Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNNz_0h3jw5Jxkx63NXN82t_DJk.roa
File: TNNz_0h3jw5Jxkx63NXN82t_DJk.roa (raw, json)
Hash identifier: BT/bNX2Mfos7sMJ4+pXBBLjtb6YTU9z1f/K8mFSw4YM=
Subject key identifier: 4C:D3:73:FF:48:77:8F:0E:49:C6:4C:7A:DC:D5:CD:F3:6B:7F:0C:99
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0AD5D23519948EF5C3F2741211F83
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNNz_0h3jw5Jxkx63NXN82t_DJk.roa
Signing time: Wed 07 Feb 2024 05:00:50 +0000
ROA not before: Wed 07 Feb 2024 05:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212854
IP address blocks: 2a0f:b241:d0::/48 maxlen: 48
2a0f:b241:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:ad:5d:23:51:99:48:ef:5c:3f:27:41:21:1f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cd373ff48778f0e49c64c7adcd5cdf36b7f0c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a2:23:5b:93:a2:8c:d3:99:3e:c2:70:60:92:
58:fc:a5:0b:ab:2b:4c:ed:27:4c:1b:cc:8c:01:8e:
03:ea:98:70:a6:a0:79:03:48:5d:de:c9:11:78:eb:
ce:01:94:e7:ef:4a:70:70:2f:6b:0d:ea:38:8a:21:
69:dd:ae:f1:03:20:b7:b9:aa:19:ed:63:92:40:10:
99:3c:ba:0c:89:aa:ba:b0:c9:84:24:47:d2:42:00:
ad:62:ce:70:57:af:fe:60:08:74:3d:bb:4d:82:4d:
9d:1d:2e:3e:3a:3d:c4:31:84:f9:e5:ba:86:62:24:
79:c6:55:b3:45:64:00:53:71:eb:06:b9:c9:bc:2f:
e9:7c:96:01:1f:39:22:f5:c3:78:2d:cb:e1:c6:a8:
48:62:f5:4f:1d:6f:4b:42:dc:7b:e1:15:bc:e1:bf:
b8:b2:17:1f:4e:57:e0:02:35:6f:1e:4b:be:58:22:
30:37:73:e0:ce:86:fb:26:22:e4:4d:49:e4:f2:b9:
93:a6:ae:d8:21:ba:e2:76:ad:44:2c:26:28:8a:1b:
4d:64:00:6e:5d:70:af:ec:aa:91:a7:1d:37:50:a3:
cc:c2:2d:4c:aa:f7:6d:e4:a8:ea:7f:18:b3:f6:93:
b0:4f:56:90:10:30:8c:ef:3c:f7:7c:3a:99:14:54:
84:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D3:73:FF:48:77:8F:0E:49:C6:4C:7A:DC:D5:CD:F3:6B:7F:0C:99
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNNz_0h3jw5Jxkx63NXN82t_DJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:d0::/48
2a0f:b241:103::/48
Signature Algorithm: sha256WithRSAEncryption
78:2d:4c:c8:1d:7a:53:29:81:be:13:b0:d2:17:3f:66:4e:12:
bb:60:ad:bc:e0:8f:45:90:91:4b:a3:17:a9:a6:d9:29:65:1a:
c2:e2:71:b9:8b:b5:f2:fb:7b:2a:d2:94:54:1f:46:75:53:50:
7c:3e:df:70:a1:5b:58:8c:04:99:43:d9:65:ca:c2:b4:47:34:
fd:49:13:5a:f0:18:9b:ac:6f:0f:19:ed:24:25:6d:54:d3:5a:
3c:20:64:e0:bd:50:09:c3:52:d3:38:a1:ca:ff:35:ce:8d:4e:
39:36:d2:1f:43:08:db:7f:54:9f:48:78:b3:68:69:01:d5:25:
13:fe:d9:9e:87:1f:d4:ea:89:d4:fa:9a:e5:64:74:6b:e9:9b:
82:62:3b:e9:7e:22:7f:7c:d1:10:4b:64:47:28:c3:cb:8c:cc:
29:32:16:14:f4:7b:05:27:16:cb:fd:71:da:09:f5:50:67:31:
34:c4:7a:21:36:a3:eb:3e:fd:10:16:9b:cb:3b:f8:d0:f8:ba:
a9:33:11:ef:5f:2f:85:68:8b:43:83:1f:f4:98:c5:45:34:cb:
76:f4:af:ec:00:2b:af:6a:11:35:f0:90:af:76:28:82:fe:41:
c1:b4:27:b9:8c:48:6b:0b:a9:ea:be:bf:b0:04:21:3c:7e:f2:
c3:36:b6:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2B8K1dI1GZSO9cPydBIR+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QzNzNmZjQ4Nzc4ZjBlNDljNjRjN2FkY2Q1Y2RmMzZiN2YwYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6IjW5OijNOZPsJwYJJY/KULqytM
7SdMG8yMAY4D6phwpqB5A0hd3skReOvOAZTn70pwcC9rDeo4iiFp3a7xAyC3uaoZ
7WOSQBCZPLoMiaq6sMmEJEfSQgCtYs5wV6/+YAh0PbtNgk2dHS4+Oj3EMYT55bqG
YiR5xlWzRWQAU3HrBrnJvC/pfJYBHzki9cN4LcvhxqhIYvVPHW9LQtx74RW84b+4
shcfTlfgAjVvHku+WCIwN3Pgzob7JiLkTUnk8rmTpq7YIbridq1ELCYoihtNZABu
XXCv7KqRpx03UKPMwi1Mqvdt5Kjqfxiz9pOwT1aQEDCM7zz3fDqZFFSEVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEzTc/9Id48OScZMetzVzfNrfwyZMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVE5Oel8waDNqdzVKeGt4NjNOWE44MnRfREprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQDQ
AwcAKg+yQQEDMA0GCSqGSIb3DQEBCwUAA4IBAQB4LUzIHXpTKYG+E7DSFz9mThK7
YK284I9FkJFLoxepptkpZRrC4nG5i7Xy+3sq0pRUH0Z1U1B8Pt9woVtYjASZQ9ll
ysK0RzT9SRNa8BibrG8PGe0kJW1U01o8IGTgvVAJw1LTOKHK/zXOjU45NtIfQwjb
f1SfSHizaGkB1SUT/tmehx/U6onU+prlZHRr6ZuCYjvpfiJ/fNEQS2RHKMPLjMwp
MhYU9HsFJxbL/XHaCfVQZzE0xHohNqPrPv0QFpvLO/jQ+LqpMxHvXy+FaItDgx/0
mMVFNMt29K/sACuvahE18JCvdiiC/kHBtCe5jEhrC6nqvr+wBCE8fvLDNrZJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org