Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fWzWFleCokd7bS35wGRpQBk1KYg.roa
File: fWzWFleCokd7bS35wGRpQBk1KYg.roa (raw, json)
Hash identifier: vdWneuIYpGaW5JRMXlcM2YsF4QgTi0FFEylvek2O/CI=
Subject key identifier: 7D:6C:D6:16:57:82:A2:47:7B:6D:2D:F9:C0:64:69:40:19:35:29:88
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD5AB4731A809615E19014470CBBA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fWzWFleCokd7bS35wGRpQBk1KYg.roa
Signing time: Tue 06 Feb 2024 18:25:18 +0000
ROA not before: Tue 06 Feb 2024 18:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203619
IP address blocks: 2a0f:b241:e5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d5:ab:47:31:a8:09:61:5e:19:01:44:70:cb:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d6cd6165782a2477b6d2df9c064694019352988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:e8:c4:0c:c2:97:31:20:21:e6:08:69:b2:
62:03:28:ab:49:77:c9:1c:ca:c1:ac:1a:08:97:5d:
71:41:2a:38:ad:ef:f2:04:ac:82:db:f1:d7:d2:27:
d1:2a:de:be:f4:65:a1:40:75:90:23:91:e6:97:dc:
c7:94:fb:82:8a:a5:98:41:9c:65:55:ef:90:08:5e:
d6:65:1e:48:f1:0e:f7:ac:be:d1:0d:54:b9:ad:b3:
d3:f8:b2:95:ff:69:a5:cf:1a:3d:4f:fb:62:d4:8c:
43:1a:12:6b:30:a2:56:c8:07:30:bb:be:c9:5f:75:
6e:17:93:96:dc:e9:3f:e1:a2:11:20:5f:eb:97:d7:
54:df:44:cc:b0:7c:32:df:cd:d8:45:b5:d4:6e:f7:
e4:79:33:ce:29:9e:57:5e:0d:17:35:ce:e9:9c:02:
af:e7:fc:87:00:46:aa:98:d0:28:4f:41:ac:51:29:
7b:9f:07:c6:21:a4:1c:17:cb:8a:7f:4c:0d:25:4f:
4c:f7:06:90:a8:e0:46:7e:80:10:aa:30:3e:1d:9c:
1e:f5:de:9c:24:8a:e3:4a:5f:82:77:7e:0a:a6:dc:
1d:53:58:23:3e:fc:a4:6d:f3:70:12:bc:a0:e5:fe:
56:52:84:f0:41:a7:1c:ec:ec:c8:6b:d5:67:96:2c:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:6C:D6:16:57:82:A2:47:7B:6D:2D:F9:C0:64:69:40:19:35:29:88
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fWzWFleCokd7bS35wGRpQBk1KYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e5::/48
Signature Algorithm: sha256WithRSAEncryption
65:4c:99:91:ea:c3:4b:a1:a6:43:95:d7:8c:03:54:83:68:2f:
36:c9:18:7a:11:e1:40:ca:de:2c:59:e2:78:84:e9:c0:4f:2f:
e0:59:45:a9:54:05:9f:cf:74:67:5c:fe:dd:7d:d8:46:ff:c5:
59:62:bd:02:e4:08:27:53:77:8d:09:2e:fd:6e:2a:2b:f1:01:
94:0c:11:a8:ba:74:a4:1c:7f:76:e7:aa:d6:dc:2f:6a:4d:98:
ac:bc:c5:b2:2e:1c:0c:20:69:f8:c6:60:5a:15:55:65:22:1b:
92:82:bb:5a:70:1e:a9:a8:27:54:a6:a0:55:67:86:ad:e9:a3:
c3:33:d0:76:6c:9e:d8:4e:51:10:87:8f:ed:77:29:6f:30:07:
b7:4a:75:37:a1:34:30:16:91:0a:31:1b:c6:2e:ee:81:fc:9b:
23:92:7b:3c:65:27:c4:ef:9c:e9:95:da:4c:2a:43:4a:13:ab:
ba:b8:d5:88:00:e2:92:7a:99:5e:00:45:19:a1:09:ad:28:a3:
ba:0f:83:69:fc:2d:47:65:1e:25:47:2e:79:d4:93:d2:36:d9:
15:d8:77:11:1e:79:b7:a3:46:74:0d:61:e3:76:1f:0d:c5:27:
31:79:4d:93:2b:de:0a:d4:d0:7d:cc:7b:95:66:d7:9e:74:f9:
04:82:e0:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtWrRzGoCWFeGQFEcMu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDZjZDYxNjU3ODJhMjQ3N2I2ZDJkZjljMDY0Njk0MDE5MzUyOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7HoxAzClzEgIeYIabJiAyirSXfJ
HMrBrBoIl11xQSo4re/yBKyC2/HX0ifRKt6+9GWhQHWQI5Hml9zHlPuCiqWYQZxl
Ve+QCF7WZR5I8Q73rL7RDVS5rbPT+LKV/2mlzxo9T/ti1IxDGhJrMKJWyAcwu77J
X3VuF5OW3Ok/4aIRIF/rl9dU30TMsHwy383YRbXUbvfkeTPOKZ5XXg0XNc7pnAKv
5/yHAEaqmNAoT0GsUSl7nwfGIaQcF8uKf0wNJU9M9waQqOBGfoAQqjA+HZwe9d6c
JIrjSl+Cd34KptwdU1gjPvykbfNwEryg5f5WUoTwQacc7OzIa9VnlixF7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH1s1hZXgqJHe20t+cBkaUAZNSmIMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZld6V0ZsZUNva2Q3YlMzNXdHUnBRQmsxS1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDl
MA0GCSqGSIb3DQEBCwUAA4IBAQBlTJmR6sNLoaZDldeMA1SDaC82yRh6EeFAyt4s
WeJ4hOnATy/gWUWpVAWfz3RnXP7dfdhG/8VZYr0C5AgnU3eNCS79bior8QGUDBGo
unSkHH9256rW3C9qTZisvMWyLhwMIGn4xmBaFVVlIhuSgrtacB6pqCdUpqBVZ4at
6aPDM9B2bJ7YTlEQh4/tdylvMAe3SnU3oTQwFpEKMRvGLu6B/Jsjkns8ZSfE75zp
ldpMKkNKE6u6uNWIAOKSepleAEUZoQmtKKO6D4Np/C1HZR4lRy551JPSNtkV2HcR
Hnm3o0Z0DWHjdh8NxScxeU2TK94K1NB9zHuVZteedPkEguAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org