Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hwMX_Hi15JXEoCVI4QnH8xAB0rA.roa
File: hwMX_Hi15JXEoCVI4QnH8xAB0rA.roa (raw, json)
Hash identifier: yoKeJWAikMWEsrgboquYohb7AzWSw6uHyXxqvlTkklA=
Subject key identifier: 87:03:17:FC:78:B5:E4:95:C4:A0:25:48:E1:09:C7:F3:10:01:D2:B0
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAACF5CDB4163307851EA66BE0637CD
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hwMX_Hi15JXEoCVI4QnH8xAB0rA.roa
Signing time: Tue 06 Feb 2024 18:25:17 +0000
ROA not before: Tue 06 Feb 2024 18:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201504
IP address blocks: 2a0f:b241:df::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:cf:5c:db:41:63:30:78:51:ea:66:be:06:37:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=870317fc78b5e495c4a02548e109c7f31001d2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:f7:08:31:7e:a9:56:c9:60:17:b4:63:46:
47:d6:f5:4e:ab:3a:45:8c:d1:d2:5c:b2:a8:fd:4d:
87:cd:de:1a:d7:a3:6d:26:69:c2:af:53:b8:50:48:
a2:94:80:46:ef:de:e5:ba:18:4a:eb:c7:a0:73:6b:
1f:ac:99:bf:9c:bb:0c:7b:54:0e:e5:7f:48:0f:70:
4f:77:52:bc:b2:ef:8b:ca:be:07:29:61:52:be:9a:
e2:04:36:8e:51:bb:3d:d6:21:bb:42:4d:58:5d:65:
ba:2c:cd:b6:93:a3:43:8d:bc:fb:20:9b:ef:b9:aa:
ea:49:1d:e4:e4:3b:7e:c4:b2:b2:43:a2:df:f7:8e:
49:55:ae:50:b4:3f:95:fb:d7:c7:3f:17:c7:7c:64:
dc:20:36:ed:f1:13:9f:34:12:44:f9:fb:dd:00:33:
9e:b4:a1:e6:f4:1e:7c:06:b2:59:d8:5a:a7:5b:04:
a6:e2:0a:83:cf:b4:73:c9:ef:63:16:e2:7a:03:e2:
04:18:9f:c5:77:c8:55:92:f7:b6:86:d4:cb:3e:fd:
2d:b9:f8:0d:d0:4b:0a:66:9f:10:cf:a3:26:94:33:
04:23:6c:0a:52:c2:ff:05:24:57:8e:fa:bf:e7:7a:
d3:73:b8:d2:26:9d:90:8d:cc:ed:44:bf:c7:7e:25:
ad:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:03:17:FC:78:B5:E4:95:C4:A0:25:48:E1:09:C7:F3:10:01:D2:B0
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hwMX_Hi15JXEoCVI4QnH8xAB0rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:df::/48
Signature Algorithm: sha256WithRSAEncryption
1b:03:10:b4:d0:dd:1d:60:44:4c:4c:f2:f5:7f:3d:be:8b:7b:
9c:42:3d:de:6d:87:a6:ae:8e:34:ee:9c:e6:ab:17:b1:4e:a7:
61:0d:28:7f:5a:30:d4:79:9f:43:ef:3d:f7:d4:65:85:50:6f:
a8:7a:bb:fc:23:9f:46:ec:1d:ee:53:0c:63:68:a3:66:ba:12:
63:f7:41:e3:62:71:ec:c1:84:81:42:c9:c3:86:56:c7:11:1c:
78:46:ad:95:f6:cc:ee:74:d9:fe:65:a7:06:0b:aa:f0:37:23:
94:82:8a:88:ee:12:08:76:d1:4e:7f:4e:29:ff:ad:6d:0e:c6:
58:f6:ad:26:81:4a:44:79:c3:88:ef:f3:13:65:b1:19:7c:aa:
8a:82:9c:75:ba:f1:ec:29:f6:f0:82:02:b4:21:b0:b7:c3:fd:
bd:86:7e:1b:11:0c:38:a5:99:85:d3:74:c4:1f:88:07:81:6f:
2b:e0:c0:f8:28:10:1b:38:d5:e0:ae:7a:f4:68:c4:b1:26:29:
cf:12:fd:20:67:f6:9c:54:b4:13:0d:5b:05:8f:06:24:f5:a9:
da:7c:61:cb:c7:b1:12:c7:9b:25:69:ec:b9:61:9c:3b:4b:db:
0b:fa:f1:14:90:0f:c9:1a:e4:cb:34:ef:1d:55:8b:4d:7d:d7:
b3:ea:12:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qs9c20FjMHhR6ma+BjfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAzMTdmYzc4YjVlNDk1YzRhMDI1NDhlMTA5YzdmMzEwMDFkMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+z3CDF+qVbJYBe0Y0ZH1vVOqzpF
jNHSXLKo/U2Hzd4a16NtJmnCr1O4UEiilIBG797luhhK68egc2sfrJm/nLsMe1QO
5X9ID3BPd1K8su+Lyr4HKWFSvpriBDaOUbs91iG7Qk1YXWW6LM22k6NDjbz7IJvv
uarqSR3k5Dt+xLKyQ6Lf945JVa5QtD+V+9fHPxfHfGTcIDbt8ROfNBJE+fvdADOe
tKHm9B58BrJZ2FqnWwSm4gqDz7Rzye9jFuJ6A+IEGJ/Fd8hVkve2htTLPv0tufgN
0EsKZp8Qz6MmlDMEI2wKUsL/BSRXjvq/53rTc7jSJp2QjcztRL/HfiWtBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIcDF/x4teSVxKAlSOEJx/MQAdKwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaHdNWF9IaTE1SlhFb0NWSTRRbkg4eEFCMHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDf
MA0GCSqGSIb3DQEBCwUAA4IBAQAbAxC00N0dYERMTPL1fz2+i3ucQj3ebYemro40
7pzmqxexTqdhDSh/WjDUeZ9D7z331GWFUG+oerv8I59G7B3uUwxjaKNmuhJj90Hj
YnHswYSBQsnDhlbHERx4Rq2V9szudNn+ZacGC6rwNyOUgoqI7hIIdtFOf04p/61t
DsZY9q0mgUpEecOI7/MTZbEZfKqKgpx1uvHsKfbwggK0IbC3w/29hn4bEQw4pZmF
03TEH4gHgW8r4MD4KBAbONXgrnr0aMSxJinPEv0gZ/acVLQTDVsFjwYk9anafGHL
x7ESx5slaey5YZw7S9sL+vEUkA/JGuTLNO8dVYtNfdez6hIZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org