67:a3:ed:36:5f:eb:0d:c1:c3:
85:47:8e:e7:03:ad:37:57:49:06:98:05:4d:63:c9:
df:1a:8a:ce:2b:1d:5e:be:7f:f4:3e:aa:d5:c1:62:
d7:b1:56:62:4e:12:1c:38:18:38:14:db:6a:1a:fa:
9b:99:32:ca:ce:e9:6a:af:8d:80:23:04:b3:e0:20:
3f:33:ff:7a:04:bf:0d:47:71:85:27:a5:21:05:54:
a2:f3:51:2d:ea:45:51:53:7b:cc:e0:24:6f:a4:10:
43:65:d2:32:a9:55:02:40:a1:2e:e9:b7:4d:1b:8e:
da:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D8:2F:D3:07:D8:9C:9C:B7:AA:0C:8E:5C:B7:FE:61:82:67:6C:53
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P9gv0wfYnJy3qgyOXLf-YYJnbFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:151::/48
Signature Algorithm: sha256WithRSAEncryption
39:94:7f:f2:a3:e7:94:2c:e8:56:bf:79:b9:10:71:7a:2b:ab:
e8:03:fc:4b:6d:02:95:e9:00:5d:83:04:8d:68:fc:85:3b:16:
fe:18:0d:8f:29:9c:15:7d:ea:6b:ba:4f:5e:88:5b:45:b2:3c:
7b:6f:00:9a:38:32:a7:49:d0:54:49:ec:72:e8:c4:8d:3b:f9:
96:77:e6:3f:e9:2c:3f:01:cc:f3:5e:29:10:a8:ad:a8:9b:bf:
b3:bc:89:72:ef:22:46:b7:28:39:5b:9c:bc:55:39:77:e0:88:
dd:77:50:50:e2:f9:49:71:bf:9e:fd:ad:d7:79:83:61:86:07:
0b:3a:9b:f3:5d:42:02:0c:8f:6f:fd:76:8a:24:b3:2a:22:eb:
26:2b:18:60:33:10:ff:c1:aa:0a:88:98:70:fc:80:e9:64:9f:
5e:1b:90:c3:3a:7c:89:5a:ae:1d:16:95:a8:54:db:db:4f:8f:
6e:10:2f:b2:fa:e8:14:7e:07:4e:0b:9d:7f:15:e5:9e:d3:1d:
89:bd:11:8e:7c:bd:09:b5:b1:66:b3:44:66:aa:6e:ea:29:03:
49:30:33:ae:59:71:ec:87:92:0a:2a:38:9c:1d:35:b5:f1:21:
21:30:fc:a5:04:98:30:4f:16:bd:5e:ab:c9:a4:1e:e2:a3:35:
2c:37:48:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uIyLxQ7s8UuwHlp8+TVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ4MmZkMzA3ZDg5YzljYjdhYTBjOGU1Y2I3ZmU2MTgyNjc2YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMYYTJFHYU5Z0giOIxYRP+VfBy9u
QOx8NB026faceZwor5bEPW+L8RlSkmaODzms9MWpnPWUW3Lj5aDgMY3jx8CgtpqD
wjzmgNQ61VKgcjEUhO7ynazBF74BkouYJi5jvWsG6LHQT0ZR0IWE25/BIy1fJ939
z0rxBkmLMwgT9xfDkr4wsqejCpukRERno+02X+sNwcOFR47nA603V0kGmAVNY8nf
GorOKx1evn/0PqrVwWLXsVZiThIcOBg4FNtqGvqbmTLKzulqr42AIwSz4CA/M/96
BL8NR3GFJ6UhBVSi81Et6kVRU3vM4CRvpBBDZdIyqVUCQKEu6bdNG47a1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD/YL9MH2Jyct6oMjly3/mGCZ2xTMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUDlndjB3ZlluSnkzcWd5T1hMZi1ZWUpuYkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFR
MA0GCSqGSIb3DQEBCwUAA4IBAQA5lH/yo+eULOhWv3m5EHF6K6voA/xLbQKV6QBd
gwSNaPyFOxb+GA2PKZwVfepruk9eiFtFsjx7bwCaODKnSdBUSexy6MSNO/mWd+Y/
6Sw/AczzXikQqK2om7+zvIly7yJGtyg5W5y8VTl34Ijdd1BQ4vlJcb+e/a3XeYNh
hgcLOpvzXUICDI9v/XaKJLMqIusmKxhgMxD/waoKiJhw/IDpZJ9eG5DDOnyJWq4d
FpWoVNvbT49uEC+y+ugUfgdOC51/FeWe0x2JvRGOfL0JtbFms0Rmqm7qKQNJMDOu
WXHsh5IKKjicHTW18SEhMPylBJgwTxa9XqvJpB7iozUsN0iW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org