Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qAVxMiSU4mdjLNzc8_D9gqc9h9I.roa
File: qAVxMiSU4mdjLNzc8_D9gqc9h9I.roa (raw, json)
Hash identifier: mqsYpc2+UJdkolMvtdeU+a/449bI2Jyahxv63GIPsiw=
Subject key identifier: A8:05:71:32:24:94:E2:67:63:2C:DC:DC:F3:F0:FD:82:A7:3D:87:D2
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA8111FF001E0688DF4BB3CC7E567B6
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qAVxMiSU4mdjLNzc8_D9gqc9h9I.roa
Signing time: Tue 06 Feb 2024 18:22:17 +0000
ROA not before: Tue 06 Feb 2024 18:22:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200080
IP address blocks: 2a0f:b241:92::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:11:1f:f0:01:e0:68:8d:f4:bb:3c:c7:e5:67:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:22:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a80571322494e267632cdcdcf3f0fd82a73d87d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:75:b8:bd:a0:c0:de:34:1d:c7:77:fb:f2:02:
2f:b1:fa:e3:32:27:70:fe:9a:64:51:c4:2d:c6:4b:
51:c5:b5:1e:e7:29:f6:8e:f8:e5:7e:39:7c:bf:fc:
bc:92:ce:25:a3:35:f9:af:08:b7:15:1d:43:19:e8:
35:d1:50:3f:eb:65:c2:3e:ce:35:29:05:ed:35:84:
28:66:0f:cf:a6:b1:b8:a3:52:6a:7e:4d:22:3e:55:
79:22:71:98:e3:b3:b1:13:ef:50:f2:e7:e0:c9:e7:
e9:00:c4:4a:fc:e3:87:4d:10:9c:6f:54:ed:c9:b4:
c0:8d:2e:15:9c:5f:ad:11:5a:e8:b4:56:e4:30:80:
31:ab:a6:a7:09:d1:44:3a:7f:21:97:f5:75:71:1e:
6f:72:38:89:34:2d:98:80:7e:8b:13:a7:bc:a7:a2:
9b:db:64:dd:03:87:c5:40:3a:f4:75:c7:75:c3:7a:
c8:d4:34:60:bd:58:52:4f:a8:18:7b:72:af:e7:92:
be:09:36:d8:6f:ea:95:69:68:a3:01:dd:36:72:73:
10:02:8d:83:26:80:ec:e7:8e:70:97:31:f8:88:e6:
ee:51:4c:64:15:56:83:fa:0b:c2:43:01:16:b9:b9:
c3:40:af:0d:dd:9d:9b:61:1f:a9:70:01:ab:29:7d:
19:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:05:71:32:24:94:E2:67:63:2C:DC:DC:F3:F0:FD:82:A7:3D:87:D2
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qAVxMiSU4mdjLNzc8_D9gqc9h9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:92::/48
Signature Algorithm: sha256WithRSAEncryption
33:13:23:87:42:a8:93:1b:07:08:67:27:c2:4c:06:c2:a4:55:
71:c9:5b:b2:fd:b2:d6:5c:7d:29:5f:22:8d:f8:ac:17:87:45:
b3:5b:4e:bf:36:30:64:e2:6f:77:98:62:04:a0:34:fc:40:ac:
ee:0b:61:52:01:dd:48:76:d3:14:54:48:14:a0:53:3c:b8:d9:
4d:7e:56:7e:7a:e1:e2:e2:18:24:4f:01:0a:43:b1:30:cc:c9:
4a:55:df:de:f7:7a:b4:4c:7b:55:54:8d:7b:56:ed:08:ae:9c:
6e:33:a3:19:ea:90:42:94:d7:d7:c3:9a:ce:0b:3d:43:e2:84:
4f:64:cb:2a:00:d5:b0:f1:9e:0e:d0:44:d9:3b:cc:57:41:16:
2f:4f:79:b1:8f:19:b4:b9:1a:7d:66:d7:ca:56:f2:b1:f6:a1:
89:37:3b:e3:30:f3:04:9d:2c:99:38:8c:ed:bd:08:e4:c3:fd:
6e:12:8a:98:d2:ac:27:e3:0c:86:42:db:a6:b7:f0:d5:07:e0:
08:60:62:01:a5:72:73:4d:ba:0f:71:1f:29:48:65:85:dc:a7:
15:09:b6:27:10:99:4a:d3:3f:ff:51:b0:a7:30:cc:2d:2d:6b:
32:d4:32:20:b4:44:11:d8:8b:9e:21:f4:10:62:67:ac:b1:0a:
9d:53:55:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qBEf8AHgaI30uzzH5We2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA1NzEzMjI0OTRlMjY3NjMyY2RjZGNmM2YwZmQ4MmE3M2Q4N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXW4vaDA3jQdx3f78gIvsfrjMidw
/ppkUcQtxktRxbUe5yn2jvjlfjl8v/y8ks4lozX5rwi3FR1DGeg10VA/62XCPs41
KQXtNYQoZg/PprG4o1Jqfk0iPlV5InGY47OxE+9Q8ufgyefpAMRK/OOHTRCcb1Tt
ybTAjS4VnF+tEVrotFbkMIAxq6anCdFEOn8hl/V1cR5vcjiJNC2YgH6LE6e8p6Kb
22TdA4fFQDr0dcd1w3rI1DRgvVhST6gYe3Kv55K+CTbYb+qVaWijAd02cnMQAo2D
JoDs545wlzH4iObuUUxkFVaD+gvCQwEWubnDQK8N3Z2bYR+pcAGrKX0ZuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKgFcTIklOJnYyzc3PPw/YKnPYfSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcUFWeE1pU1U0bWRqTE56YzhfRDlncWM5aDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCS
MA0GCSqGSIb3DQEBCwUAA4IBAQAzEyOHQqiTGwcIZyfCTAbCpFVxyVuy/bLWXH0p
XyKN+KwXh0WzW06/NjBk4m93mGIEoDT8QKzuC2FSAd1IdtMUVEgUoFM8uNlNflZ+
euHi4hgkTwEKQ7EwzMlKVd/e93q0THtVVI17Vu0IrpxuM6MZ6pBClNfXw5rOCz1D
4oRPZMsqANWw8Z4O0ETZO8xXQRYvT3mxjxm0uRp9ZtfKVvKx9qGJNzvjMPMEnSyZ
OIztvQjkw/1uEoqY0qwn4wyGQtumt/DVB+AIYGIBpXJzTboPcR8pSGWF3KcVCbYn
EJlK0z//UbCnMMwtLWsy1DIgtEQR2IueIfQQYmessQqdU1Ve
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org