Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pGx-inzjUC-Iy2dx5NW74QdlSAk.roa
File: pGx-inzjUC-Iy2dx5NW74QdlSAk.roa (raw, json)
Hash identifier: qZfEOS812PgdC4PFpz3hcQYxFMMcC38NHr0aoaFUbnM=
Subject key identifier: A4:6C:7E:8A:7C:E3:50:2F:88:CB:67:71:E4:D5:BB:E1:07:65:48:09
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0944D1469EF54B18D95F726FFC2C2
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pGx-inzjUC-Iy2dx5NW74QdlSAk.roa
Signing time: Wed 07 Feb 2024 05:00:43 +0000
ROA not before: Wed 07 Feb 2024 05:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206016
IP address blocks: 2a0f:b241:ef::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:94:4d:14:69:ef:54:b1:8d:95:f7:26:ff:c2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a46c7e8a7ce3502f88cb6771e4d5bbe107654809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:11:71:36:35:22:f3:64:6e:20:16:a8:a6:7c:
12:60:c2:9c:79:60:d8:20:e8:2f:42:ac:0f:9f:d4:
d7:a3:5e:9b:4d:93:2f:cd:74:b7:d5:a1:75:d3:df:
75:af:66:63:a0:11:eb:6a:b3:f9:c8:72:10:81:05:
b0:45:7a:5b:a6:9b:ea:98:e0:c1:32:68:78:39:d9:
eb:92:8e:38:e5:ae:5f:05:b3:48:29:f5:fc:f8:2a:
1b:c9:85:6d:fb:5a:e5:35:eb:31:f5:38:5b:d2:cb:
74:79:31:ff:1e:74:3c:65:eb:e9:af:c5:fb:79:c1:
09:4d:60:d9:37:5a:1c:7e:6f:3e:e8:05:44:d4:e0:
e0:8f:75:d1:cc:32:f8:a7:80:d3:cb:c5:da:36:79:
76:d9:83:74:e1:7f:1f:00:7c:21:16:3f:95:07:ed:
97:df:26:21:50:c6:1a:23:f2:57:2d:51:6c:46:56:
c0:3c:e9:cd:f8:06:ed:e4:11:3e:8c:38:64:01:2d:
e5:a1:90:83:a5:ab:6f:6f:bb:75:06:64:6b:e9:47:
64:90:84:94:fe:e7:19:13:53:5b:5c:4a:eb:7b:5a:
5b:64:a0:25:d8:03:93:93:66:d4:c0:dc:f7:04:bf:
b4:93:6e:d1:8e:fd:54:34:1c:4f:7d:a9:d3:4d:b4:
c8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:7E:8A:7C:E3:50:2F:88:CB:67:71:E4:D5:BB:E1:07:65:48:09
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pGx-inzjUC-Iy2dx5NW74QdlSAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:ef::/48
Signature Algorithm: sha256WithRSAEncryption
8e:43:58:28:9e:f7:89:7f:55:62:1e:36:e6:b0:37:46:ae:bd:
9e:02:cf:f8:36:e4:b4:d5:d1:87:5b:ed:f7:e6:1e:69:d0:dc:
da:48:ea:13:6a:8b:40:ef:ba:67:cc:86:02:b6:ed:dc:42:bf:
6f:65:24:4b:92:f1:d1:e3:08:a6:1a:1e:42:34:45:e0:b7:39:
33:d2:e3:9a:d9:c3:b7:6c:f4:ff:34:dc:af:e7:0c:b0:25:b5:
ba:0c:14:c8:48:51:41:2f:4a:c0:b0:22:1b:de:6f:0b:38:53:
2d:53:7f:7d:d5:80:9a:19:2e:ec:23:d5:79:32:d0:85:5f:2b:
5c:ed:47:50:b2:36:4b:0d:21:8d:a5:80:4f:94:63:a2:75:9a:
d5:9c:c5:8a:63:5f:7d:3b:22:03:10:db:b0:20:eb:4b:d8:f4:
97:75:b5:b0:a1:90:9a:36:5b:5b:20:e7:9c:17:77:fc:5a:a4:
93:30:32:a5:51:14:40:40:8d:ef:a0:99:08:f8:a3:59:21:00:
8f:b4:ab:70:91:ca:6a:0f:d8:22:b1:da:2c:6b:c3:c4:9b:16:
29:9d:1f:ce:cb:66:1c:dd:33:20:07:e6:03:68:de:83:92:6d:
3d:ae:03:ed:5e:b7:19:12:51:c1:cf:ea:e2:a2:7d:e8:b3:8c:
15:e3:70:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JRNFGnvVLGNlfcm/8LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZjN2U4YTdjZTM1MDJmODhjYjY3NzFlNGQ1YmJlMTA3NjU0ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBFxNjUi82RuIBaopnwSYMKceWDY
IOgvQqwPn9TXo16bTZMvzXS31aF10991r2ZjoBHrarP5yHIQgQWwRXpbppvqmODB
Mmh4Odnrko445a5fBbNIKfX8+CobyYVt+1rlNesx9Thb0st0eTH/HnQ8Zevpr8X7
ecEJTWDZN1ocfm8+6AVE1ODgj3XRzDL4p4DTy8XaNnl22YN04X8fAHwhFj+VB+2X
3yYhUMYaI/JXLVFsRlbAPOnN+Abt5BE+jDhkAS3loZCDpatvb7t1BmRr6UdkkISU
/ucZE1NbXErre1pbZKAl2AOTk2bUwNz3BL+0k27Rjv1UNBxPfanTTbTIlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKRsfop841AviMtnceTVu+EHZUgJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcEd4LWluempVQy1JeTJkeDVOVzc0UWRsU0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDv
MA0GCSqGSIb3DQEBCwUAA4IBAQCOQ1gonveJf1ViHjbmsDdGrr2eAs/4NuS01dGH
W+335h5p0NzaSOoTaotA77pnzIYCtu3cQr9vZSRLkvHR4wimGh5CNEXgtzkz0uOa
2cO3bPT/NNyv5wywJbW6DBTISFFBL0rAsCIb3m8LOFMtU3991YCaGS7sI9V5MtCF
Xytc7UdQsjZLDSGNpYBPlGOidZrVnMWKY199OyIDENuwIOtL2PSXdbWwoZCaNltb
IOecF3f8WqSTMDKlURRAQI3voJkI+KNZIQCPtKtwkcpqD9gisdosa8PEmxYpnR/O
y2Yc3TMgB+YDaN6Dkm09rgPtXrcZElHBz+rion3os4wV43AZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org