Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qJqT8EkF-BMWBfL_gxdfcxQdQjI.roa
File: qJqT8EkF-BMWBfL_gxdfcxQdQjI.roa (raw, json)
Hash identifier: 04svTt3DmwO7IQ1NCfnR8s0R8mFFhwQgrKhbClIe5fU=
Subject key identifier: A8:9A:93:F0:49:05:F8:13:16:05:F2:FF:83:17:5F:73:14:1D:42:32
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAACDFC043CCF4674BFDD00FA3E4475
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qJqT8EkF-BMWBfL_gxdfcxQdQjI.roa
Signing time: Tue 06 Feb 2024 18:25:16 +0000
ROA not before: Tue 06 Feb 2024 18:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201392
IP address blocks: 2a0f:b241:dd::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:cd:fc:04:3c:cf:46:74:bf:dd:00:fa:3e:44:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a89a93f04905f8131605f2ff83175f73141d4232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:6e:19:1b:eb:fe:32:81:06:37:1b:a1:42:
49:c1:ee:e6:eb:99:56:28:71:5b:5a:49:b8:fb:06:
f6:91:9b:b2:2a:4b:84:d1:07:76:ad:53:3f:46:88:
e5:b4:90:c7:b2:e7:4b:7c:5d:3a:9c:73:ff:13:48:
0d:d1:23:67:55:6c:b4:c4:00:4e:f0:75:ab:de:35:
a3:aa:54:01:fc:6a:d6:2e:a2:a4:d8:63:f0:42:4e:
f4:29:ad:89:82:83:ab:ce:1f:e6:1d:ff:fd:8c:82:
88:d7:f6:d7:5f:fd:64:f9:36:61:91:73:ab:87:fa:
57:8d:bd:7b:05:fa:b7:6a:16:4a:a0:96:ce:c4:34:
54:be:94:91:43:57:34:23:8f:66:2d:aa:af:c6:d6:
0b:85:ec:c1:23:18:e5:47:cd:85:d8:f7:e8:82:be:
d6:6e:c8:7f:df:ab:83:c7:5d:05:16:f5:4d:aa:d9:
f1:06:ec:4f:1e:8d:28:a0:92:10:89:ba:7e:1b:57:
20:e5:18:92:7e:29:f8:7b:7b:5b:dc:38:d6:6c:76:
78:24:0c:44:24:95:64:ad:fc:2e:b3:c2:8e:9a:50:
12:85:f8:fa:9c:ca:91:c5:fe:a6:48:31:10:a0:88:
eb:a6:b4:74:d9:88:69:ac:55:b1:d7:bb:18:6e:99:
8c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9A:93:F0:49:05:F8:13:16:05:F2:FF:83:17:5F:73:14:1D:42:32
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/qJqT8EkF-BMWBfL_gxdfcxQdQjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:dd::/48
Signature Algorithm: sha256WithRSAEncryption
25:85:18:d3:9f:76:25:34:e2:42:42:42:5f:b6:23:52:83:ee:
bd:9f:be:09:7b:04:fc:7f:77:a5:d0:21:3f:55:c5:01:7e:6e:
13:3c:ba:07:68:11:4c:1b:8e:79:bd:b9:91:67:3c:89:13:d3:
6c:68:20:7b:51:dd:04:0d:e4:af:f7:93:ba:2b:cd:ce:f6:19:
f3:37:e9:23:15:70:7e:d4:f5:28:ac:2a:16:51:50:0d:88:65:
70:4b:1f:91:41:dd:b2:16:5a:4b:b3:77:4f:d1:71:f2:7c:e3:
94:13:93:80:1a:8f:82:af:d7:65:2b:78:f9:98:30:5b:b2:81:
e9:2a:44:bd:53:3b:2a:5b:d4:73:e4:bb:7d:a9:b3:55:36:78:
ea:ee:6f:f7:5b:c4:40:81:70:79:cb:c7:66:0c:d6:0f:cf:61:
cf:5c:e5:e8:ff:b7:f5:a9:cb:e2:4a:74:7b:6f:87:48:b6:b8:
b3:80:77:f0:ef:96:29:2f:58:ce:14:6f:ef:2e:00:7a:a5:b9:
03:f7:97:8e:0c:bb:60:a4:b5:a2:f8:2a:e4:d0:0f:13:22:4c:
45:1b:03:e8:b0:fe:e1:95:fc:47:52:c7:c1:b9:4e:ee:b6:f4:
e3:ad:c3:01:b2:eb:0f:8c:c5:7c:a9:93:cf:97:68:67:9b:90:
ec:8a:bb:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qs38BDzPRnS/3QD6PkR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODlhOTNmMDQ5MDVmODEzMTYwNWYyZmY4MzE3NWY3MzE0MWQ0MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ExuGRvr/jKBBjcboUJJwe7m65lW
KHFbWkm4+wb2kZuyKkuE0Qd2rVM/RojltJDHsudLfF06nHP/E0gN0SNnVWy0xABO
8HWr3jWjqlQB/GrWLqKk2GPwQk70Ka2JgoOrzh/mHf/9jIKI1/bXX/1k+TZhkXOr
h/pXjb17Bfq3ahZKoJbOxDRUvpSRQ1c0I49mLaqvxtYLhezBIxjlR82F2Pfogr7W
bsh/36uDx10FFvVNqtnxBuxPHo0ooJIQibp+G1cg5RiSfin4e3tb3DjWbHZ4JAxE
JJVkrfwus8KOmlAShfj6nMqRxf6mSDEQoIjrprR02YhprFWx17sYbpmM5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKiak/BJBfgTFgXy/4MXX3MUHUIyMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcUpxVDhFa0YtQk1XQmZMX2d4ZGZjeFFkUWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDd
MA0GCSqGSIb3DQEBCwUAA4IBAQAlhRjTn3YlNOJCQkJftiNSg+69n74JewT8f3el
0CE/VcUBfm4TPLoHaBFMG455vbmRZzyJE9NsaCB7Ud0EDeSv95O6K83O9hnzN+kj
FXB+1PUorCoWUVANiGVwSx+RQd2yFlpLs3dP0XHyfOOUE5OAGo+Cr9dlK3j5mDBb
soHpKkS9UzsqW9Rz5Lt9qbNVNnjq7m/3W8RAgXB5y8dmDNYPz2HPXOXo/7f1qcvi
SnR7b4dItrizgHfw75YpL1jOFG/vLgB6pbkD95eODLtgpLWi+Crk0A8TIkxFGwPo
sP7hlfxHUsfBuU7utvTjrcMBsusPjMV8qZPPl2hnm5DsirsE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org