Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QiTQj1pcKlMF13BAWB5mR8njbxU.roa
File: QiTQj1pcKlMF13BAWB5mR8njbxU.roa (raw, json)
Hash identifier: iKFvemXdRUmkq3hmEdkO2PnF0kzI32wQcaKnmHOsu40=
Subject key identifier: 42:24:D0:8F:5A:5C:2A:53:05:D7:70:40:58:1E:66:47:C9:E3:6F:15
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018DB327BC263865CE84C947F6ABA02179EF
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QiTQj1pcKlMF13BAWB5mR8njbxU.roa
Signing time: Fri 16 Feb 2024 18:22:22 +0000
ROA not before: Fri 16 Feb 2024 18:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215473
IP address blocks: 2a0f:b241:19::/48 maxlen: 48
2a0f:b241:82::/48 maxlen: 48
2a0f:b241:91::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:27:bc:26:38:65:ce:84:c9:47:f6:ab:a0:21:79:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 16 18:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4224d08f5a5c2a5305d77040581e6647c9e36f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:bb:68:98:79:34:3a:30:ef:db:8e:5f:2f:a0:
ab:2e:91:f2:e0:50:7e:bf:4e:49:6b:fd:17:c2:c7:
1b:5b:49:4b:e8:31:c2:8a:78:d5:48:64:23:e4:46:
fd:5c:11:c1:87:00:5f:fa:49:5e:d2:cf:ca:aa:4f:
d9:09:85:29:82:45:5c:8f:ab:12:68:2d:06:82:56:
5d:a4:aa:f6:a9:e7:53:98:f8:6a:5f:97:59:4c:45:
5d:bd:9a:49:7f:f2:60:3d:a7:a2:71:31:ea:0c:6d:
e2:ce:d3:1c:bc:e8:23:c4:7f:fa:f6:47:0e:bb:1e:
8b:01:e0:bf:6d:bc:47:17:7a:08:25:c7:60:37:5d:
05:66:87:44:07:c3:14:48:25:9d:c8:b0:cf:c2:77:
0c:30:ed:09:71:f1:0b:0c:5f:a8:1c:99:ed:e6:29:
02:76:31:3a:55:ca:c9:89:6d:52:fa:0a:74:f1:8e:
55:ca:e8:00:48:84:52:68:14:f4:45:b1:76:c3:a2:
f8:a0:f7:72:26:d2:b9:60:95:31:14:cc:71:62:52:
f1:39:72:eb:5a:57:da:d0:64:b7:89:22:fa:01:16:
82:4e:9f:25:a4:5c:d9:55:9a:80:9d:3a:b8:f7:f6:
6f:e3:aa:2c:88:f3:fc:ab:ec:5a:4d:38:71:9e:57:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:24:D0:8F:5A:5C:2A:53:05:D7:70:40:58:1E:66:47:C9:E3:6F:15
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/QiTQj1pcKlMF13BAWB5mR8njbxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:19::/48
2a0f:b241:82::/48
2a0f:b241:91::/48
Signature Algorithm: sha256WithRSAEncryption
3a:81:9b:f3:e5:66:76:e4:3e:74:a8:69:5f:0d:c2:21:fd:5a:
5e:60:ed:ca:f4:07:31:1f:64:5a:4e:98:a1:81:bb:2b:d7:ec:
64:6d:3a:3f:48:45:16:fe:f5:aa:79:13:e9:50:9e:5a:b8:81:
bb:35:54:01:d9:a2:02:45:61:4d:07:51:40:03:9a:09:03:63:
7e:ed:a5:64:45:87:6c:1a:4d:a7:cf:89:e2:d7:4e:14:a4:be:
5f:1a:09:fc:fb:fe:da:97:12:26:a1:57:7f:d9:86:b3:f7:72:
06:ce:e3:66:6b:84:48:cf:35:e4:69:9d:8b:4e:bf:a8:4f:32:
47:ea:39:4b:71:3c:87:61:39:5e:65:67:86:0b:a7:57:83:22:
25:d3:3d:83:6c:90:2c:05:7e:f8:d1:0b:a2:5b:05:03:41:f7:
c1:95:40:6a:e4:7e:c5:e7:be:6c:b2:d7:c1:11:5d:95:85:d7:
90:a1:9b:74:7e:33:1b:42:f7:af:59:2d:12:3c:c0:ab:aa:4d:
35:1f:28:e8:80:b7:eb:2e:b6:c6:e6:39:70:f7:92:50:ef:a1:
f3:a1:00:43:eb:7c:3c:4c:be:12:78:c3:d2:37:cd:a3:05:70:
6d:80:20:4b:e7:ee:07:5a:91:94:7b:e9:2d:b1:81:55:75:fc:
8f:96:ca:d7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2zJ7wmOGXOhMlH9qugIXnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjE2MTgyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI0ZDA4ZjVhNWMyYTUzMDVkNzcwNDA1ODFlNjY0N2M5ZTM2ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rtomHk0OjDv245fL6CrLpHy4FB+
v05Ja/0XwscbW0lL6DHCinjVSGQj5Eb9XBHBhwBf+kle0s/Kqk/ZCYUpgkVcj6sS
aC0GglZdpKr2qedTmPhqX5dZTEVdvZpJf/JgPaeicTHqDG3iztMcvOgjxH/69kcO
ux6LAeC/bbxHF3oIJcdgN10FZodEB8MUSCWdyLDPwncMMO0JcfELDF+oHJnt5ikC
djE6VcrJiW1S+gp08Y5VyugASIRSaBT0RbF2w6L4oPdyJtK5YJUxFMxxYlLxOXLr
Wlfa0GS3iSL6ARaCTp8lpFzZVZqAnTq49/Zv46osiPP8q+xaTThxnlcTRwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEIk0I9aXCpTBddwQFgeZkfJ428VMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUWlUUWoxcGNLbE1GMTNCQVdCNW1SOG5qYnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg+yQQAZ
AwcAKg+yQQCCAwcAKg+yQQCRMA0GCSqGSIb3DQEBCwUAA4IBAQA6gZvz5WZ25D50
qGlfDcIh/VpeYO3K9AcxH2RaTpihgbsr1+xkbTo/SEUW/vWqeRPpUJ5auIG7NVQB
2aICRWFNB1FAA5oJA2N+7aVkRYdsGk2nz4ni104UpL5fGgn8+/7alxImoVd/2Yaz
93IGzuNma4RIzzXkaZ2LTr+oTzJH6jlLcTyHYTleZWeGC6dXgyIl0z2DbJAsBX74
0QuiWwUDQffBlUBq5H7F575sstfBEV2VhdeQoZt0fjMbQvevWS0SPMCrqk01Hyjo
gLfrLrbG5jlw95JQ76HzoQBD63w8TL4SeMPSN82jBXBtgCBL5+4HWpGUe+ktsYFV
dfyPlsrX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org