Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TtWUaRtaqQvtBr8ndPxGExUb3lk.roa
File: TtWUaRtaqQvtBr8ndPxGExUb3lk.roa (raw, json)
Hash identifier: Ng/v5MYPjPO5fLFiaV2A4AxXzTbCrQbwGqFDzffggMs=
Subject key identifier: 4E:D5:94:69:1B:5A:A9:0B:ED:06:BF:27:74:FC:46:13:15:1B:DE:59
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB7A7FF08F3AFD458925F79E59F5B4B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TtWUaRtaqQvtBr8ndPxGExUb3lk.roa
Signing time: Tue 06 Feb 2024 18:39:19 +0000
ROA not before: Tue 06 Feb 2024 18:39:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212925
IP address blocks: 2a0f:b241:14a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b7:a7:ff:08:f3:af:d4:58:92:5f:79:e5:9f:5b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:39:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ed594691b5aa90bed06bf2774fc4613151bde59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b5:a2:c1:a5:4d:b5:64:a4:4b:2e:26:05:6a:
e9:ca:f5:99:de:c0:c8:46:de:d8:4f:e5:ab:b2:74:
b9:1c:fb:de:79:a6:12:a6:96:d7:0d:0f:90:6a:ba:
d7:c9:5c:f9:71:7f:6a:1e:63:a8:be:b1:5a:c5:f3:
3d:48:18:38:71:0a:73:a2:fb:6c:85:93:f8:04:de:
bf:5a:3d:e1:1b:f9:ce:ba:2c:b8:bb:58:aa:8b:ba:
96:7d:b3:50:3a:9e:15:6b:45:96:f4:d6:0e:90:7e:
62:e6:dd:47:c7:38:64:fa:cd:05:3c:b4:19:53:f1:
f7:ff:8e:44:21:8a:14:4f:35:02:66:8a:22:b7:ac:
ce:1d:b8:a2:f6:41:b9:37:35:ef:7a:b8:b4:e5:a7:
30:8d:4d:53:6a:3b:42:64:71:7b:6a:c2:a4:4b:d2:
1b:d4:c0:16:b4:fb:9b:ec:2a:83:70:ad:4c:08:71:
f2:37:16:4d:1d:56:34:01:b1:5c:c0:fb:55:4c:7c:
2f:cf:5f:65:92:b3:41:d5:99:ba:e4:83:7c:17:a2:
a3:aa:3e:14:a2:eb:58:f2:7c:a4:1f:e4:e5:38:9b:
52:76:7d:07:0d:b8:3c:b4:6d:9e:13:7f:ce:b9:7e:
99:5b:41:36:9b:66:bd:4d:8c:69:d5:56:00:a8:82:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D5:94:69:1B:5A:A9:0B:ED:06:BF:27:74:FC:46:13:15:1B:DE:59
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TtWUaRtaqQvtBr8ndPxGExUb3lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:14a::/48
Signature Algorithm: sha256WithRSAEncryption
72:5a:c9:08:a8:8e:bc:76:8c:25:80:41:96:d8:bc:14:b9:2b:
51:08:ce:1e:98:ba:13:14:f3:d5:42:e4:e7:4f:bc:bc:88:c6:
1b:41:6b:94:bb:75:46:d0:31:b7:0e:11:c5:d8:fb:ed:52:2f:
89:cd:b7:ed:a3:02:36:7e:da:1d:cd:11:e5:97:49:3c:bb:48:
34:a1:93:4b:92:6e:7f:e6:f4:16:d1:1a:85:ec:44:15:94:b8:
37:08:c0:1c:29:6d:e2:8c:36:f8:2d:b8:63:3f:f9:8a:98:43:
a3:49:b5:a2:36:83:54:52:dd:2e:3a:f0:98:15:78:01:78:72:
f7:2f:49:b3:09:60:33:49:22:b8:3a:cf:da:21:0e:e2:3a:2d:
1d:b4:3b:c3:1f:fe:2a:5f:15:a0:cc:7f:4c:cf:90:fc:79:6f:
17:8a:f3:d5:8f:61:74:1f:af:64:e7:80:b9:16:60:74:22:d8:
e8:04:d5:b7:19:a4:e5:c0:c2:8c:26:12:8b:74:b7:e4:b4:36:
2c:3d:ee:b4:33:b3:f5:ea:ab:6b:a7:fb:67:46:d0:d7:69:c7:
55:ec:d3:ec:d3:52:90:1e:79:74:63:e3:de:49:0f:61:eb:ff:
61:88:0a:a1:b0:26:01:bf:42:98:6c:92:bf:01:2e:ba:26:3a:
ff:f0:3e:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6f/CPOv1FiSX3nln1tLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ1OTQ2OTFiNWFhOTBiZWQwNmJmMjc3NGZjNDYxMzE1MWJkZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrWiwaVNtWSkSy4mBWrpyvWZ3sDI
Rt7YT+WrsnS5HPveeaYSppbXDQ+QarrXyVz5cX9qHmOovrFaxfM9SBg4cQpzovts
hZP4BN6/Wj3hG/nOuiy4u1iqi7qWfbNQOp4Va0WW9NYOkH5i5t1Hxzhk+s0FPLQZ
U/H3/45EIYoUTzUCZooit6zOHbii9kG5NzXveri05acwjU1TajtCZHF7asKkS9Ib
1MAWtPub7CqDcK1MCHHyNxZNHVY0AbFcwPtVTHwvz19lkrNB1Zm65IN8F6Kjqj4U
outY8nykH+TlOJtSdn0HDbg8tG2eE3/OuX6ZW0E2m2a9TYxp1VYAqIL6wQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE7VlGkbWqkL7Qa/J3T8RhMVG95ZMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVHRXVWFSdGFxUXZ0QnI4bmRQeEdFeFViM2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFK
MA0GCSqGSIb3DQEBCwUAA4IBAQByWskIqI68dowlgEGW2LwUuStRCM4emLoTFPPV
QuTnT7y8iMYbQWuUu3VG0DG3DhHF2PvtUi+JzbftowI2ftodzRHll0k8u0g0oZNL
km5/5vQW0RqF7EQVlLg3CMAcKW3ijDb4LbhjP/mKmEOjSbWiNoNUUt0uOvCYFXgB
eHL3L0mzCWAzSSK4Os/aIQ7iOi0dtDvDH/4qXxWgzH9Mz5D8eW8XivPVj2F0H69k
54C5FmB0ItjoBNW3GaTlwMKMJhKLdLfktDYsPe60M7P16qtrp/tnRtDXacdV7NPs
01KQHnl0Y+PeSQ9h6/9hiAqhsCYBv0KYbJK/AS66Jjr/8D6m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org