Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hUWfzOmMS6GfwJmn-LX-8LGITFA.roa
File: hUWfzOmMS6GfwJmn-LX-8LGITFA.roa (raw, json)
Hash identifier: QDkajtrrwjNaGD5BmnqRY/AMbs+b3Yqzy6klGZHU9xc=
Subject key identifier: 85:45:9F:CC:E9:8C:4B:A1:9F:C0:99:A7:F8:B5:FE:F0:B1:88:4C:50
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F060CFAE038F6588CFED7E902B3681
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hUWfzOmMS6GfwJmn-LX-8LGITFA.roa
Signing time: Wed 07 Feb 2024 05:00:30 +0000
ROA not before: Wed 07 Feb 2024 05:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49926
IP address blocks: 2a0f:b241:15d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:60:cf:ae:03:8f:65:88:cf:ed:7e:90:2b:36:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85459fcce98c4ba19fc099a7f8b5fef0b1884c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d6:d4:35:2e:ee:16:b6:cf:d3:7e:48:11:4b:
60:74:6f:5f:35:77:1e:50:8d:44:8b:e6:a9:5d:f3:
ae:81:2d:59:2d:1f:c7:7c:42:b3:5b:ac:c9:16:ec:
37:0f:d6:d1:a7:b8:fc:3a:a6:2f:8f:b9:da:7b:ec:
2f:43:20:a5:18:e2:1b:fe:bb:4c:1b:a8:33:85:d2:
58:38:25:15:e2:5d:45:bd:70:0e:b6:41:d9:e6:db:
8b:56:f4:7f:43:e6:7a:a4:4b:08:79:5d:d8:21:40:
19:c7:d6:8c:29:9a:43:fb:83:9b:10:8b:11:aa:29:
89:93:a8:b8:7e:ad:71:4b:cc:18:7d:af:67:de:2f:
69:73:db:2f:ee:c8:2e:c1:91:4c:f9:94:9e:b7:b3:
e5:63:f9:b9:15:1f:eb:70:82:f3:5a:ba:7c:e5:15:
81:5a:18:4f:29:04:c7:e1:1d:33:67:2d:a1:03:ff:
ab:c1:d6:42:9d:46:bf:27:31:f8:e4:e9:3d:17:81:
b3:6f:8f:4f:ab:52:3e:ea:4b:9f:30:bf:48:8e:73:
94:a4:8b:ae:f1:83:ed:b1:f0:b9:fe:df:e4:f8:fb:
3e:9c:96:f9:a4:22:08:c8:70:04:e9:1e:89:01:6b:
14:b2:01:f8:ad:03:aa:9a:c6:1e:07:87:e4:2e:9c:
f7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:45:9F:CC:E9:8C:4B:A1:9F:C0:99:A7:F8:B5:FE:F0:B1:88:4C:50
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hUWfzOmMS6GfwJmn-LX-8LGITFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:15d::/48
Signature Algorithm: sha256WithRSAEncryption
8d:06:fc:5c:26:09:62:81:60:0c:e8:64:a8:d1:da:72:56:74:
62:81:ff:45:0c:14:24:2f:a6:68:29:ec:b6:84:ad:40:b7:31:
17:5f:b9:45:8e:9b:04:dd:dc:fb:5f:a8:51:d5:0c:8d:f3:49:
ed:09:33:fa:76:68:a6:8f:d8:45:9b:18:4f:5d:af:92:22:24:
31:2a:3e:fd:05:5e:fd:15:3f:0e:68:54:3c:5c:e3:cb:72:4a:
ae:7f:54:83:58:1e:0a:94:7f:ad:5e:74:24:81:f8:c1:8a:f8:
43:a8:1f:9a:50:01:15:79:30:1a:26:cb:c6:43:dd:ae:2f:a3:
12:ed:e8:14:fd:5c:c4:f9:c9:6d:48:5a:3d:49:95:f4:09:6e:
61:d7:11:e1:9d:37:90:ef:60:26:05:1f:99:92:d1:f1:29:26:
a3:1c:fe:f0:dc:8e:59:ec:5d:e2:63:95:10:5f:78:da:51:58:
db:7a:4c:75:31:7b:a1:f3:f4:e7:a3:1d:ff:6d:d9:f2:78:43:
e2:0c:52:78:4f:ca:b0:7e:f1:65:27:73:39:d6:99:42:70:0f:
9a:77:9e:2d:c5:74:f3:fe:eb:dc:47:bc:33:68:49:8c:a7:09:
50:58:28:63:de:60:5a:96:e6:f8:e7:3f:94:fb:7c:8c:b4:ff:
76:e0:7e:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GDPrgOPZYjP7X6QKzaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ1OWZjY2U5OGM0YmExOWZjMDk5YTdmOGI1ZmVmMGIxODg0YzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntbUNS7uFrbP035IEUtgdG9fNXce
UI1Ei+apXfOugS1ZLR/HfEKzW6zJFuw3D9bRp7j8OqYvj7nae+wvQyClGOIb/rtM
G6gzhdJYOCUV4l1FvXAOtkHZ5tuLVvR/Q+Z6pEsIeV3YIUAZx9aMKZpD+4ObEIsR
qimJk6i4fq1xS8wYfa9n3i9pc9sv7sguwZFM+ZSet7PlY/m5FR/rcILzWrp85RWB
WhhPKQTH4R0zZy2hA/+rwdZCnUa/JzH45Ok9F4Gzb49Pq1I+6kufML9IjnOUpIuu
8YPtsfC5/t/k+Ps+nJb5pCIIyHAE6R6JAWsUsgH4rQOqmsYeB4fkLpz3SwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIVFn8zpjEuhn8CZp/i1/vCxiExQMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaFVXZnpPbU1TNkdmd0ptbi1MWC04TEdJVEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFd
MA0GCSqGSIb3DQEBCwUAA4IBAQCNBvxcJgligWAM6GSo0dpyVnRigf9FDBQkL6Zo
Key2hK1AtzEXX7lFjpsE3dz7X6hR1QyN80ntCTP6dmimj9hFmxhPXa+SIiQxKj79
BV79FT8OaFQ8XOPLckquf1SDWB4KlH+tXnQkgfjBivhDqB+aUAEVeTAaJsvGQ92u
L6MS7egU/VzE+cltSFo9SZX0CW5h1xHhnTeQ72AmBR+ZktHxKSajHP7w3I5Z7F3i
Y5UQX3jaUVjbekx1MXuh8/Tnox3/bdnyeEPiDFJ4T8qwfvFlJ3M51plCcA+ad54t
xXTz/uvcR7wzaEmMpwlQWChj3mBalub45z+U+3yMtP924H4r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org