Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kG-1iRLU1llPk9wTXVQzfB1gi7o.roa
File: kG-1iRLU1llPk9wTXVQzfB1gi7o.roa (raw, json)
Hash identifier: /4x7t/SpAtKt4G1/9ePKz1r+PO2fLcBMbA6JOR4MNr0=
Subject key identifier: 90:6F:B5:89:12:D4:D6:59:4F:93:DC:13:5D:54:33:7C:1D:60:8B:BA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09F14AE238F3BB4AAFC81A1C82008
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kG-1iRLU1llPk9wTXVQzfB1gi7o.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209686
IP address blocks: 2a0f:b241:f7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9f:14:ae:23:8f:3b:b4:aa:fc:81:a1:c8:20:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=906fb58912d4d6594f93dc135d54337c1d608bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:63:9b:eb:95:fc:09:5a:e0:47:47:df:48:f8:
77:c4:51:f7:ea:4e:e0:c3:c8:0a:21:1e:bd:ee:ef:
f0:58:72:05:78:d7:db:34:e3:57:16:b5:ab:9b:47:
fc:dd:5a:31:34:dc:14:6f:69:18:66:6f:42:89:80:
a8:59:43:27:f0:07:74:a6:1d:3b:de:3f:b6:31:4a:
3e:45:11:99:62:56:7f:a9:91:41:4a:2e:1e:c3:aa:
ac:39:21:15:a4:72:bc:12:f7:e9:88:20:84:a4:5d:
11:0d:45:aa:37:a6:0d:96:d0:0f:17:3b:85:86:1f:
16:f5:b0:5c:8d:f1:f6:c0:96:e6:27:dd:84:c2:1f:
18:bb:0e:d6:6a:62:a8:96:83:8d:64:ea:b4:26:71:
cd:31:8d:0a:3d:e1:60:ad:89:79:54:99:a3:29:fd:
f4:c4:56:a3:48:29:b5:42:cd:e0:0a:35:6c:68:e8:
b9:7f:63:8f:b8:f1:ba:f9:3f:aa:35:76:b8:64:fe:
06:17:51:78:06:f5:34:e8:ed:4d:05:06:cb:aa:83:
77:06:f3:ac:ab:be:90:f9:c4:dc:5e:d7:b5:b4:fb:
47:3e:07:12:a0:9a:8f:da:f0:78:74:41:90:06:03:
17:06:7b:92:5e:11:5a:5b:08:b0:df:a2:13:ab:ce:
46:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6F:B5:89:12:D4:D6:59:4F:93:DC:13:5D:54:33:7C:1D:60:8B:BA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kG-1iRLU1llPk9wTXVQzfB1gi7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f7::/48
Signature Algorithm: sha256WithRSAEncryption
8a:fa:b8:ca:c1:b6:72:89:71:49:ef:88:2c:ef:bb:d8:9c:a1:
8b:b7:4d:63:25:d0:f9:65:8a:7a:b0:d1:f6:02:cb:26:c8:20:
64:60:be:0f:7a:56:9a:10:bf:74:57:fb:2f:10:b1:59:fe:2c:
f9:00:49:47:f7:2d:af:3f:1b:cf:16:e9:d8:34:73:3a:ad:2a:
49:ad:0a:39:6a:6f:f8:da:07:7f:e1:8f:95:49:02:62:43:aa:
5b:c0:53:c0:cd:d1:ba:df:d4:bf:ab:54:86:83:7e:60:25:ca:
b3:c9:1c:0c:30:2b:eb:07:3f:29:b0:4d:e1:c0:f3:6b:b6:03:
9c:d8:d6:d8:d4:94:13:72:a8:8d:dd:c2:c3:a8:7e:a8:d6:d3:
fb:c3:88:25:ed:78:e5:d7:31:83:05:7c:9e:64:c3:7a:1d:e7:
f4:f0:c6:61:97:c8:b2:e2:c4:c1:44:e7:66:ac:d6:49:78:47:
5d:c3:6f:ce:d7:f7:68:3a:81:3c:bd:31:fc:5e:be:ae:be:e5:
b6:4e:80:16:14:13:1e:4b:92:02:14:24:9c:16:e0:c8:b3:ae:
6f:d4:ab:e5:58:41:7a:29:8b:b8:07:75:f0:7e:4f:a0:a9:a9:
84:52:07:76:92:f7:37:3d:7e:1d:65:1e:13:31:89:44:57:21:
df:8b:63:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J8UriOPO7Sq/IGhyCAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDZmYjU4OTEyZDRkNjU5NGY5M2RjMTM1ZDU0MzM3YzFkNjA4YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWOb65X8CVrgR0ffSPh3xFH36k7g
w8gKIR697u/wWHIFeNfbNONXFrWrm0f83VoxNNwUb2kYZm9CiYCoWUMn8Ad0ph07
3j+2MUo+RRGZYlZ/qZFBSi4ew6qsOSEVpHK8EvfpiCCEpF0RDUWqN6YNltAPFzuF
hh8W9bBcjfH2wJbmJ92Ewh8Yuw7WamKoloONZOq0JnHNMY0KPeFgrYl5VJmjKf30
xFajSCm1Qs3gCjVsaOi5f2OPuPG6+T+qNXa4ZP4GF1F4BvU06O1NBQbLqoN3BvOs
q76Q+cTcXte1tPtHPgcSoJqP2vB4dEGQBgMXBnuSXhFaWwiw36ITq85G9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJBvtYkS1NZZT5PcE11UM3wdYIu6MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva0ctMWlSTFUxbGxQazl3VFhWUXpmQjFnaTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD3
MA0GCSqGSIb3DQEBCwUAA4IBAQCK+rjKwbZyiXFJ74gs77vYnKGLt01jJdD5ZYp6
sNH2AssmyCBkYL4PelaaEL90V/svELFZ/iz5AElH9y2vPxvPFunYNHM6rSpJrQo5
am/42gd/4Y+VSQJiQ6pbwFPAzdG639S/q1SGg35gJcqzyRwMMCvrBz8psE3hwPNr
tgOc2NbY1JQTcqiN3cLDqH6o1tP7w4gl7Xjl1zGDBXyeZMN6Hef08MZhl8iy4sTB
ROdmrNZJeEddw2/O1/doOoE8vTH8Xr6uvuW2ToAWFBMeS5ICFCScFuDIs65v1Kvl
WEF6KYu4B3Xwfk+gqamEUgd2kvc3PX4dZR4TMYlEVyHfi2Nh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org