Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNpxbilrNLzrvAGTKwnf9VP-va0.roa
File: TNpxbilrNLzrvAGTKwnf9VP-va0.roa (raw, json)
Hash identifier: 6lpWL3nRD3eIjTf5PnVt/X/EjGUBwnTgWlFe6jaulYA=
Subject key identifier: 4C:DA:71:6E:29:6B:34:BC:EB:BC:01:93:2B:09:DF:F5:53:FE:BD:AD
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7DF9BD941326D50D0239F27410ACAF91
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNpxbilrNLzrvAGTKwnf9VP-va0.roa
Signing time: Tue 06 Feb 2024 10:32:15 +0000
ROA not before: Tue 06 Feb 2024 10:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197622
IP address blocks: 2a0f:b241:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:f9:bd:94:13:26:d5:0d:02:39:f2:74:10:ac:af:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 10:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cda716e296b34bcebbc01932b09dff553febdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:0e:bf:57:f8:4c:d9:a0:ac:b6:2b:77:2f:
0a:7e:a1:58:bd:d3:34:eb:9b:72:f5:e3:bd:17:1d:
cc:45:de:6d:b0:0a:97:57:4a:73:cc:eb:13:ef:78:
60:41:a8:3e:32:31:67:57:d0:08:bf:d7:7e:e9:af:
3c:58:6f:d8:d3:84:89:3f:e5:c2:da:cf:27:d2:fd:
ee:b1:03:71:e1:5a:37:02:05:07:c8:fe:5a:c6:66:
3c:13:04:04:7c:d7:2a:53:9f:a0:ae:b1:b7:66:87:
60:84:bb:fe:32:df:c9:0b:32:bc:26:21:77:2d:9c:
b6:4b:70:66:5e:11:47:06:5f:87:0e:73:9b:fb:45:
b3:e4:50:ef:4a:8b:b3:88:67:23:83:3f:b3:03:bb:
a3:21:b2:be:6b:e5:75:13:95:6d:c3:02:ae:41:9b:
dd:58:9f:93:b1:30:85:a2:69:d7:f3:a2:88:1b:82:
07:69:8b:bd:f9:3e:c0:84:d4:5b:44:0c:59:97:cb:
b0:5e:09:35:2c:66:89:83:2b:d0:fe:0e:a4:5c:de:
c8:e7:7a:8e:18:c5:5e:9f:67:3f:f8:9d:c2:9d:d8:
c1:0b:07:12:cd:e1:4b:fe:e5:53:ab:a0:ff:5e:ab:
cb:11:59:2e:07:66:e0:38:09:09:4f:8d:6f:c8:67:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DA:71:6E:29:6B:34:BC:EB:BC:01:93:2B:09:DF:F5:53:FE:BD:AD
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNpxbilrNLzrvAGTKwnf9VP-va0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:c::/48
Signature Algorithm: sha256WithRSAEncryption
45:cf:aa:bc:a2:49:b8:e9:d1:76:d2:16:ac:68:51:46:93:22:
5d:ec:9c:0e:cd:1b:73:4f:61:d0:a0:42:05:cc:26:8c:05:7b:
59:4d:2a:37:0a:df:f8:fb:d4:68:30:f8:f4:67:18:d4:51:15:
b0:b7:ab:dd:34:af:07:78:52:b7:1f:09:94:0b:af:cb:23:9c:
95:7f:7c:50:52:53:90:43:66:53:a2:d0:7f:bb:09:0e:d6:78:
66:04:4c:4a:7a:d7:10:b6:40:b0:bb:7a:12:20:1a:9c:a9:53:
62:e5:96:e1:90:df:c2:8f:26:b3:dc:36:03:5f:f2:ee:71:55:
60:10:12:71:44:0a:c3:b1:8c:61:0f:c4:e1:2a:9f:7a:74:10:
fc:f0:27:c2:76:62:b6:24:a1:b1:18:27:17:eb:4b:ad:b0:cb:
68:b7:22:7a:3a:5c:eb:85:6d:23:0a:01:19:fc:38:be:c4:a1:
9b:80:87:62:31:00:54:73:83:85:6b:25:a8:29:52:ca:10:20:
21:ef:89:19:db:46:73:6f:8b:a2:9f:b8:ba:e0:8a:76:7f:7e:
7c:d8:93:c4:5c:0c:9a:22:0b:d5:e0:ba:fd:86:55:06:6f:c2:
2e:b0:f0:a7:2f:61:ea:8a:06:d4:94:62:8c:df:b9:c1:ce:aa:
02:ad:5f:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY19+b2UEybVDQI58nQQrK+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTAzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RhNzE2ZTI5NmIzNGJjZWJiYzAxOTMyYjA5ZGZmNTUzZmViZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyusOv1f4TNmgrLYrdy8KfqFYvdM0
65ty9eO9Fx3MRd5tsAqXV0pzzOsT73hgQag+MjFnV9AIv9d+6a88WG/Y04SJP+XC
2s8n0v3usQNx4Vo3AgUHyP5axmY8EwQEfNcqU5+grrG3ZodghLv+Mt/JCzK8JiF3
LZy2S3BmXhFHBl+HDnOb+0Wz5FDvSouziGcjgz+zA7ujIbK+a+V1E5VtwwKuQZvd
WJ+TsTCFomnX86KIG4IHaYu9+T7AhNRbRAxZl8uwXgk1LGaJgyvQ/g6kXN7I53qO
GMVen2c/+J3CndjBCwcSzeFL/uVTq6D/XqvLEVkuB2bgOAkJT41vyGfs5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEzacW4pazS867wBkysJ3/VT/r2tMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVE5weGJpbHJOTHpydkFHVEt3bmY5VlAtdmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAM
MA0GCSqGSIb3DQEBCwUAA4IBAQBFz6q8okm46dF20hasaFFGkyJd7JwOzRtzT2HQ
oEIFzCaMBXtZTSo3Ct/4+9RoMPj0ZxjUURWwt6vdNK8HeFK3HwmUC6/LI5yVf3xQ
UlOQQ2ZTotB/uwkO1nhmBExKetcQtkCwu3oSIBqcqVNi5ZbhkN/Cjyaz3DYDX/Lu
cVVgEBJxRArDsYxhD8ThKp96dBD88CfCdmK2JKGxGCcX60utsMtotyJ6OlzrhW0j
CgEZ/Di+xKGbgIdiMQBUc4OFayWoKVLKECAh74kZ20Zzb4uin7i64Ip2f3582JPE
XAyaIgvV4Lr9hlUGb8IusPCnL2HqigbUlGKM37nBzqoCrV/+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org