Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m_cdhkKWzrIPKxStI8C8o9Ho47A.roa
File: m_cdhkKWzrIPKxStI8C8o9Ho47A.roa (raw, json)
Hash identifier: b+6AgPYIxYcwJMyw49IMkCdaGu13e9U24o48WLd7ibU=
Subject key identifier: 9B:F7:1D:86:42:96:CE:B2:0F:2B:14:AD:23:C0:BC:A3:D1:E8:E3:B0
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F8D84C0D8471CCA9F8F902E2D3BEE33
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m_cdhkKWzrIPKxStI8C8o9Ho47A.roa
Signing time: Tue 06 Feb 2024 17:53:17 +0000
ROA not before: Tue 06 Feb 2024 17:53:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215950
IP address blocks: 2a0f:b241:27::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:8d:84:c0:d8:47:1c:ca:9f:8f:90:2e:2d:3b:ee:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:53:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bf71d864296ceb20f2b14ad23c0bca3d1e8e3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:aa:00:0f:9d:48:a3:ed:b5:77:19:23:83:07:
82:a2:da:c0:db:ba:99:fc:3d:e8:8d:d4:83:d5:7c:
56:cd:f5:90:62:1a:e7:13:2f:3d:b2:9d:05:fb:19:
5a:49:79:88:de:d5:9d:f8:80:08:ac:6a:c7:2b:98:
d3:d2:1b:88:cb:65:b0:9a:ae:1a:82:de:ed:40:32:
88:75:78:6b:e6:ae:0d:42:67:4c:e2:15:45:c0:c9:
31:8c:ca:8d:c5:21:ca:e2:24:8f:c9:a1:c3:cc:7a:
40:be:d6:60:ac:66:0c:92:5e:18:2d:52:f0:a8:86:
52:6e:a1:bd:3e:cd:d9:a3:f6:92:b4:62:20:78:ae:
6d:b7:53:6b:3a:82:78:8a:55:36:f3:28:75:7d:b1:
6a:e4:7e:99:1f:18:c4:b2:cb:f5:21:cd:fa:28:48:
4c:37:04:11:53:3f:86:a5:cb:39:24:33:df:79:0f:
c7:ba:75:bb:17:44:40:2d:d8:66:de:36:11:44:ff:
71:9d:da:24:8d:ee:07:e1:0a:6a:3f:e8:4f:9d:ab:
a2:82:74:20:b1:da:e6:b5:e0:51:3f:6b:25:41:b3:
d0:a8:96:d1:26:fb:31:57:3b:db:aa:e3:ae:c0:65:
ba:2a:6d:c7:c3:d1:8e:22:80:2b:fc:84:b5:16:5e:
01:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F7:1D:86:42:96:CE:B2:0F:2B:14:AD:23:C0:BC:A3:D1:E8:E3:B0
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m_cdhkKWzrIPKxStI8C8o9Ho47A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:27::/48
Signature Algorithm: sha256WithRSAEncryption
32:2d:2b:65:d0:35:be:2a:c0:8c:2f:77:da:7a:26:a2:96:2f:
32:39:88:4b:c4:dd:56:73:9f:a3:2a:63:c9:a5:4e:5d:9d:5f:
a8:cc:09:a1:36:5c:64:27:71:ec:cb:ad:25:e8:fe:95:12:eb:
a4:79:ca:3f:b5:8f:ab:89:8a:1c:b7:54:4d:32:bb:3e:91:52:
97:a3:25:2d:6a:af:fc:17:7d:d8:21:73:e9:f9:bc:ba:bc:bc:
d0:1a:6d:43:55:0a:74:51:8e:fc:38:00:43:27:9a:7c:ae:f1:
cd:a0:39:76:42:c9:d4:ac:94:75:42:42:30:ca:8e:35:c7:3e:
4f:ce:47:57:d2:1b:45:32:96:d5:2a:88:3d:40:93:dc:6e:df:
76:f2:c0:f7:64:1b:53:e9:27:9f:44:df:e0:10:17:a4:af:0b:
c5:3b:54:06:6a:63:98:7c:6b:a6:c0:91:54:17:9a:fa:c2:12:
c7:17:76:98:2a:9f:5b:6e:d3:11:a4:85:e2:20:56:eb:38:17:
0b:57:06:a3:b9:5f:1f:e7:d7:87:32:c7:45:61:df:45:77:e6:
52:26:54:c9:18:da:1d:9b:6a:0e:65:8c:57:b6:d5:f7:49:f7:
16:cc:6e:cc:a7:bf:db:bf:0a:09:bf:03:17:1d:cb:57:22:4e:
b5:20:2b:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jYTA2Eccyp+PkC4tO+4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmY3MWQ4NjQyOTZjZWIyMGYyYjE0YWQyM2MwYmNhM2QxZThlM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKoAD51Io+21dxkjgweCotrA27qZ
/D3ojdSD1XxWzfWQYhrnEy89sp0F+xlaSXmI3tWd+IAIrGrHK5jT0huIy2Wwmq4a
gt7tQDKIdXhr5q4NQmdM4hVFwMkxjMqNxSHK4iSPyaHDzHpAvtZgrGYMkl4YLVLw
qIZSbqG9Ps3Zo/aStGIgeK5tt1NrOoJ4ilU28yh1fbFq5H6ZHxjEssv1Ic36KEhM
NwQRUz+Gpcs5JDPfeQ/HunW7F0RALdhm3jYRRP9xndokje4H4QpqP+hPnauignQg
sdrmteBRP2slQbPQqJbRJvsxVzvbquOuwGW6Km3Hw9GOIoAr/IS1Fl4B6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJv3HYZCls6yDysUrSPAvKPR6OOwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbV9jZGhrS1d6cklQS3hTdEk4QzhvOUhvNDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAn
MA0GCSqGSIb3DQEBCwUAA4IBAQAyLStl0DW+KsCML3faeiaili8yOYhLxN1Wc5+j
KmPJpU5dnV+ozAmhNlxkJ3Hsy60l6P6VEuukeco/tY+riYoct1RNMrs+kVKXoyUt
aq/8F33YIXPp+by6vLzQGm1DVQp0UY78OABDJ5p8rvHNoDl2QsnUrJR1QkIwyo41
xz5PzkdX0htFMpbVKog9QJPcbt928sD3ZBtT6SefRN/gEBekrwvFO1QGamOYfGum
wJFUF5r6whLHF3aYKp9bbtMRpIXiIFbrOBcLVwajuV8f59eHMsdFYd9Fd+ZSJlTJ
GNodm2oOZYxXttX3SfcWzG7Mp7/bvwoJvwMXHctXIk61ICsH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org