Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kgT020P4gH55gSV-Ks1PXNAqR1I.roa
File: kgT020P4gH55gSV-Ks1PXNAqR1I.roa (raw, json)
Hash identifier: vnBcYOGxOfH66VC4XShGjPjF42YcAqxmdWIenojQTjk=
Subject key identifier: 92:04:F4:DB:43:F8:80:7E:79:81:25:7E:2A:CD:4F:5C:D0:2A:47:52
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95BC60755BF7C07BCC90EA3C28B1EA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kgT020P4gH55gSV-Ks1PXNAqR1I.roa
Signing time: Tue 06 Feb 2024 18:02:15 +0000
ROA not before: Tue 06 Feb 2024 18:02:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208889
IP address blocks: 2a0f:b241:40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:bc:60:75:5b:f7:c0:7b:cc:90:ea:3c:28:b1:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9204f4db43f8807e7981257e2acd4f5cd02a4752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9a:c6:0a:37:d8:2b:d7:70:84:91:05:41:30:
0c:bd:e1:e0:ce:eb:fd:da:1d:fb:b6:de:14:87:db:
0c:84:4c:aa:d5:4d:25:8e:e9:d9:4b:ff:09:50:dc:
39:07:ae:29:46:09:5b:e1:81:47:a9:e4:e2:ca:62:
9d:b8:28:e9:ab:1c:9b:35:d3:60:85:b6:09:6d:ec:
5f:02:13:85:7d:2f:39:ad:1b:eb:c5:08:e2:2b:bb:
89:22:31:be:1c:67:38:ac:80:99:e2:8c:6c:d2:d3:
3b:7a:b6:5c:18:cc:9f:a5:7a:29:79:65:1c:08:f3:
95:e3:ed:ee:0c:53:03:d6:22:63:4a:09:56:e7:2c:
c9:97:be:54:44:2b:30:34:e4:b4:bb:97:37:fa:86:
86:13:cf:b7:6b:36:47:2c:f3:a9:0c:49:3f:df:0d:
9e:22:bf:f1:e9:f0:37:21:67:a3:1f:23:4c:ab:75:
d8:ec:56:df:e9:bb:f9:f8:20:69:b6:35:76:e3:43:
16:de:e7:39:73:4b:14:bd:ac:f6:48:b9:7c:14:d7:
3e:7f:6c:76:d2:7f:58:51:e3:ed:ad:c2:d1:31:31:
1c:1a:3a:98:4c:b4:0d:91:0d:c7:66:41:9f:93:1a:
f5:f5:6e:1e:82:67:bf:c9:51:81:72:77:b2:ff:d9:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:04:F4:DB:43:F8:80:7E:79:81:25:7E:2A:CD:4F:5C:D0:2A:47:52
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kgT020P4gH55gSV-Ks1PXNAqR1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:40::/48
Signature Algorithm: sha256WithRSAEncryption
56:dd:65:ed:aa:b2:cb:43:a6:fc:98:34:df:53:02:c7:3c:4b:
65:d7:fd:87:0d:cd:59:b1:20:da:d1:48:8f:49:73:3c:06:71:
52:0e:46:e2:d1:c7:23:c1:2b:d7:00:c5:6c:d2:dd:94:ef:84:
7b:bc:e2:65:a5:b0:bb:68:9e:2e:eb:65:b7:10:89:59:df:d0:
2f:d1:6d:af:27:be:9a:e8:53:c9:81:10:4a:fb:d4:27:ad:2b:
d0:3c:3a:3b:4f:c4:79:99:d2:e6:f1:cd:cb:fe:71:93:92:e7:
7d:1b:21:8a:20:af:54:00:a9:04:7f:d4:94:c8:75:35:43:3f:
62:1c:9f:6e:14:24:90:97:d1:d5:9a:f8:88:a7:ee:4a:ea:03:
37:49:da:af:14:09:db:7d:c8:05:b3:59:9b:86:3b:6b:e7:d3:
26:af:3a:54:ff:5a:c8:9b:88:f4:5b:07:f7:54:c9:d7:73:65:
42:c2:c6:a1:f9:7e:99:08:6a:8d:9f:6e:78:7b:32:72:46:4f:
4b:4c:72:0b:39:0d:33:57:67:2f:78:93:0a:fd:59:5d:a5:87:
ac:93:8c:8e:bb:73:e6:eb:52:aa:9c:4d:9f:f6:aa:36:66:37:
24:71:b3:8c:90:2c:9e:82:5d:84:a0:e7:60:b1:ac:dc:39:e2:
5c:a8:9b:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lbxgdVv3wHvMkOo8KLHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA0ZjRkYjQzZjg4MDdlNzk4MTI1N2UyYWNkNGY1Y2QwMmE0NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgprGCjfYK9dwhJEFQTAMveHgzuv9
2h37tt4Uh9sMhEyq1U0ljunZS/8JUNw5B64pRglb4YFHqeTiymKduCjpqxybNdNg
hbYJbexfAhOFfS85rRvrxQjiK7uJIjG+HGc4rICZ4oxs0tM7erZcGMyfpXopeWUc
CPOV4+3uDFMD1iJjSglW5yzJl75URCswNOS0u5c3+oaGE8+3azZHLPOpDEk/3w2e
Ir/x6fA3IWejHyNMq3XY7Fbf6bv5+CBptjV240MW3uc5c0sUvaz2SLl8FNc+f2x2
0n9YUePtrcLRMTEcGjqYTLQNkQ3HZkGfkxr19W4egme/yVGBcney/9kIRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJIE9NtD+IB+eYElfirNT1zQKkdSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva2dUMDIwUDRnSDU1Z1NWLUtzMVBYTkFxUjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBW3WXtqrLLQ6b8mDTfUwLHPEtl1/2HDc1ZsSDa
0UiPSXM8BnFSDkbi0ccjwSvXAMVs0t2U74R7vOJlpbC7aJ4u62W3EIlZ39Av0W2v
J76a6FPJgRBK+9QnrSvQPDo7T8R5mdLm8c3L/nGTkud9GyGKIK9UAKkEf9SUyHU1
Qz9iHJ9uFCSQl9HVmviIp+5K6gM3SdqvFAnbfcgFs1mbhjtr59MmrzpU/1rIm4j0
Wwf3VMnXc2VCwsah+X6ZCGqNn254ezJyRk9LTHILOQ0zV2cveJMK/VldpYesk4yO
u3Pm61KqnE2f9qo2ZjckcbOMkCyegl2EoOdgsazcOeJcqJsr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org