Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nzIhXgye1wVDoC4w5vK305M0RQE.roa
File: nzIhXgye1wVDoC4w5vK305M0RQE.roa (raw, json)
Hash identifier: GNHCDqKedf+g70whxObnTjYu4+VaQ5OErcyjDiqOpUA=
Subject key identifier: 9F:32:21:5E:0C:9E:D7:05:43:A0:2E:30:E6:F2:B7:D3:93:34:45:01
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA636901E65265F8A6D66A4983703C6
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nzIhXgye1wVDoC4w5vK305M0RQE.roa
Signing time: Tue 06 Feb 2024 18:20:15 +0000
ROA not before: Tue 06 Feb 2024 18:20:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197817
IP address blocks: 2a0f:b241:72::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:36:90:1e:65:26:5f:8a:6d:66:a4:98:37:03:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f32215e0c9ed70543a02e30e6f2b7d393344501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:67:80:0d:b8:d2:b4:8a:94:3d:53:ea:2d:
8a:06:49:ee:a5:24:71:7c:a0:db:91:ba:1c:05:5e:
82:78:f2:1c:3c:3f:a8:73:ab:0d:6f:0a:25:cc:17:
ba:de:c5:4a:37:74:1c:0e:b6:1a:cf:f7:63:bf:52:
41:28:6c:75:97:f6:a5:8d:31:0b:9c:f1:49:81:72:
dd:17:db:c2:16:bc:d9:37:62:1b:61:50:7a:99:82:
7a:ab:06:d9:e5:56:99:a8:27:34:24:d9:41:0f:e5:
a1:2a:c5:3e:5b:72:ba:09:d5:36:e1:c8:bd:41:87:
df:b6:98:1c:f9:1a:da:c6:92:97:4b:f7:b3:82:f4:
95:d0:30:36:d4:11:10:05:d1:d6:8c:5b:d4:c4:a7:
92:98:59:72:71:dc:a2:06:64:1e:fb:70:57:8f:21:
71:6f:2c:6e:bf:44:0a:a8:6e:2d:18:27:c9:8c:56:
99:33:21:5f:68:10:38:14:fa:31:a6:23:f6:6d:a6:
66:06:01:c3:c7:07:64:91:24:0c:a2:ea:9f:73:50:
60:5b:c3:a5:67:48:d8:6b:62:45:07:b3:5e:4e:20:
0d:13:a7:84:d9:e3:78:d8:8f:ff:9c:15:b4:9b:19:
1b:aa:5e:25:18:77:d8:34:af:75:67:51:28:cd:7d:
d5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:32:21:5E:0C:9E:D7:05:43:A0:2E:30:E6:F2:B7:D3:93:34:45:01
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nzIhXgye1wVDoC4w5vK305M0RQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:72::/48
Signature Algorithm: sha256WithRSAEncryption
52:95:b0:ae:39:ca:a6:c7:d2:2c:fe:83:03:7f:06:6e:e7:d5:
0a:6b:f8:e9:66:09:7a:72:9f:25:f1:95:21:d3:dc:af:72:87:
fa:4f:e8:8e:24:72:8d:f6:2e:70:3f:1e:3e:c9:84:87:e3:d1:
ac:2c:77:67:19:82:86:ad:d9:93:35:b0:c8:35:9a:c7:1d:e8:
a4:10:2c:aa:57:0b:fa:8c:e6:da:64:6a:80:16:96:77:af:d3:
79:bd:aa:22:f1:1b:b3:d0:12:78:50:4b:dc:7a:9f:aa:89:47:
9f:ee:dd:ca:8d:ce:f7:e4:d6:fa:a7:82:2c:31:63:10:00:84:
86:4f:88:01:91:bb:71:d7:41:1f:53:52:5c:d5:7a:f9:30:ff:
02:cf:bb:b9:3d:5f:a6:66:5e:f5:df:b3:fa:2a:3e:87:d1:82:
3a:72:0e:2e:65:58:71:29:fa:14:d6:e4:26:75:68:10:f2:fa:
01:eb:6f:e7:fc:90:3c:1f:f3:06:10:0a:eb:01:09:60:f4:be:
ee:d1:e7:09:90:b5:43:03:2b:24:38:1e:97:08:fa:c3:0f:c2:
33:81:ce:b3:c6:3a:65:d1:3f:3f:6e:7f:32:ec:88:aa:7f:ba:
f3:ee:e7:43:1f:1a:3a:1a:fe:00:ab:10:29:53:1d:4c:2b:c1:
e8:cd:b0:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjaQHmUmX4ptZqSYNwPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMyMjE1ZTBjOWVkNzA1NDNhMDJlMzBlNmYyYjdkMzkzMzQ0NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj55ngA240rSKlD1T6i2KBknupSRx
fKDbkbocBV6CePIcPD+oc6sNbwolzBe63sVKN3QcDrYaz/djv1JBKGx1l/aljTEL
nPFJgXLdF9vCFrzZN2IbYVB6mYJ6qwbZ5VaZqCc0JNlBD+WhKsU+W3K6CdU24ci9
QYfftpgc+RraxpKXS/ezgvSV0DA21BEQBdHWjFvUxKeSmFlycdyiBmQe+3BXjyFx
byxuv0QKqG4tGCfJjFaZMyFfaBA4FPoxpiP2baZmBgHDxwdkkSQMouqfc1BgW8Ol
Z0jYa2JFB7NeTiANE6eE2eN42I//nBW0mxkbql4lGHfYNK91Z1EozX3VkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ8yIV4MntcFQ6AuMObyt9OTNEUBMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbnpJaFhneWUxd1ZEb0M0dzV2SzMwNU0wUlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBy
MA0GCSqGSIb3DQEBCwUAA4IBAQBSlbCuOcqmx9Is/oMDfwZu59UKa/jpZgl6cp8l
8ZUh09yvcof6T+iOJHKN9i5wPx4+yYSH49GsLHdnGYKGrdmTNbDINZrHHeikECyq
Vwv6jObaZGqAFpZ3r9N5vaoi8Ruz0BJ4UEvcep+qiUef7t3Kjc735Nb6p4IsMWMQ
AISGT4gBkbtx10EfU1Jc1Xr5MP8Cz7u5PV+mZl7137P6Kj6H0YI6cg4uZVhxKfoU
1uQmdWgQ8voB62/n/JA8H/MGEArrAQlg9L7u0ecJkLVDAyskOB6XCPrDD8Izgc6z
xjpl0T8/bn8y7Iiqf7rz7udDHxo6Gv4AqxApUx1MK8HozbAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org