Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jst23zJR8LhpkpBdDDP_jp7PCtA.roa
File: jst23zJR8LhpkpBdDDP_jp7PCtA.roa (raw, json)
Hash identifier: TnPTlvroahPiEbKFNP7e/i0ttUmb5loXiYkgDyf9WGE=
Subject key identifier: 8E:CB:76:DF:32:51:F0:B8:69:92:90:5D:0C:33:FF:8E:9E:CF:0A:D0
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD265EF3D556C2E1B48A6BB75DE2E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jst23zJR8LhpkpBdDDP_jp7PCtA.roa
Signing time: Tue 06 Feb 2024 18:25:17 +0000
ROA not before: Tue 06 Feb 2024 18:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202467
IP address blocks: 2a0f:b241:e2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d2:65:ef:3d:55:6c:2e:1b:48:a6:bb:75:de:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ecb76df3251f0b86992905d0c33ff8e9ecf0ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:11:66:14:49:44:cd:be:c8:9f:8d:df:e3:
f8:f0:37:82:c7:84:68:56:2a:0e:7b:49:5b:78:bd:
28:70:71:c2:9b:47:52:06:5f:ce:f6:f2:82:c6:58:
1d:ff:50:32:7e:02:78:a0:af:41:89:cf:7f:22:ef:
8b:dd:18:a0:ab:04:dc:3a:3c:71:ea:b8:d1:14:95:
4e:13:b2:ca:fa:db:7e:f2:c7:ef:36:8d:34:a1:29:
b2:d4:88:5a:22:09:b0:da:be:f1:c2:dc:1b:49:38:
a4:0a:e9:f3:68:65:4d:12:35:b2:5f:90:36:86:32:
1a:36:8c:6a:67:40:5f:73:12:72:c2:6e:8e:7c:bc:
51:ee:36:cc:bd:5e:3b:de:6c:76:00:e6:6f:63:0a:
dd:3e:da:61:3c:75:ff:ab:63:cf:11:53:f9:3c:7a:
5f:c7:30:01:8a:f8:c3:a1:d9:dc:0a:bf:22:45:47:
ae:88:f0:db:b4:a0:95:b2:eb:d9:2f:12:be:76:e3:
80:6c:15:7f:0a:f0:e9:c1:98:ce:26:d2:e0:8f:e9:
da:6b:ad:00:24:0e:e4:38:94:81:26:cd:2a:75:7f:
fc:ac:8d:21:55:de:03:05:37:01:a3:d7:4e:5b:02:
f7:36:70:71:b9:90:25:a7:e0:4c:61:ab:0b:e0:61:
85:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CB:76:DF:32:51:F0:B8:69:92:90:5D:0C:33:FF:8E:9E:CF:0A:D0
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jst23zJR8LhpkpBdDDP_jp7PCtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e2::/48
Signature Algorithm: sha256WithRSAEncryption
28:ef:1f:ee:c8:50:f7:db:4c:d6:7e:4e:8c:44:cc:83:11:27:
99:33:cc:36:a5:e0:ee:a8:0c:10:c8:0a:08:21:ac:a3:5a:9f:
02:33:da:47:01:d2:51:05:6c:cd:b1:56:98:5c:ac:fb:1f:81:
d8:6b:b7:1c:11:2d:46:38:41:e9:3e:86:f4:12:a7:45:6b:c4:
34:0a:a1:4a:4c:80:8f:2c:c2:4e:39:30:6f:35:bb:b0:99:0e:
c9:18:94:72:2f:dd:50:25:b6:cf:d3:38:84:fc:ef:09:ce:8d:
5b:d1:31:73:0c:98:23:16:88:0a:91:cc:f6:12:26:a4:2e:b9:
0e:40:a5:a0:30:5d:2e:bb:29:63:29:95:f6:8f:64:bf:53:a4:
0d:94:ff:80:c8:11:c4:6d:7c:d9:fb:bc:86:09:4e:21:58:96:
ee:cf:02:57:c1:fb:1d:85:1c:44:92:4d:10:4f:ef:9a:08:6a:
a8:95:15:fb:5d:b3:c8:93:20:98:23:56:cf:66:ae:07:76:3f:
c3:ca:19:29:95:20:3c:24:ae:57:e4:49:c1:05:ca:57:72:28:
1c:3b:80:57:f1:1c:f3:22:80:fc:9a:de:82:d3:f6:14:2f:60:
36:9a:58:fa:7e:2e:2f:b8:ee:53:5b:ca:f6:2c:77:28:a3:dc:
55:3c:11:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtJl7z1VbC4bSKa7dd4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNiNzZkZjMyNTFmMGI4Njk5MjkwNWQwYzMzZmY4ZTllY2YwYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobIRZhRJRM2+yJ+N3+P48DeCx4Ro
VioOe0lbeL0ocHHCm0dSBl/O9vKCxlgd/1AyfgJ4oK9Bic9/Iu+L3RigqwTcOjxx
6rjRFJVOE7LK+tt+8sfvNo00oSmy1IhaIgmw2r7xwtwbSTikCunzaGVNEjWyX5A2
hjIaNoxqZ0BfcxJywm6OfLxR7jbMvV473mx2AOZvYwrdPtphPHX/q2PPEVP5PHpf
xzABivjDodncCr8iRUeuiPDbtKCVsuvZLxK+duOAbBV/CvDpwZjOJtLgj+naa60A
JA7kOJSBJs0qdX/8rI0hVd4DBTcBo9dOWwL3NnBxuZAlp+BMYasL4GGFpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI7Ldt8yUfC4aZKQXQwz/46ezwrQMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvanN0MjN6SlI4TGhwa3BCZEREUF9qcDdQQ3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDi
MA0GCSqGSIb3DQEBCwUAA4IBAQAo7x/uyFD320zWfk6MRMyDESeZM8w2peDuqAwQ
yAoIIayjWp8CM9pHAdJRBWzNsVaYXKz7H4HYa7ccES1GOEHpPob0EqdFa8Q0CqFK
TICPLMJOOTBvNbuwmQ7JGJRyL91QJbbP0ziE/O8Jzo1b0TFzDJgjFogKkcz2Eiak
LrkOQKWgMF0uuyljKZX2j2S/U6QNlP+AyBHEbXzZ+7yGCU4hWJbuzwJXwfsdhRxE
kk0QT++aCGqolRX7XbPIkyCYI1bPZq4Hdj/DyhkplSA8JK5X5EnBBcpXcigcO4BX
8RzzIoD8mt6C0/YUL2A2mlj6fi4vuO5TW8r2LHcoo9xVPBEV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org