Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ahj7NEmY3Rv62PYMSMlxBFOsQfs.roa
File: ahj7NEmY3Rv62PYMSMlxBFOsQfs.roa (raw, json)
Hash identifier: 5cxR5h31Lbz29oYXMslg/M883vDch3cc3PzIvb8USkk=
Subject key identifier: 6A:18:FB:34:49:98:DD:1B:FA:D8:F6:0C:48:C9:71:04:53:AC:41:FB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA72ADB3EBAB368F60B3F2FD010CB6C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ahj7NEmY3Rv62PYMSMlxBFOsQfs.roa
Signing time: Tue 06 Feb 2024 18:21:18 +0000
ROA not before: Tue 06 Feb 2024 18:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199566
IP address blocks: 2a0f:b241:85::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a7:2a:db:3e:ba:b3:68:f6:0b:3f:2f:d0:10:cb:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a18fb344998dd1bfad8f60c48c9710453ac41fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f9:7d:2f:fa:9a:2d:49:df:fa:ba:2c:13:d2:
da:96:e4:74:5e:48:d1:75:64:f9:5f:3b:38:46:cf:
43:a1:30:07:8d:26:24:c3:49:1e:9f:ae:17:33:9c:
82:08:da:e7:3c:fa:a2:33:61:31:e5:63:8e:62:fc:
9f:90:0c:f9:92:05:5a:4d:92:4b:d3:de:69:39:b3:
1a:6d:7f:9d:6c:35:01:f6:4b:45:db:c0:3e:59:07:
bf:d9:22:9d:12:4b:35:39:01:45:90:31:ca:4d:5f:
71:26:8d:fb:0d:51:26:7e:89:07:2d:03:a5:72:3d:
62:31:02:0f:54:fa:5a:15:50:b2:5a:79:0c:cf:ab:
8d:5b:84:73:47:6b:09:99:bd:ea:77:3f:fd:b3:83:
d7:85:ac:b1:0e:17:45:0e:b3:74:28:c4:e9:ad:a5:
c6:11:bd:87:f4:2e:61:83:0c:58:17:ed:4e:d3:b3:
5a:27:67:89:9a:b4:d0:c2:79:80:10:2c:97:ad:b1:
e3:01:25:15:c9:02:dd:fb:61:1b:66:b3:65:5b:a7:
a0:b4:e4:45:8b:b5:e2:72:61:1f:0e:b6:18:7f:b4:
67:18:c4:5d:46:ce:86:23:c9:94:87:a8:82:94:ef:
71:3e:74:3e:04:ab:5e:7a:75:66:7b:cd:36:ce:09:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:18:FB:34:49:98:DD:1B:FA:D8:F6:0C:48:C9:71:04:53:AC:41:FB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ahj7NEmY3Rv62PYMSMlxBFOsQfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:85::/48
Signature Algorithm: sha256WithRSAEncryption
6d:33:35:f7:19:d1:4d:24:5b:16:44:dc:30:8f:f3:4d:d2:cd:
20:86:25:35:ff:b3:bf:97:b1:b2:c7:55:fb:58:b1:80:d3:80:
9e:f7:03:66:5b:94:01:7e:86:a7:97:4d:b2:be:86:3f:5c:62:
74:b3:d8:f5:c4:d1:37:68:e7:03:a2:4e:80:7a:e3:e3:88:df:
92:2f:fd:b0:e4:c9:db:7d:01:9f:ab:a9:72:aa:2e:a4:f5:40:
0e:9c:68:80:b6:fa:2b:ee:8b:9f:60:12:53:eb:f1:4f:2b:32:
87:f5:05:ec:b0:7b:fd:ab:52:88:2c:5b:ed:02:5a:71:53:62:
2b:85:20:82:08:82:ca:b3:2e:0f:df:5f:b1:f1:ee:c5:3f:2d:
9c:f1:a7:fd:0e:fe:17:d1:c8:c9:ed:21:f4:c4:81:7a:c5:f4:
55:00:5f:5b:30:d3:fd:bc:d1:5d:70:25:a0:82:52:a4:f0:5d:
b1:0b:8f:99:31:f1:74:c1:22:43:68:33:f3:87:c5:e5:83:c5:
52:27:4d:56:e8:0b:92:02:5e:06:b7:f0:1e:72:1d:d5:9d:50:
c5:48:73:56:7d:11:20:c7:3f:58:81:14:0d:01:e6:30:19:fd:
e9:5b:0f:bd:de:28:58:3b:4b:d7:ba:3b:89:8a:7a:13:8b:e9:
04:40:90:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pyrbPrqzaPYLPy/QEMtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTE4ZmIzNDQ5OThkZDFiZmFkOGY2MGM0OGM5NzEwNDUzYWM0MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfl9L/qaLUnf+rosE9LaluR0XkjR
dWT5Xzs4Rs9DoTAHjSYkw0ken64XM5yCCNrnPPqiM2Ex5WOOYvyfkAz5kgVaTZJL
095pObMabX+dbDUB9ktF28A+WQe/2SKdEks1OQFFkDHKTV9xJo37DVEmfokHLQOl
cj1iMQIPVPpaFVCyWnkMz6uNW4RzR2sJmb3qdz/9s4PXhayxDhdFDrN0KMTpraXG
Eb2H9C5hgwxYF+1O07NaJ2eJmrTQwnmAECyXrbHjASUVyQLd+2EbZrNlW6egtORF
i7XicmEfDrYYf7RnGMRdRs6GI8mUh6iClO9xPnQ+BKteenVme802zgnaMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGoY+zRJmN0b+tj2DEjJcQRTrEH7MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYWhqN05FbVkzUnY2MlBZTVNNbHhCRk9zUWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCF
MA0GCSqGSIb3DQEBCwUAA4IBAQBtMzX3GdFNJFsWRNwwj/NN0s0ghiU1/7O/l7Gy
x1X7WLGA04Ce9wNmW5QBfoanl02yvoY/XGJ0s9j1xNE3aOcDok6AeuPjiN+SL/2w
5MnbfQGfq6lyqi6k9UAOnGiAtvor7oufYBJT6/FPKzKH9QXssHv9q1KILFvtAlpx
U2IrhSCCCILKsy4P31+x8e7FPy2c8af9Dv4X0cjJ7SH0xIF6xfRVAF9bMNP9vNFd
cCWgglKk8F2xC4+ZMfF0wSJDaDPzh8Xlg8VSJ01W6AuSAl4Gt/Aech3VnVDFSHNW
fREgxz9YgRQNAeYwGf3pWw+93ihYO0vXujuJinoTi+kEQJAN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org