Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sds3y6nr7BToF6I12aLfItiwO1c.roa
File: sds3y6nr7BToF6I12aLfItiwO1c.roa (raw, json)
Hash identifier: XQDYXXNRoahzoivjdsKP1pzsjv/hpyrflxEHsJD1LTc=
Subject key identifier: B1:DB:37:CB:A9:EB:EC:14:E8:17:A2:35:D9:A2:DF:22:D8:B0:3B:57
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C2EA3A340D23E5032C55906D1E06
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sds3y6nr7BToF6I12aLfItiwO1c.roa
Signing time: Tue 06 Feb 2024 18:02:17 +0000
ROA not before: Tue 06 Feb 2024 18:02:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212354
IP address blocks: 2a0f:b241:49::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c2:ea:3a:34:0d:23:e5:03:2c:55:90:6d:1e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1db37cba9ebec14e817a235d9a2df22d8b03b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d9:dd:36:ec:2b:70:b3:14:86:2b:29:4d:cf:
0c:d8:6e:52:16:36:ef:73:77:50:51:b1:1d:22:fc:
3f:70:c3:b8:88:03:6d:69:03:96:61:a0:26:ad:44:
fe:b8:96:1e:a5:ab:68:8d:e8:78:9b:08:53:63:ee:
98:03:df:b6:5b:cd:30:1b:fc:16:e1:a0:cc:fa:29:
a0:72:d3:3e:11:30:3f:78:c7:19:1b:c4:03:ef:36:
7f:e2:6f:6e:c9:9b:40:fa:67:dd:e5:73:53:82:4e:
72:00:4f:c1:97:b0:e7:60:73:00:e4:39:6a:e1:56:
b5:80:6e:24:26:b3:cb:cf:60:ca:f6:91:de:65:52:
b5:ed:15:b0:7a:c2:cc:f6:0e:32:f3:15:87:9b:52:
7c:66:fd:d4:36:2e:dd:0f:85:6f:39:aa:8f:22:14:
1f:63:c0:65:3c:a9:fc:d1:f4:56:f5:da:ad:09:2f:
e3:c9:11:61:0e:30:ce:a7:60:7b:c8:4d:eb:f6:69:
02:85:3c:19:d3:7e:ec:0b:f8:e5:fa:55:38:d2:5f:
c7:17:35:e9:51:27:92:50:6c:4e:c5:30:90:5d:e9:
2c:ac:bd:b1:70:4e:cd:11:ed:b4:97:15:f8:97:c4:
81:a2:c0:04:65:94:4a:c5:bb:71:21:88:21:a1:fd:
2c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DB:37:CB:A9:EB:EC:14:E8:17:A2:35:D9:A2:DF:22:D8:B0:3B:57
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sds3y6nr7BToF6I12aLfItiwO1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:49::/48
Signature Algorithm: sha256WithRSAEncryption
34:9e:33:a0:17:43:64:4a:79:70:d7:38:46:ef:e0:91:88:16:
30:65:47:3e:cd:7d:8a:e0:38:af:18:f4:45:aa:6a:5b:32:09:
2e:80:14:a4:8d:35:2c:5e:f4:1e:b7:08:03:3d:a3:9e:fd:8a:
63:d1:16:4b:70:f1:c7:8f:ab:76:73:c2:5f:92:0f:b2:8b:a6:
c8:6f:11:ee:7a:f9:7d:f7:fc:11:8b:49:0b:d7:95:05:0a:91:
53:85:ae:3c:44:c4:aa:d2:e5:bd:51:b6:a8:b9:f8:c4:db:a6:
9b:df:08:77:b1:a1:fe:43:7c:87:09:4e:e2:d9:11:3c:8a:c9:
a1:ec:41:d1:80:48:11:0d:fb:c5:6d:09:42:ca:72:96:17:89:
91:26:36:3a:24:82:6e:bb:91:d7:1b:25:8b:93:9e:32:6e:92:
e8:0d:7d:07:c7:32:72:59:56:1b:d8:9a:0d:4f:6d:73:65:cf:
91:ad:4c:a5:c0:36:25:8f:0f:b0:8a:d6:1c:b5:8b:84:81:55:
e3:92:86:68:17:6c:72:5a:d3:c4:71:31:35:e5:67:c9:72:dc:
cd:f9:89:e8:45:58:66:e0:b1:3e:40:6a:27:3b:5c:93:46:a7:
7b:35:ba:7f:11:8e:63:95:eb:07:7e:0d:a0:4c:95:39:21:9b:
09:94:81:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcLqOjQNI+UDLFWQbR4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRiMzdjYmE5ZWJlYzE0ZTgxN2EyMzVkOWEyZGYyMmQ4YjAzYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdndNuwrcLMUhispTc8M2G5SFjbv
c3dQUbEdIvw/cMO4iANtaQOWYaAmrUT+uJYepatojeh4mwhTY+6YA9+2W80wG/wW
4aDM+imgctM+ETA/eMcZG8QD7zZ/4m9uyZtA+mfd5XNTgk5yAE/Bl7DnYHMA5Dlq
4Va1gG4kJrPLz2DK9pHeZVK17RWwesLM9g4y8xWHm1J8Zv3UNi7dD4VvOaqPIhQf
Y8BlPKn80fRW9dqtCS/jyRFhDjDOp2B7yE3r9mkChTwZ037sC/jl+lU40l/HFzXp
USeSUGxOxTCQXeksrL2xcE7NEe20lxX4l8SBosAEZZRKxbtxIYghof0sIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLHbN8up6+wU6BeiNdmi3yLYsDtXMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc2RzM3k2bnI3QlRvRjZJMTJhTGZJdGl3TzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBJ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0njOgF0NkSnlw1zhG7+CRiBYwZUc+zX2K4Div
GPRFqmpbMgkugBSkjTUsXvQetwgDPaOe/Ypj0RZLcPHHj6t2c8Jfkg+yi6bIbxHu
evl99/wRi0kL15UFCpFTha48RMSq0uW9UbaoufjE26ab3wh3saH+Q3yHCU7i2RE8
ismh7EHRgEgRDfvFbQlCynKWF4mRJjY6JIJuu5HXGyWLk54ybpLoDX0HxzJyWVYb
2JoNT21zZc+RrUylwDYljw+witYctYuEgVXjkoZoF2xyWtPEcTE15WfJctzN+Yno
RVhm4LE+QGonO1yTRqd7Nbp/EY5jlesHfg2gTJU5IZsJlIH0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org