Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/niGfYFoQF34mrBoJ5PBan4lDd30.roa
File: niGfYFoQF34mrBoJ5PBan4lDd30.roa (raw, json)
Hash identifier: byBV7+9vYZiKOJ4P0MNTw7dkWjlfKPQi7RETD53J2n4=
Subject key identifier: 9E:21:9F:60:5A:10:17:7E:26:AC:1A:09:E4:F0:5A:9F:89:43:77:7D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F080C5D70608D24216CD665B0CE754
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/niGfYFoQF34mrBoJ5PBan4lDd30.roa
Signing time: Wed 07 Feb 2024 05:00:38 +0000
ROA not before: Wed 07 Feb 2024 05:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200179
IP address blocks: 2a0f:b241:96::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:80:c5:d7:06:08:d2:42:16:cd:66:5b:0c:e7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e219f605a10177e26ac1a09e4f05a9f8943777d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:69:ee:d1:e9:44:00:36:92:dd:b2:5d:48:
f6:70:6f:4f:56:56:c8:a5:fa:53:16:d5:d5:44:da:
46:61:11:f5:5d:5e:bc:7d:74:4f:0e:39:53:86:ca:
c5:59:0f:0d:28:fc:53:47:e3:9b:ba:3f:09:07:ea:
a6:02:f4:2f:75:fb:3d:a2:4c:bc:38:2c:df:fa:57:
a1:22:7d:45:97:3d:71:b3:07:fc:01:a5:56:de:de:
24:ab:7f:b1:e0:67:8a:8b:f2:c2:4a:84:66:1e:c6:
51:52:44:2e:19:6d:40:b9:f3:af:35:88:0e:c3:39:
93:52:99:87:b9:71:b2:04:a8:62:97:92:51:49:27:
b4:24:06:c8:46:2a:81:27:3f:73:5b:89:a0:42:c1:
1d:c7:be:52:c3:7d:cc:88:77:72:5f:da:cd:19:4e:
9e:7f:4d:f2:2b:b8:fa:b4:a6:da:c3:38:df:02:70:
5a:a6:a9:ea:50:ce:a6:4c:3f:57:ac:63:f9:4e:e1:
51:e2:3b:1d:ab:f0:3f:4b:0b:31:41:6d:65:48:f7:
d1:10:28:80:02:6e:5e:71:f3:c1:67:44:15:65:44:
48:a3:a4:2c:4f:19:eb:2f:a5:77:07:ae:c5:04:f8:
68:c8:e8:2e:9c:51:b0:31:bd:99:0f:0f:ce:e6:11:
8a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:21:9F:60:5A:10:17:7E:26:AC:1A:09:E4:F0:5A:9F:89:43:77:7D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/niGfYFoQF34mrBoJ5PBan4lDd30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:96::/48
Signature Algorithm: sha256WithRSAEncryption
54:60:ac:df:98:99:12:f2:d1:fa:ff:0b:73:42:5d:ad:05:cc:
1f:4c:95:17:6e:dd:f7:9d:8f:43:f3:32:0d:e3:5e:18:8e:7e:
51:d5:2f:69:d9:f1:45:e2:71:73:c6:42:99:26:47:07:a5:7f:
2e:61:e9:3c:a9:30:51:24:f0:ce:23:6d:3e:4c:17:d6:0f:f3:
6e:7f:a5:44:70:5a:78:a6:37:64:cc:4e:c9:d2:41:f7:84:b7:
06:bf:83:25:1b:bd:0b:0d:59:92:59:ea:52:85:d0:3a:58:86:
be:36:d8:5f:93:8d:38:a8:df:33:ef:63:22:21:48:00:65:bd:
f2:cc:2a:ce:7a:d5:12:5e:1b:4f:d5:a6:06:11:63:70:13:ae:
bf:a0:80:65:f5:bb:6b:99:ce:de:da:af:4b:56:55:ae:2b:0d:
14:73:7d:ad:8a:f2:b8:4f:e9:2c:23:4b:0b:06:33:f0:8c:80:
e0:f3:b6:4b:d4:1f:67:ea:2d:50:9f:ac:a5:a7:9f:7f:03:ca:
63:8d:97:70:15:5d:1e:80:fe:cd:35:cf:5b:13:a4:92:ab:4e:
54:8f:bc:b3:a0:cf:5d:01:e2:96:6d:88:38:7e:aa:5d:ff:20:
38:5e:51:30:07:13:e7:64:94:9b:59:99:64:71:26:46:bf:0b:
3b:7a:6d:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8IDF1wYI0kIWzWZbDOdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTIxOWY2MDVhMTAxNzdlMjZhYzFhMDllNGYwNWE5Zjg5NDM3NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv69p7tHpRAA2kt2yXUj2cG9PVlbI
pfpTFtXVRNpGYRH1XV68fXRPDjlThsrFWQ8NKPxTR+Obuj8JB+qmAvQvdfs9oky8
OCzf+lehIn1Flz1xswf8AaVW3t4kq3+x4GeKi/LCSoRmHsZRUkQuGW1AufOvNYgO
wzmTUpmHuXGyBKhil5JRSSe0JAbIRiqBJz9zW4mgQsEdx75Sw33MiHdyX9rNGU6e
f03yK7j6tKbawzjfAnBapqnqUM6mTD9XrGP5TuFR4jsdq/A/SwsxQW1lSPfRECiA
Am5ecfPBZ0QVZURIo6QsTxnrL6V3B67FBPhoyOgunFGwMb2ZDw/O5hGKDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ4hn2BaEBd+JqwaCeTwWp+JQ3d9MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbmlHZllGb1FGMzRtckJvSjVQQmFuNGxEZDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCW
MA0GCSqGSIb3DQEBCwUAA4IBAQBUYKzfmJkS8tH6/wtzQl2tBcwfTJUXbt33nY9D
8zIN414Yjn5R1S9p2fFF4nFzxkKZJkcHpX8uYek8qTBRJPDOI20+TBfWD/Nuf6VE
cFp4pjdkzE7J0kH3hLcGv4MlG70LDVmSWepShdA6WIa+Nthfk404qN8z72MiIUgA
Zb3yzCrOetUSXhtP1aYGEWNwE66/oIBl9btrmc7e2q9LVlWuKw0Uc32tivK4T+ks
I0sLBjPwjIDg87ZL1B9n6i1Qn6ylp59/A8pjjZdwFV0egP7NNc9bE6SSq05Uj7yz
oM9dAeKWbYg4fqpd/yA4XlEwBxPnZJSbWZlkcSZGvws7em1s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org