Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bARPUHTquZRccKWPFZViBsdqZpA.roa
File: bARPUHTquZRccKWPFZViBsdqZpA.roa (raw, json)
Hash identifier: GctEuPH8PPoE1ZU0RVV5/LIWSTUqj5tOQZLG5S0tVaQ=
Subject key identifier: 6C:04:4F:50:74:EA:B9:94:5C:70:A5:8F:15:95:62:06:C7:6A:66:90
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7E86BBB1538AC3E8E7E73503B9DDA827
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bARPUHTquZRccKWPFZViBsdqZpA.roa
Signing time: Tue 06 Feb 2024 13:06:15 +0000
ROA not before: Tue 06 Feb 2024 13:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52025
IP address blocks: 2a0f:b241:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:86:bb:b1:53:8a:c3:e8:e7:e7:35:03:b9:dd:a8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 13:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c044f5074eab9945c70a58f15956206c76a6690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fb:cf:f0:c0:d2:e8:8a:68:fa:1c:c0:bd:8e:
5e:a7:28:f6:d2:43:f2:6e:9c:21:50:3b:9a:7e:e6:
1e:94:78:79:f5:eb:f3:38:d7:28:44:98:60:3e:7d:
86:98:7e:c5:c8:2d:f1:ed:5d:14:f8:60:9c:60:ce:
32:57:8a:60:d5:43:a1:60:37:4e:0f:a2:d0:c4:c8:
47:50:40:19:d4:17:f0:b3:1c:0d:dd:84:49:ae:bb:
77:ec:60:31:6e:9e:4c:38:a2:7c:be:f0:8c:72:85:
47:bf:30:5c:52:79:a2:e8:56:82:b6:bf:d7:7b:7e:
0e:43:a4:c1:d4:8c:26:e9:ab:87:62:1c:59:ba:d0:
b8:40:94:89:72:d1:3a:c9:41:76:f5:d8:f8:06:b6:
6e:ec:1f:23:29:43:01:33:bd:2f:4e:79:2b:c8:27:
96:10:33:eb:75:67:b5:9f:bf:70:cc:ef:8c:0c:e9:
51:29:1d:2e:fa:54:11:51:b7:98:d5:92:ce:fc:32:
cb:ce:20:10:a5:07:57:8a:88:ad:c6:f1:bd:6f:4a:
be:2b:06:3e:e5:1b:4b:0e:81:37:b8:e6:79:1b:aa:
56:12:c6:f3:f8:b0:88:cc:66:0d:1f:63:13:22:83:
0a:11:d2:d8:c3:4a:46:c0:29:8e:d3:7b:22:24:3f:
a6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:04:4F:50:74:EA:B9:94:5C:70:A5:8F:15:95:62:06:C7:6A:66:90
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bARPUHTquZRccKWPFZViBsdqZpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f::/48
Signature Algorithm: sha256WithRSAEncryption
2e:82:57:69:f3:9c:f9:64:11:5d:bd:22:84:8e:8c:d2:e1:b9:
bc:0a:92:6c:25:fd:30:b3:9f:41:42:d0:e4:e3:a3:8d:a8:dd:
bd:83:9d:2e:60:35:22:b1:37:13:ce:70:24:d1:28:18:42:41:
08:8d:ea:a2:a9:c0:51:29:b1:6f:cd:4a:bd:ac:fc:36:16:40:
50:05:28:e4:81:94:79:a6:db:3d:68:ff:94:1e:4d:fc:db:e4:
ee:42:02:60:7c:d3:7f:49:4c:68:fc:57:37:5a:88:af:db:ba:
83:84:4a:9e:7f:84:38:af:e2:25:88:4a:5c:8b:c2:3a:86:c7:
3c:1c:33:d2:d1:6f:7a:a2:a8:63:d1:99:50:43:81:9a:8e:b0:
27:f1:d2:f0:e9:4b:25:60:e4:eb:c9:61:51:e9:d5:81:6c:d0:
8b:30:f7:d4:82:a5:9c:5d:b4:1b:76:0a:5a:a4:7d:06:8b:7e:
18:6e:28:2d:8c:12:4f:8c:d5:de:db:3a:8c:46:43:77:a3:27:
1f:2e:d5:18:c4:7c:ef:8e:47:80:e3:fe:d8:9e:49:1d:b2:3d:
65:c3:72:7a:4c:98:c2:d5:4b:ec:a9:3f:01:b5:19:52:ba:a4:
99:fe:ca:e7:93:09:7e:62:32:aa:e6:c3:8f:e1:be:cf:b9:9a:
b0:0b:0e:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1+hruxU4rD6OfnNQO53agnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTMwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA0NGY1MDc0ZWFiOTk0NWM3MGE1OGYxNTk1NjIwNmM3NmE2NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfvP8MDS6Ipo+hzAvY5epyj20kPy
bpwhUDuafuYelHh59evzONcoRJhgPn2GmH7FyC3x7V0U+GCcYM4yV4pg1UOhYDdO
D6LQxMhHUEAZ1BfwsxwN3YRJrrt37GAxbp5MOKJ8vvCMcoVHvzBcUnmi6FaCtr/X
e34OQ6TB1Iwm6auHYhxZutC4QJSJctE6yUF29dj4BrZu7B8jKUMBM70vTnkryCeW
EDPrdWe1n79wzO+MDOlRKR0u+lQRUbeY1ZLO/DLLziAQpQdXioitxvG9b0q+KwY+
5RtLDoE3uOZ5G6pWEsbz+LCIzGYNH2MTIoMKEdLYw0pGwCmO03siJD+mcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGwET1B06rmUXHCljxWVYgbHamaQMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYkFSUFVIVHF1WlJjY0tXUEZaVmlCc2RxWnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAP
MA0GCSqGSIb3DQEBCwUAA4IBAQAugldp85z5ZBFdvSKEjozS4bm8CpJsJf0ws59B
QtDk46ONqN29g50uYDUisTcTznAk0SgYQkEIjeqiqcBRKbFvzUq9rPw2FkBQBSjk
gZR5pts9aP+UHk382+TuQgJgfNN/SUxo/Fc3Woiv27qDhEqef4Q4r+IliEpci8I6
hsc8HDPS0W96oqhj0ZlQQ4GajrAn8dLw6UslYOTryWFR6dWBbNCLMPfUgqWcXbQb
dgpapH0Gi34YbigtjBJPjNXe2zqMRkN3oycfLtUYxHzvjkeA4/7Ynkkdsj1lw3J6
TJjC1UvsqT8BtRlSuqSZ/srnkwl+YjKq5sOP4b7PuZqwCw75
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org