Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PhEskSAlqbw7W5ffUBPj_yKWUaA.roa
File: PhEskSAlqbw7W5ffUBPj_yKWUaA.roa (raw, json)
Hash identifier: d3I64ToVJXpa0ofCGi34UBzBFvkUBFinz0UpE2e33Hk=
Subject key identifier: 3E:11:2C:91:20:25:A9:BC:3B:5B:97:DF:50:13:E3:FF:22:96:51:A0
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0648514048A8D23BD090A5BBA5233
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PhEskSAlqbw7W5ffUBPj_yKWUaA.roa
Signing time: Wed 07 Feb 2024 05:00:31 +0000
ROA not before: Wed 07 Feb 2024 05:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56808
IP address blocks: 2a0f:b241:11d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:64:85:14:04:8a:8d:23:bd:09:0a:5b:ba:52:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e112c912025a9bc3b5b97df5013e3ff229651a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:96:72:28:26:ba:3b:1b:13:16:82:59:bb:18:
e4:c0:97:6d:d9:7a:4b:f5:78:da:e7:ed:d1:1b:73:
89:1c:39:2e:03:79:f4:ca:02:e4:fc:78:2b:2c:e9:
94:30:18:4e:18:f3:68:48:1d:94:b3:78:c8:5b:a7:
89:57:44:e5:97:ac:20:15:81:dd:6a:06:c6:40:df:
0f:bf:95:5b:44:c0:03:c1:cd:c6:34:ed:85:38:76:
9c:f9:3c:92:ef:8b:a0:d3:6d:c7:aa:25:f6:7f:7a:
72:92:27:a9:16:73:78:a0:40:62:80:1a:ca:88:04:
3c:45:be:69:77:cb:4c:c9:13:91:cd:1a:90:6c:68:
7a:de:aa:ff:8e:89:c3:47:a2:16:7d:cc:df:92:83:
8e:bf:87:19:f6:70:b3:8b:8e:f5:6c:7f:d4:43:26:
b5:84:f6:e4:72:90:16:3b:1f:d3:d9:ac:31:b6:0b:
d9:67:b6:05:e4:be:38:7e:e7:a2:9a:ae:b8:e9:d0:
4a:b1:54:1b:3e:80:e7:11:c0:7e:90:c8:e9:31:b6:
02:3a:bf:20:18:c2:b2:cb:e2:8b:de:11:16:ee:32:
5d:43:f5:f7:7f:0b:5f:37:77:a5:d0:5a:e0:98:3f:
10:e2:f0:2b:31:af:9f:f6:6a:d1:7a:e2:1c:89:2c:
3d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:11:2C:91:20:25:A9:BC:3B:5B:97:DF:50:13:E3:FF:22:96:51:A0
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/PhEskSAlqbw7W5ffUBPj_yKWUaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11d::/48
Signature Algorithm: sha256WithRSAEncryption
24:fc:61:37:5e:a0:5b:0a:ae:9e:c0:ac:4d:fd:7c:2d:40:ea:
9f:83:23:30:2e:7c:0b:3b:f9:82:07:d6:71:0c:2f:90:c5:35:
c5:5a:66:db:f2:ea:89:c2:ab:91:4e:53:ca:b9:62:28:76:b3:
0b:b4:33:ac:6a:3d:50:d9:ea:dc:7a:9e:2a:df:0d:40:ca:f4:
93:8d:56:f7:13:3d:cc:92:47:c8:2f:35:e1:4f:a1:72:28:55:
51:ac:c1:86:ba:00:dd:21:54:76:fc:a1:a7:73:79:1e:aa:ca:
2c:90:a5:46:c8:41:42:53:c1:cc:0f:ce:c4:0c:28:7c:97:26:
7a:03:95:4f:c2:ef:ef:a5:40:06:71:16:3f:7f:07:5d:9d:2f:
7b:80:ce:22:a8:ae:a8:5d:6b:a9:45:b8:c0:63:3a:24:2b:9f:
49:9a:19:d2:55:5e:2d:28:5d:a4:f9:45:ea:3d:af:89:4b:7a:
01:05:e3:f8:fc:92:d9:03:61:9f:fa:ee:62:d9:b2:2f:a8:21:
b6:1b:64:52:3c:f8:24:84:9b:71:d0:5b:81:50:67:c8:93:4b:
88:e9:c9:52:bf:32:d0:a1:37:7e:68:9d:ce:50:c3:c8:3a:16:
cb:25:75:b5:03:ed:85:da:5f:57:03:24:02:50:8f:60:0c:12:
df:75:68:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GSFFASKjSO9CQpbulIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTExMmM5MTIwMjVhOWJjM2I1Yjk3ZGY1MDEzZTNmZjIyOTY1MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJZyKCa6OxsTFoJZuxjkwJdt2XpL
9Xja5+3RG3OJHDkuA3n0ygLk/HgrLOmUMBhOGPNoSB2Us3jIW6eJV0Tll6wgFYHd
agbGQN8Pv5VbRMADwc3GNO2FOHac+TyS74ug023HqiX2f3pykiepFnN4oEBigBrK
iAQ8Rb5pd8tMyRORzRqQbGh63qr/jonDR6IWfczfkoOOv4cZ9nCzi471bH/UQya1
hPbkcpAWOx/T2awxtgvZZ7YF5L44fueimq646dBKsVQbPoDnEcB+kMjpMbYCOr8g
GMKyy+KL3hEW7jJdQ/X3fwtfN3el0FrgmD8Q4vArMa+f9mrReuIciSw9FwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD4RLJEgJam8O1uX31AT4/8illGgMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUGhFc2tTQWxxYnc3VzVmZlVCUGpfeUtXVWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEd
MA0GCSqGSIb3DQEBCwUAA4IBAQAk/GE3XqBbCq6ewKxN/XwtQOqfgyMwLnwLO/mC
B9ZxDC+QxTXFWmbb8uqJwquRTlPKuWIodrMLtDOsaj1Q2ercep4q3w1AyvSTjVb3
Ez3MkkfILzXhT6FyKFVRrMGGugDdIVR2/KGnc3keqsoskKVGyEFCU8HMD87EDCh8
lyZ6A5VPwu/vpUAGcRY/fwddnS97gM4iqK6oXWupRbjAYzokK59JmhnSVV4tKF2k
+UXqPa+JS3oBBeP4/JLZA2Gf+u5i2bIvqCG2G2RSPPgkhJtx0FuBUGfIk0uI6clS
vzLQoTd+aJ3OUMPIOhbLJXW1A+2F2l9XAyQCUI9gDBLfdWgM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org