Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/o0ZlHFE4rEZBOWJ6Ozt_5lnHcUo.roa
File: o0ZlHFE4rEZBOWJ6Ozt_5lnHcUo.roa (raw, json)
Hash identifier: QWMQWpiSag95czblqi0IPtDy4Sz8AMzqHync+wpcN20=
Subject key identifier: A3:46:65:1C:51:38:AC:46:41:39:62:7A:3B:3B:7F:E6:59:C7:71:4A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F089AB87842A2B9B2E0966A67D7AD8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/o0ZlHFE4rEZBOWJ6Ozt_5lnHcUo.roa
Signing time: Wed 07 Feb 2024 05:00:41 +0000
ROA not before: Wed 07 Feb 2024 05:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202199
IP address blocks: 2a0f:b241:e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:89:ab:87:84:2a:2b:9b:2e:09:66:a6:7d:7a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a346651c5138ac464139627a3b3b7fe659c7714a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:35:b1:ad:02:35:44:97:21:78:99:46:3d:
b5:1c:85:aa:b9:2a:e1:f0:4a:7f:1d:6e:a5:22:9e:
1f:bc:ea:7f:19:cb:86:98:c7:42:42:ac:c1:68:77:
33:a8:85:1e:88:a5:0c:1f:6a:92:88:d9:c7:b5:68:
d9:24:96:14:f7:25:05:f3:e8:44:36:d2:bd:67:44:
8f:33:fb:a5:7c:7f:f2:43:51:39:29:31:25:51:af:
4a:3c:73:1b:eb:9e:0a:3a:a9:c7:1e:53:c2:51:80:
ea:d1:1c:72:f2:08:8b:2e:5b:82:93:9b:21:07:b7:
37:23:7f:08:67:0f:81:b8:9f:b6:f6:86:60:ec:09:
a0:fe:97:73:7f:c7:ed:5f:86:9f:bd:12:9c:da:d3:
85:fe:5a:67:b9:85:5c:7b:81:2b:16:7b:fe:93:b8:
0c:a4:f0:aa:06:3f:86:b1:e7:b4:f1:9a:4b:6b:f9:
d5:dd:27:27:d1:1e:6c:e7:d8:cc:b2:a2:00:10:82:
ad:da:6b:07:54:89:de:a3:6d:f8:c8:0b:4a:bd:5b:
8a:f4:60:29:01:31:bc:61:9d:23:4b:02:c3:18:d2:
26:3d:a2:ee:72:be:b2:3c:5d:50:2d:3c:c5:77:1b:
ad:b5:4d:6e:5b:14:a1:10:d3:82:5c:ef:64:cf:b4:
b2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:46:65:1C:51:38:AC:46:41:39:62:7A:3B:3B:7F:E6:59:C7:71:4A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/o0ZlHFE4rEZBOWJ6Ozt_5lnHcUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:26:68:c5:66:39:0e:08:d8:88:50:7b:04:bb:6f:e7:48:d5:
4b:53:0b:a1:60:86:70:a0:f0:11:8f:7c:34:55:4c:4c:a5:4b:
e0:bc:d1:29:56:6d:12:b6:46:db:cf:41:fc:a7:5f:83:22:cc:
7a:9f:cf:18:6b:2d:cd:77:26:0b:88:9d:7c:69:9b:f3:5a:75:
55:23:20:62:d4:de:43:92:c2:ef:99:80:ba:28:c0:9c:46:62:
0f:22:d6:48:93:54:e6:4d:43:8c:2b:fe:9d:35:1e:40:7a:bc:
96:1f:1f:70:bc:ea:87:40:a1:b8:ac:46:17:ae:fe:00:9b:d8:
8f:1c:01:d4:0d:9a:1e:0d:9b:3c:0b:19:b8:9a:45:7f:3a:78:
35:19:f7:f8:81:82:be:bd:d6:bc:2c:9c:57:aa:39:fd:c8:04:
77:10:0f:ed:32:7f:af:3c:22:45:bc:87:9c:5a:a5:80:0e:e2:
ad:78:e6:26:86:fe:30:92:ff:05:d6:82:5d:d0:1a:f2:90:21:
7e:96:53:d1:d8:45:bd:e1:aa:c7:00:ff:8f:74:cc:17:1d:40:
be:c5:e6:7a:9e:e7:10:b0:65:ac:0d:2f:74:ff:d4:04:8f:95:
bb:ab:38:93:a8:13:e1:8f:54:f1:27:08:5a:48:2a:bc:b6:62:
23:f3:25:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Imrh4QqK5suCWamfXrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ2NjUxYzUxMzhhYzQ2NDEzOTYyN2EzYjNiN2ZlNjU5Yzc3MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8o1sa0CNUSXIXiZRj21HIWquSrh
8Ep/HW6lIp4fvOp/GcuGmMdCQqzBaHczqIUeiKUMH2qSiNnHtWjZJJYU9yUF8+hE
NtK9Z0SPM/ulfH/yQ1E5KTElUa9KPHMb654KOqnHHlPCUYDq0Rxy8giLLluCk5sh
B7c3I38IZw+BuJ+29oZg7Amg/pdzf8ftX4afvRKc2tOF/lpnuYVce4ErFnv+k7gM
pPCqBj+Gsee08ZpLa/nV3Scn0R5s59jMsqIAEIKt2msHVIneo234yAtKvVuK9GAp
ATG8YZ0jSwLDGNImPaLucr6yPF1QLTzFdxuttU1uWxShENOCXO9kz7SyZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKNGZRxROKxGQTliejs7f+ZZx3FKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbzBabEhGRTRyRVpCT1dKNk96dF81bG5IY1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8JmjFZjkOCNiIUHsEu2/nSNVLUwuhYIZwoPAR
j3w0VUxMpUvgvNEpVm0Stkbbz0H8p1+DIsx6n88Yay3NdyYLiJ18aZvzWnVVIyBi
1N5DksLvmYC6KMCcRmIPItZIk1TmTUOMK/6dNR5AeryWHx9wvOqHQKG4rEYXrv4A
m9iPHAHUDZoeDZs8Cxm4mkV/Ong1Gff4gYK+vda8LJxXqjn9yAR3EA/tMn+vPCJF
vIecWqWADuKteOYmhv4wkv8F1oJd0BrykCF+llPR2EW94arHAP+PdMwXHUC+xeZ6
nucQsGWsDS90/9QEj5W7qziTqBPhj1TxJwhaSCq8tmIj8yXJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org