Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAg6xKGCb6lKi1x58YjdWjHGRHY.roa
File: sAg6xKGCb6lKi1x58YjdWjHGRHY.roa (raw, json)
Hash identifier: rZLqONfp0PFsyuJCWGAcGkLc81+MfxDYJWHpmYFj080=
Subject key identifier: B0:08:3A:C4:A1:82:6F:A9:4A:8B:5C:79:F1:88:DD:5A:31:C6:44:76
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07D3883AC591CBA838427FEADFBB0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAg6xKGCb6lKi1x58YjdWjHGRHY.roa
Signing time: Wed 07 Feb 2024 05:00:37 +0000
ROA not before: Wed 07 Feb 2024 05:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199832
IP address blocks: 2a0f:b241:8e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7d:38:83:ac:59:1c:ba:83:84:27:fe:ad:fb:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0083ac4a1826fa94a8b5c79f188dd5a31c64476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0a:85:ce:b5:1e:d1:58:d9:bc:1e:1d:13:80:
52:1e:5a:4b:cb:d0:44:b3:1d:fb:c0:02:39:bd:e9:
ea:60:93:39:88:b7:30:7a:0a:32:27:be:a4:d6:51:
08:ff:6c:c1:14:d4:74:a4:1a:38:49:74:c9:eb:c1:
12:74:0a:bf:06:d7:d3:ff:74:8e:4b:44:0a:d1:3e:
dd:a5:1f:89:e3:e4:bd:13:20:d7:ee:1c:97:46:4f:
9a:f4:3a:1f:33:99:d2:59:52:bf:2a:c3:4a:a6:c2:
1c:cb:46:64:65:cb:5a:dc:95:06:ac:3a:77:08:39:
1d:fc:e4:04:bb:de:99:f4:4f:e9:24:4f:55:bf:fb:
9e:9f:47:b2:5d:d4:1a:f0:0a:06:e4:33:3a:80:50:
41:ba:69:13:e7:83:e8:3f:af:91:98:e2:d8:c3:f8:
fd:89:dc:f3:fb:b7:54:e6:cb:96:e1:de:6f:98:e2:
b7:9b:0d:e9:fc:89:c5:04:e5:7d:c4:19:da:bb:f6:
d0:df:fc:cd:29:32:52:3a:3d:aa:6a:82:48:76:2a:
52:74:ab:a5:53:3e:bf:12:e9:86:52:0c:a2:8a:0c:
41:1e:73:90:04:21:54:a4:2f:37:64:a2:87:89:08:
21:15:90:59:18:9e:34:0a:f9:fc:5e:9f:15:f0:aa:
ff:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:08:3A:C4:A1:82:6F:A9:4A:8B:5C:79:F1:88:DD:5A:31:C6:44:76
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAg6xKGCb6lKi1x58YjdWjHGRHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8e::/48
Signature Algorithm: sha256WithRSAEncryption
53:9e:bb:82:93:27:b2:99:24:2d:92:df:92:76:1e:0a:51:da:
bb:9e:94:b8:0a:b1:fe:75:e4:12:cb:37:24:bf:60:ac:a2:a2:
6b:c5:66:fe:5d:5f:7c:ba:c9:d4:4c:c7:74:d7:99:9c:67:14:
f3:88:92:9c:78:c4:53:21:8f:1e:81:8b:bb:50:a6:40:97:34:
cb:4f:7a:a5:5d:ed:f8:f6:2f:b5:f6:d9:11:92:66:8d:39:07:
8b:bf:2e:dc:30:82:9a:eb:22:09:ef:34:8d:f4:4f:d6:6a:79:
ab:26:ad:92:11:c2:a2:7d:ae:67:e3:3f:fa:15:3e:a1:1f:8f:
fa:68:da:89:be:53:99:99:ef:24:ea:50:a8:87:73:a5:f2:7c:
9d:25:2e:e3:8f:e5:ae:9e:4a:14:44:b6:66:17:f6:69:51:20:
e1:8a:a4:2c:41:3d:5c:35:97:1b:8b:6d:0b:ab:a9:c9:23:dc:
59:40:f6:4b:91:8a:1d:c7:af:6e:26:2c:0a:e2:ce:88:37:b9:
c6:fa:39:ee:9e:81:af:ff:6e:f2:bd:54:33:0f:56:ed:c3:df:
38:b5:6c:b4:eb:dc:45:a6:1d:d1:da:82:77:fe:fe:d5:12:85:
3e:ad:2c:05:95:7e:69:bd:89:27:5e:c8:81:8d:03:f5:53:79:
e4:db:1e:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8H04g6xZHLqDhCf+rfuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA4M2FjNGExODI2ZmE5NGE4YjVjNzlmMTg4ZGQ1YTMxYzY0NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwqFzrUe0VjZvB4dE4BSHlpLy9BE
sx37wAI5venqYJM5iLcwegoyJ76k1lEI/2zBFNR0pBo4SXTJ68ESdAq/BtfT/3SO
S0QK0T7dpR+J4+S9EyDX7hyXRk+a9DofM5nSWVK/KsNKpsIcy0ZkZcta3JUGrDp3
CDkd/OQEu96Z9E/pJE9Vv/uen0eyXdQa8AoG5DM6gFBBumkT54PoP6+RmOLYw/j9
idzz+7dU5suW4d5vmOK3mw3p/InFBOV9xBnau/bQ3/zNKTJSOj2qaoJIdipSdKul
Uz6/EumGUgyiigxBHnOQBCFUpC83ZKKHiQghFZBZGJ40Cvn8Xp8V8Kr/xwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLAIOsShgm+pSotcefGI3VoxxkR2MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc0FnNnhLR0NiNmxLaTF4NThZamRXakhHUkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCO
MA0GCSqGSIb3DQEBCwUAA4IBAQBTnruCkyeymSQtkt+Sdh4KUdq7npS4CrH+deQS
yzckv2CsoqJrxWb+XV98usnUTMd015mcZxTziJKceMRTIY8egYu7UKZAlzTLT3ql
Xe349i+19tkRkmaNOQeLvy7cMIKa6yIJ7zSN9E/WanmrJq2SEcKifa5n4z/6FT6h
H4/6aNqJvlOZme8k6lCoh3Ol8nydJS7jj+WunkoURLZmF/ZpUSDhiqQsQT1cNZcb
i20Lq6nJI9xZQPZLkYodx69uJiwK4s6IN7nG+jnunoGv/27yvVQzD1btw984tWy0
69xFph3R2oJ3/v7VEoU+rSwFlX5pvYknXsiBjQP1U3nk2x5R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org