Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nNb00EhI3-A5hRTw9syGKzNZ4qQ.roa
File: nNb00EhI3-A5hRTw9syGKzNZ4qQ.roa (raw, json)
Hash identifier: ZfsdfGj/aYRNLcc2y3ARyW+nFaY1EqciKUTifa03Gxs=
Subject key identifier: 9C:D6:F4:D0:48:48:DF:E0:39:85:14:F0:F6:CC:86:2B:33:59:E2:A4
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB7A1DEC1AACED93A6641B546F0AD5A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nNb00EhI3-A5hRTw9syGKzNZ4qQ.roa
Signing time: Tue 06 Feb 2024 18:39:17 +0000
ROA not before: Tue 06 Feb 2024 18:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210881
IP address blocks: 2a0f:b241:143::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b7:a1:de:c1:aa:ce:d9:3a:66:41:b5:46:f0:ad:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cd6f4d04848dfe0398514f0f6cc862b3359e2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e6:f5:b3:fa:a6:64:e2:54:fd:3a:c3:9c:d4:
f8:b4:41:23:f9:34:f0:b1:07:45:e7:50:44:42:7c:
27:1c:02:62:f6:f6:ca:d2:25:a0:bf:5b:79:b7:90:
74:0f:ea:58:65:d8:13:df:b3:c3:a3:4e:cd:d7:f0:
e1:3c:5f:a7:6f:93:24:7b:4b:52:3f:8c:ef:15:52:
c0:46:7b:6e:f7:39:99:3b:91:db:b7:81:3a:db:ff:
80:74:1a:f4:e0:33:a2:9e:12:3a:41:87:60:e5:9e:
fa:d6:de:53:65:0f:07:cb:d5:74:ec:c9:cc:91:0a:
1b:7f:08:86:02:f0:de:14:ac:50:40:03:f3:b5:2e:
64:e7:aa:11:a4:3b:86:16:34:4c:a4:ba:54:1e:a4:
20:81:b0:23:e5:4a:77:5a:5a:45:c4:6c:2b:7b:ea:
c4:27:1b:ea:e8:0b:2a:a7:4a:d2:2f:81:9e:f3:05:
c8:57:7c:d3:1e:92:5c:f5:9a:02:b9:4c:2a:37:2f:
ab:f5:37:0c:39:72:23:d5:7a:92:28:11:2c:93:b4:
59:3d:ff:e1:bc:7a:52:f4:38:9d:89:95:be:4c:77:
ec:1c:e1:cb:cb:60:01:d2:dd:0e:c3:04:26:de:bc:
a1:0b:24:23:bc:9f:3f:f0:6e:65:1d:45:5c:64:7e:
5f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D6:F4:D0:48:48:DF:E0:39:85:14:F0:F6:CC:86:2B:33:59:E2:A4
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nNb00EhI3-A5hRTw9syGKzNZ4qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:143::/48
Signature Algorithm: sha256WithRSAEncryption
79:ef:43:a3:25:f3:e5:29:33:08:c9:12:e7:1b:01:ff:cd:e9:
cd:c2:63:4e:6d:53:b0:5a:7c:5f:05:00:27:e9:bd:f7:d8:e3:
d0:ed:1b:13:0a:b4:e0:db:a9:70:a2:3a:3a:88:d0:e3:4e:74:
c8:7b:aa:20:1c:b5:d9:18:8b:12:ff:49:a3:d8:0a:a6:c7:f8:
a4:69:34:2d:43:95:d7:e2:b1:4c:7f:75:56:cd:88:c0:54:2c:
bd:a9:92:32:09:3b:d0:71:6f:00:32:40:03:af:55:b4:74:46:
be:b5:b5:6e:1c:f0:23:71:f7:07:4c:6f:c6:35:89:e1:bd:70:
23:88:cd:55:30:6d:1f:28:a1:67:c2:e6:54:ab:11:88:80:89:
92:d6:fc:c0:76:bd:85:d2:d6:e3:f5:92:2e:bb:aa:50:b2:96:
39:b0:4a:b5:e9:cf:11:dc:bc:27:67:c3:a2:d2:68:c6:c0:91:
ae:90:ae:cf:19:ca:da:f2:df:85:13:48:9e:65:c8:3f:69:38:
0d:ce:81:f2:e5:53:05:e3:84:e4:97:24:74:f2:49:fe:fb:ae:
1d:a8:46:e2:d4:c9:74:04:bc:ff:4c:9b:9e:cd:23:ef:51:b3:
57:8c:03:1c:82:21:61:b7:33:a8:c4:29:4c:b9:63:f7:ba:e2:
9e:fa:b9:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6HewarO2TpmQbVG8K1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q2ZjRkMDQ4NDhkZmUwMzk4NTE0ZjBmNmNjODYyYjMzNTllMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+b1s/qmZOJU/TrDnNT4tEEj+TTw
sQdF51BEQnwnHAJi9vbK0iWgv1t5t5B0D+pYZdgT37PDo07N1/DhPF+nb5Mke0tS
P4zvFVLARntu9zmZO5Hbt4E62/+AdBr04DOinhI6QYdg5Z761t5TZQ8Hy9V07MnM
kQobfwiGAvDeFKxQQAPztS5k56oRpDuGFjRMpLpUHqQggbAj5Up3WlpFxGwre+rE
Jxvq6Asqp0rSL4Ge8wXIV3zTHpJc9ZoCuUwqNy+r9TcMOXIj1XqSKBEsk7RZPf/h
vHpS9DidiZW+THfsHOHLy2AB0t0OwwQm3ryhCyQjvJ8/8G5lHUVcZH5fgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJzW9NBISN/gOYUU8PbMhiszWeKkMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbk5iMDBFaEkzLUE1aFJUdzlzeUdLek5aNHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFD
MA0GCSqGSIb3DQEBCwUAA4IBAQB570OjJfPlKTMIyRLnGwH/zenNwmNObVOwWnxf
BQAn6b332OPQ7RsTCrTg26lwojo6iNDjTnTIe6ogHLXZGIsS/0mj2Aqmx/ikaTQt
Q5XX4rFMf3VWzYjAVCy9qZIyCTvQcW8AMkADr1W0dEa+tbVuHPAjcfcHTG/GNYnh
vXAjiM1VMG0fKKFnwuZUqxGIgImS1vzAdr2F0tbj9ZIuu6pQspY5sEq16c8R3Lwn
Z8Oi0mjGwJGukK7PGcra8t+FE0ieZcg/aTgNzoHy5VMF44TklyR08kn++64dqEbi
1Ml0BLz/TJuezSPvUbNXjAMcgiFhtzOoxClMuWP3uuKe+rkp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org