Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ffvEzebMFqDeXCdS7JIwQmtdMu8.roa
File: ffvEzebMFqDeXCdS7JIwQmtdMu8.roa (raw, json)
Hash identifier: oTWX+6F10bsyaGhjyQcs4VO7m5bilvqw/+tcIeaPtj4=
Subject key identifier: 7D:FB:C4:CD:E6:CC:16:A0:DE:5C:27:52:EC:92:30:42:6B:5D:32:EF
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8BA87CF01DD4DCE8E76CE339B6A5C4
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ffvEzebMFqDeXCdS7JIwQmtdMu8.roa
Signing time: Tue 06 Feb 2024 17:51:15 +0000
ROA not before: Tue 06 Feb 2024 17:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198959
IP address blocks: 2a0f:b241:17::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8b:a8:7c:f0:1d:d4:dc:e8:e7:6c:e3:39:b6:a5:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dfbc4cde6cc16a0de5c2752ec9230426b5d32ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:e3:06:89:61:9e:07:c4:fe:fc:9b:d8:7f:
d9:d9:3c:8a:c3:a3:33:1b:4a:9e:80:6f:e2:66:50:
c0:f5:4f:5a:8f:30:b3:4f:75:6e:b1:e1:7a:c6:b5:
f4:d2:ea:3d:c3:81:c2:11:4c:61:72:db:0b:2b:c4:
18:b7:ee:d3:b3:46:e8:5e:26:a4:bc:e7:78:a9:e8:
97:4c:2e:2f:67:e0:58:ae:26:69:60:41:ab:61:86:
4c:4d:a5:d6:f7:71:20:6a:3b:c5:2b:60:1b:1d:a6:
5e:3b:58:27:0d:f8:fe:e7:08:ec:ed:66:f2:52:0a:
ff:3a:17:b3:0f:8d:0a:74:43:0c:df:0b:0a:67:81:
30:75:49:4a:a7:04:1c:88:a2:67:97:ef:d6:d6:50:
c3:25:fc:50:57:25:6d:79:6b:9e:08:d9:a8:04:03:
ed:fd:85:4f:bf:16:b2:b7:77:cf:bc:c2:d7:20:3d:
4b:0e:e1:14:9f:5a:86:72:24:cb:1e:0d:cd:49:9c:
d1:84:5c:97:c9:70:d2:ab:7c:29:c3:c2:56:40:a3:
dd:2e:8e:02:98:c6:a2:6b:72:0e:cf:ee:37:09:6c:
c8:29:5d:e7:36:e3:60:77:0a:84:21:bc:f3:47:6a:
3f:cc:ee:74:05:bf:41:26:4d:7e:57:17:82:62:0b:
bb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FB:C4:CD:E6:CC:16:A0:DE:5C:27:52:EC:92:30:42:6B:5D:32:EF
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ffvEzebMFqDeXCdS7JIwQmtdMu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:17::/48
Signature Algorithm: sha256WithRSAEncryption
22:ac:e8:8a:b9:d2:da:d6:f7:09:02:8c:7c:5f:c6:1a:8e:9b:
2b:65:79:5e:cb:84:31:8f:7d:1f:8a:79:db:ab:7f:09:33:22:
60:67:aa:96:38:55:6c:c9:a5:57:50:f3:5a:b7:76:32:4a:72:
65:70:70:3b:5e:e4:9b:d0:c6:cf:b1:84:c1:c7:75:a9:fc:f6:
f2:8b:d4:d7:7b:46:f8:40:13:10:a8:27:01:cc:78:90:d8:ad:
bf:b8:b8:3b:57:59:a3:68:67:c9:84:2d:04:49:89:ad:8a:21:
52:35:4e:bf:f7:ed:96:b1:83:89:ef:c8:a2:50:9c:a0:bc:33:
f5:40:58:cc:04:05:c4:d2:e4:e0:76:8c:29:53:b4:83:13:5c:
af:0c:a8:f5:e6:1b:99:d9:e1:04:55:2a:7b:c1:2d:6c:f0:3a:
da:68:b8:26:a1:f4:b3:ee:6a:7a:70:88:b3:38:6f:62:5e:d7:
a6:a8:95:bf:21:74:94:89:78:f0:01:da:e2:31:09:0c:8f:37:
f4:f5:7f:55:27:8f:24:aa:51:45:a9:78:5f:e4:33:8c:ad:05:
54:03:08:c6:3b:fe:8a:ba:88:67:d3:a3:9b:fb:51:0c:21:3a:
ba:27:62:36:ae:a4:e9:bf:b6:de:3e:5f:89:f1:df:18:60:e7:
ac:c5:b1:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/i6h88B3U3OjnbOM5tqXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZiYzRjZGU2Y2MxNmEwZGU1YzI3NTJlYzkyMzA0MjZiNWQzMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizDjBolhngfE/vyb2H/Z2TyKw6Mz
G0qegG/iZlDA9U9ajzCzT3VuseF6xrX00uo9w4HCEUxhctsLK8QYt+7Ts0boXiak
vOd4qeiXTC4vZ+BYriZpYEGrYYZMTaXW93EgajvFK2AbHaZeO1gnDfj+5wjs7Wby
Ugr/OhezD40KdEMM3wsKZ4EwdUlKpwQciKJnl+/W1lDDJfxQVyVteWueCNmoBAPt
/YVPvxayt3fPvMLXID1LDuEUn1qGciTLHg3NSZzRhFyXyXDSq3wpw8JWQKPdLo4C
mMaia3IOz+43CWzIKV3nNuNgdwqEIbzzR2o/zO50Bb9BJk1+VxeCYgu7rwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH37xM3mzBag3lwnUuySMEJrXTLvMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZmZ2RXplYk1GcURlWENkUzdKSXdRbXRkTXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAX
MA0GCSqGSIb3DQEBCwUAA4IBAQAirOiKudLa1vcJAox8X8YajpsrZXley4Qxj30f
innbq38JMyJgZ6qWOFVsyaVXUPNat3YySnJlcHA7XuSb0MbPsYTBx3Wp/Pbyi9TX
e0b4QBMQqCcBzHiQ2K2/uLg7V1mjaGfJhC0ESYmtiiFSNU6/9+2WsYOJ78iiUJyg
vDP1QFjMBAXE0uTgdowpU7SDE1yvDKj15huZ2eEEVSp7wS1s8DraaLgmofSz7mp6
cIizOG9iXtemqJW/IXSUiXjwAdriMQkMjzf09X9VJ48kqlFFqXhf5DOMrQVUAwjG
O/6Kuohn06Ob+1EMITq6J2I2rqTpv7bePl+J8d8YYOesxbEX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org