Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PRedQ5_0TRxxj3qI22rLOmRWfcY.roa
File: PRedQ5_0TRxxj3qI22rLOmRWfcY.roa (raw, json)
Hash identifier: fFaslyIOMK81mhHaS50mykLjV1BifSt36UJcw1J/S8o=
Subject key identifier: 3D:17:9D:43:9F:F4:4D:1C:71:8F:7A:88:DB:6A:CB:3A:64:56:7D:C6
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D7F9CD7B1DCEB705F340C96659A29
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PRedQ5_0TRxxj3qI22rLOmRWfcY.roa
Signing time: Tue 06 Feb 2024 17:53:16 +0000
ROA not before: Tue 06 Feb 2024 17:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209600
IP address blocks: 2a0f:b241:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:7f:9c:d7:b1:dc:eb:70:5f:34:0c:96:65:9a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d179d439ff44d1c718f7a88db6acb3a64567dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:31:80:f2:c6:df:fb:48:70:8b:44:ea:85:cb:
84:d1:37:3d:e6:34:5e:3b:10:68:d7:c3:26:6a:e5:
17:83:f8:97:c9:0d:ff:23:a7:88:50:37:dd:40:54:
36:21:35:9e:71:15:2e:29:d4:3e:6d:a1:e7:e4:8e:
77:a3:17:0e:2d:8a:77:1d:04:1f:93:dc:b6:3c:6d:
c8:88:cc:bb:40:ed:2f:05:fc:26:83:6c:bb:6b:5f:
b6:65:f5:d0:4a:d7:53:0e:c2:32:6e:e8:56:c2:55:
ba:5b:0a:5e:0b:60:ff:18:9b:48:f1:66:49:e6:7e:
15:c8:2a:d3:ec:53:01:93:c5:0e:85:03:85:47:72:
8a:fe:6a:30:45:cb:de:81:99:e3:fc:81:a7:80:fc:
e3:28:14:cb:68:f2:fe:0d:66:0e:e2:f0:46:44:6d:
7f:00:39:a4:e6:f8:49:af:3b:da:d9:e2:0c:2f:53:
7e:9b:de:2f:0f:b5:94:64:0e:5d:75:53:18:7b:0f:
ec:aa:19:3c:8b:d4:dd:87:36:70:78:37:bb:22:41:
0f:de:79:79:5a:3f:58:d3:f0:bd:b6:7f:3c:e6:7e:
67:89:ee:9d:cb:02:fd:c2:01:de:a1:db:83:a6:78:
af:16:bd:aa:e7:c6:b9:3c:32:a0:cb:0c:ba:fe:f0:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:17:9D:43:9F:F4:4D:1C:71:8F:7A:88:DB:6A:CB:3A:64:56:7D:C6
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PRedQ5_0TRxxj3qI22rLOmRWfcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:21::/48
Signature Algorithm: sha256WithRSAEncryption
61:9a:1d:85:6f:c1:53:84:01:89:9b:18:91:1a:98:2c:e8:14:
c8:c1:62:30:95:ee:b4:56:f9:e2:f7:e9:92:dd:3d:f3:e9:82:
24:24:8a:9e:08:df:9e:43:84:87:34:af:bc:5d:30:0f:3c:25:
8b:d0:23:de:65:8b:e7:61:92:df:15:d8:27:d7:b9:b5:b8:00:
2b:04:a9:9e:14:51:99:9f:85:20:09:61:5a:49:ca:93:bd:f3:
c9:51:48:be:50:b1:0a:40:33:7c:cf:43:d2:8a:98:c1:4e:4b:
d6:49:8d:aa:32:f3:c8:c7:be:10:c6:aa:f3:3e:cd:e4:ca:f2:
f0:5e:0b:79:ba:18:d5:f4:bd:99:26:6d:1b:7b:34:ad:55:f3:
47:78:16:b0:3c:bd:fc:ad:11:2a:e1:0b:ad:3e:98:da:67:91:
c9:62:bc:72:d0:c1:1a:5d:b6:6c:78:02:77:9a:28:27:c5:fa:
18:08:99:c9:c7:bc:d9:0c:69:26:68:5c:4c:af:01:ac:17:79:
d4:08:1c:da:ee:fe:ba:b8:77:22:fc:d3:b6:ba:ff:6e:d8:29:
99:79:30:3b:47:03:31:e2:e9:e3:34:60:b0:cf:6b:06:b7:c2:
0b:2d:df:49:eb:7c:f1:08:1a:28:75:97:5c:57:8f:30:56:a9:
db:8f:3d:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jX+c17Hc63BfNAyWZZopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE3OWQ0MzlmZjQ0ZDFjNzE4ZjdhODhkYjZhY2IzYTY0NTY3ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TGA8sbf+0hwi0TqhcuE0Tc95jRe
OxBo18MmauUXg/iXyQ3/I6eIUDfdQFQ2ITWecRUuKdQ+baHn5I53oxcOLYp3HQQf
k9y2PG3IiMy7QO0vBfwmg2y7a1+2ZfXQStdTDsIybuhWwlW6WwpeC2D/GJtI8WZJ
5n4VyCrT7FMBk8UOhQOFR3KK/mowRcvegZnj/IGngPzjKBTLaPL+DWYO4vBGRG1/
ADmk5vhJrzva2eIML1N+m94vD7WUZA5ddVMYew/sqhk8i9TdhzZweDe7IkEP3nl5
Wj9Y0/C9tn885n5nie6dywL9wgHeoduDpnivFr2q58a5PDKgywy6/vAaewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD0XnUOf9E0ccY96iNtqyzpkVn3GMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUFJlZFE1XzBUUnh4ajNxSTIyckxPbVJXZmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAh
MA0GCSqGSIb3DQEBCwUAA4IBAQBhmh2Fb8FThAGJmxiRGpgs6BTIwWIwle60Vvni
9+mS3T3z6YIkJIqeCN+eQ4SHNK+8XTAPPCWL0CPeZYvnYZLfFdgn17m1uAArBKme
FFGZn4UgCWFaScqTvfPJUUi+ULEKQDN8z0PSipjBTkvWSY2qMvPIx74QxqrzPs3k
yvLwXgt5uhjV9L2ZJm0bezStVfNHeBawPL38rREq4QutPpjaZ5HJYrxy0MEaXbZs
eAJ3mignxfoYCJnJx7zZDGkmaFxMrwGsF3nUCBza7v66uHci/NO2uv9u2CmZeTA7
RwMx4unjNGCwz2sGt8ILLd9J63zxCBoodZdcV48wVqnbjz2N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org