Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QZwvIKSslseFxnmrTfAZO7St_bw.roa
File: QZwvIKSslseFxnmrTfAZO7St_bw.roa (raw, json)
Hash identifier: Lz/rSuMprLf1th0U4ZJfaDw5qzXlETzFyHiTMYO4WPQ=
Subject key identifier: 41:9C:2F:20:A4:AC:96:C7:85:C6:79:AB:4D:F0:19:3B:B4:AD:FD:BC
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F088EAA0AC8539BA4474643A4DC7AF
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QZwvIKSslseFxnmrTfAZO7St_bw.roa
Signing time: Wed 07 Feb 2024 05:00:40 +0000
ROA not before: Wed 07 Feb 2024 05:00:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201392
IP address blocks: 2a0f:b241:dd::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:88:ea:a0:ac:85:39:ba:44:74:64:3a:4d:c7:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=419c2f20a4ac96c785c679ab4df0193bb4adfdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1c:8a:7c:40:c1:8d:45:60:22:16:95:d0:74:
20:cb:74:85:78:a2:ad:47:90:99:cd:83:fc:e9:44:
b6:b6:38:76:07:8d:4b:04:4c:26:da:80:85:f1:e9:
ef:c0:22:8d:93:35:26:b9:16:02:a9:75:8a:7b:30:
d2:83:a9:5f:a7:18:e6:cb:b8:85:0f:6c:ec:a0:b0:
2a:99:6f:87:17:fe:60:75:08:30:20:d4:cb:7e:1b:
d0:54:a0:97:e2:1c:4a:29:52:72:0c:94:9c:59:0a:
85:9f:c5:73:be:ea:a2:e5:99:60:15:32:07:ab:e1:
d6:63:c7:8c:b0:ef:17:71:00:1b:f5:f5:8a:48:5d:
51:97:19:95:13:15:ac:9d:0b:cc:66:5c:db:42:5e:
3c:10:60:65:e3:42:1e:ff:3d:62:fc:1e:22:fd:3c:
14:a7:ef:b8:59:c2:f6:5b:41:7d:4e:5a:d5:10:cb:
8b:6f:25:b2:15:15:30:d9:3f:60:cb:ed:16:4b:c1:
b3:45:81:dd:3a:46:97:5a:a9:c3:08:25:a6:52:87:
4c:45:12:76:19:e1:f9:36:08:6a:0a:d5:46:52:de:
df:6a:27:fd:66:a9:87:e8:26:dc:6a:0a:0c:ef:7b:
53:47:77:1d:04:c6:75:0b:3d:2b:d4:5f:17:c3:5f:
12:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9C:2F:20:A4:AC:96:C7:85:C6:79:AB:4D:F0:19:3B:B4:AD:FD:BC
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QZwvIKSslseFxnmrTfAZO7St_bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:dd::/48
Signature Algorithm: sha256WithRSAEncryption
61:e6:0a:32:97:5c:0a:ab:84:db:40:11:e1:30:af:cc:b6:ec:
7d:80:4e:93:bd:e6:42:73:eb:09:24:90:34:72:99:26:5d:70:
a0:a4:c8:1f:e0:ad:74:9c:40:da:00:48:54:84:3b:bd:cb:f1:
af:ef:8a:c1:1c:d4:4b:c0:a9:8e:c9:b6:11:51:e7:7f:fd:f5:
b6:fa:6d:61:de:de:25:3a:20:3a:3c:ae:bc:6e:83:4c:a1:f5:
0a:2f:96:7a:6f:cb:1a:f5:ec:ec:d3:5d:2d:14:68:ec:ad:48:
0b:88:2b:cf:a4:37:d0:88:75:be:02:d5:a8:ed:0f:87:57:b2:
0e:ef:da:bc:68:61:16:61:a3:c1:e5:22:2b:b2:7c:cf:e2:4c:
6b:5a:58:dc:94:08:a0:8b:d6:5d:8f:5d:21:1c:a0:02:84:79:
cc:d2:9c:87:9f:3d:5a:8d:bb:41:76:cc:16:09:1a:4e:46:0d:
a7:90:3c:a2:87:69:ba:89:e5:61:79:ba:ae:8b:4b:23:d2:bc:
cb:ac:49:7b:76:d3:fd:3e:48:3f:53:b1:a7:84:b9:9d:53:68:
84:46:2e:8c:b3:e1:4a:e4:b5:fc:16:72:21:d5:fa:94:54:f0:
26:d3:08:a6:ba:3d:ff:6b:97:1d:36:ea:0b:a5:6b:5d:d2:bb:
fa:5b:ae:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8IjqoKyFObpEdGQ6TcevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTljMmYyMGE0YWM5NmM3ODVjNjc5YWI0ZGYwMTkzYmI0YWRmZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjByKfEDBjUVgIhaV0HQgy3SFeKKt
R5CZzYP86US2tjh2B41LBEwm2oCF8envwCKNkzUmuRYCqXWKezDSg6lfpxjmy7iF
D2zsoLAqmW+HF/5gdQgwINTLfhvQVKCX4hxKKVJyDJScWQqFn8Vzvuqi5ZlgFTIH
q+HWY8eMsO8XcQAb9fWKSF1RlxmVExWsnQvMZlzbQl48EGBl40Ie/z1i/B4i/TwU
p++4WcL2W0F9TlrVEMuLbyWyFRUw2T9gy+0WS8GzRYHdOkaXWqnDCCWmUodMRRJ2
GeH5NghqCtVGUt7faif9ZqmH6CbcagoM73tTR3cdBMZ1Cz0r1F8Xw18SLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEGcLyCkrJbHhcZ5q03wGTu0rf28MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUVp3dklLU3Nsc2VGeG5tclRmQVpPN1N0X2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDd
MA0GCSqGSIb3DQEBCwUAA4IBAQBh5goyl1wKq4TbQBHhMK/Mtux9gE6TveZCc+sJ
JJA0cpkmXXCgpMgf4K10nEDaAEhUhDu9y/Gv74rBHNRLwKmOybYRUed//fW2+m1h
3t4lOiA6PK68boNMofUKL5Z6b8sa9ezs010tFGjsrUgLiCvPpDfQiHW+AtWo7Q+H
V7IO79q8aGEWYaPB5SIrsnzP4kxrWljclAigi9Zdj10hHKAChHnM0pyHnz1ajbtB
dswWCRpORg2nkDyih2m6ieVhebqui0sj0rzLrEl7dtP9Pkg/U7GnhLmdU2iERi6M
s+FK5LX8FnIh1fqUVPAm0wimuj3/a5cdNuoLpWtd0rv6W66j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org