Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iZA9WrD66LrjctQIS_k3CE9ZTkc.roa
File: iZA9WrD66LrjctQIS_k3CE9ZTkc.roa (raw, json)
Hash identifier: EJ0xFySZzYyxtIpSkjp2icazyUXARfq+gma2Fr5liQ4=
Subject key identifier: 89:90:3D:5A:B0:FA:E8:BA:E3:72:D4:08:4B:F9:37:08:4F:59:4E:47
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C5BFC408C54B1E6C5B52D8599D2A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iZA9WrD66LrjctQIS_k3CE9ZTkc.roa
Signing time: Tue 06 Feb 2024 18:02:18 +0000
ROA not before: Tue 06 Feb 2024 18:02:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215617
IP address blocks: 2a0f:b241:4d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c5:bf:c4:08:c5:4b:1e:6c:5b:52:d8:59:9d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89903d5ab0fae8bae372d4084bf937084f594e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:30:6b:2a:5c:a0:5a:4d:36:c1:6b:92:4c:61:
2f:bd:70:3e:75:66:96:7e:16:ea:4f:8e:c1:2a:9e:
1d:f1:d4:60:2b:39:f5:3a:82:8e:85:72:9a:fe:dd:
a5:58:3b:97:06:2a:15:a0:a6:21:06:12:a4:f6:59:
28:d7:c3:16:cd:99:38:b6:1a:59:da:ee:f9:de:bd:
1b:db:c7:98:c0:d6:da:3e:f1:cf:d3:4b:f2:cc:52:
4c:1e:78:fb:22:1a:89:5d:71:bf:21:64:18:f3:9b:
99:7d:e9:0b:90:0f:b0:33:22:85:55:cf:30:a3:56:
03:cd:08:43:2c:f7:77:60:21:6e:b8:4f:0b:7b:8f:
39:d0:d7:b2:b8:64:67:ff:2d:d1:e5:c7:c4:c2:ef:
2b:b9:a0:6e:79:8a:d4:9a:b0:9f:7a:08:65:9e:18:
45:ca:b9:96:59:0d:e0:f3:26:66:cf:41:aa:a8:1e:
11:8a:cd:11:8d:a5:28:de:e6:9a:ed:68:8e:9c:bb:
ed:c5:ed:d3:a2:2f:dd:89:b3:a2:db:58:7f:f2:05:
71:d7:59:12:88:3b:ca:6c:07:9b:16:79:98:89:c8:
27:ba:af:41:df:e8:5a:c4:90:19:57:43:96:8e:57:
35:b9:28:9f:5c:02:19:24:94:8f:2d:83:65:f5:05:
6b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:90:3D:5A:B0:FA:E8:BA:E3:72:D4:08:4B:F9:37:08:4F:59:4E:47
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iZA9WrD66LrjctQIS_k3CE9ZTkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4d::/48
Signature Algorithm: sha256WithRSAEncryption
44:f7:88:1f:91:f9:34:37:3f:3a:7b:82:78:ed:7e:09:77:c6:
36:cd:60:57:20:d7:a9:28:5d:25:12:f8:21:d5:27:cd:fb:c4:
a0:1c:fb:f7:68:67:db:2f:50:a8:8f:21:04:0f:57:15:42:36:
28:5f:41:b6:09:97:a0:4b:f5:4b:94:71:31:a8:d9:2c:42:41:
88:8b:8f:ab:d2:14:22:f8:c7:eb:d4:24:8b:f6:bb:7e:ff:5c:
06:8d:96:91:a0:1d:16:94:00:ed:cf:79:d1:8b:87:f9:1a:b0:
3b:c4:4e:c8:e8:b4:68:0d:42:7c:85:0e:b5:fa:24:f4:7a:96:
d3:07:65:3c:ac:3d:77:38:51:96:bd:df:ca:e2:3f:42:31:83:
77:7d:02:ce:e1:56:93:ae:dc:ff:79:be:39:12:59:aa:b2:a5:
48:38:28:f7:7e:57:39:da:af:0f:ae:ba:b5:40:89:6f:31:99:
48:f6:45:0c:1f:b3:12:bd:b2:67:50:e8:af:50:72:94:ee:00:
82:e2:e9:41:ad:77:5d:dc:c6:40:f4:ab:26:eb:86:4f:2f:da:
85:31:b8:19:6d:fd:d2:47:f5:15:4f:2c:6f:89:94:91:b6:df:
23:bf:06:04:53:d3:3e:e9:c4:03:a3:4a:40:7e:a0:84:d2:87:
89:e7:12:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcW/xAjFSx5sW1LYWZ0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkwM2Q1YWIwZmFlOGJhZTM3MmQ0MDg0YmY5MzcwODRmNTk0ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjBrKlygWk02wWuSTGEvvXA+dWaW
fhbqT47BKp4d8dRgKzn1OoKOhXKa/t2lWDuXBioVoKYhBhKk9lko18MWzZk4thpZ
2u753r0b28eYwNbaPvHP00vyzFJMHnj7IhqJXXG/IWQY85uZfekLkA+wMyKFVc8w
o1YDzQhDLPd3YCFuuE8Le4850NeyuGRn/y3R5cfEwu8ruaBueYrUmrCfeghlnhhF
yrmWWQ3g8yZmz0GqqB4Ris0RjaUo3uaa7WiOnLvtxe3Toi/dibOi21h/8gVx11kS
iDvKbAebFnmYicgnuq9B3+haxJAZV0OWjlc1uSifXAIZJJSPLYNl9QVr4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFImQPVqw+ui643LUCEv5NwhPWU5HMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaVpBOVdyRDY2THJqY3RRSVNfazNDRTlaVGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBN
MA0GCSqGSIb3DQEBCwUAA4IBAQBE94gfkfk0Nz86e4J47X4Jd8Y2zWBXINepKF0l
Evgh1SfN+8SgHPv3aGfbL1CojyEED1cVQjYoX0G2CZegS/VLlHExqNksQkGIi4+r
0hQi+Mfr1CSL9rt+/1wGjZaRoB0WlADtz3nRi4f5GrA7xE7I6LRoDUJ8hQ61+iT0
epbTB2U8rD13OFGWvd/K4j9CMYN3fQLO4VaTrtz/eb45ElmqsqVIOCj3flc52q8P
rrq1QIlvMZlI9kUMH7MSvbJnUOivUHKU7gCC4ulBrXdd3MZA9Ksm64ZPL9qFMbgZ
bf3SR/UVTyxviZSRtt8jvwYEU9M+6cQDo0pAfqCE0oeJ5xI3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org