Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zLkkeGvMhfJhLqK-qkQE37WgsRI.roa
File: zLkkeGvMhfJhLqK-qkQE37WgsRI.roa (raw, json)
Hash identifier: EEQqUd35+Iz97YhI6RsmPkaUh0J7vGR80IFnBuaQR8s=
Subject key identifier: CC:B9:24:78:6B:CC:85:F2:61:2E:A2:BE:AA:44:04:DF:B5:A0:B1:12
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09E68B8CCEB5EEB44B64008D849F8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zLkkeGvMhfJhLqK-qkQE37WgsRI.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209542
IP address blocks: 2a0f:b241:f5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9e:68:b8:cc:eb:5e:eb:44:b6:40:08:d8:49:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccb924786bcc85f2612ea2beaa4404dfb5a0b112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:43:06:91:ed:a0:dc:74:31:c8:d0:25:33:26:
c1:b9:73:a7:f3:2b:32:95:76:a5:ca:8e:25:3b:38:
cc:d0:5c:da:c4:9b:fb:eb:0f:e9:dc:50:b5:f9:f3:
ef:b2:a6:02:62:66:cb:5b:aa:aa:05:a3:54:59:dd:
26:9b:c6:da:a0:ed:ec:f1:cb:49:ac:12:41:85:d0:
75:e2:d6:4d:a9:cc:76:f4:e1:e3:07:e2:04:f9:4f:
60:32:43:b7:17:38:10:a0:8b:ce:2f:3c:e6:10:4f:
c9:1f:57:0c:7e:c9:fb:09:ae:32:18:5e:7e:51:54:
ae:75:d2:f5:54:3f:e3:4d:1c:b0:6a:c0:b5:db:98:
78:04:a4:a1:95:91:10:1d:79:2f:0c:66:ca:d7:e3:
8f:d1:0e:bb:25:50:63:b2:dd:1e:04:1a:4f:49:4b:
b0:b9:ef:30:23:fc:d8:92:d7:fd:39:dc:ea:d4:bf:
5c:f9:06:4a:cc:f9:24:f9:3f:9a:69:8f:a9:fa:9a:
46:fa:a5:0e:7a:4a:ef:53:d8:02:32:7c:60:f2:00:
f5:74:54:6a:15:d6:ec:63:e2:6d:bb:de:34:98:fa:
a3:73:ef:b5:8a:b9:59:8e:a1:23:df:ee:42:c7:62:
41:36:33:27:14:e6:a9:3f:ee:0a:a6:6d:3f:df:52:
50:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B9:24:78:6B:CC:85:F2:61:2E:A2:BE:AA:44:04:DF:B5:A0:B1:12
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zLkkeGvMhfJhLqK-qkQE37WgsRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f5::/48
Signature Algorithm: sha256WithRSAEncryption
1c:dd:62:83:c9:5a:63:f4:9b:70:fb:61:6a:ee:d2:70:5c:e4:
5a:97:14:c2:92:22:51:d6:cc:21:cd:45:ab:4e:dd:ad:db:97:
ca:58:01:4e:ad:6f:26:07:47:ba:88:f1:42:c1:63:37:ab:f6:
7c:e3:e6:5d:dd:1b:2e:2d:7c:8c:3a:86:c1:9a:42:3a:11:d8:
bd:bc:11:ff:3c:eb:c8:2f:76:f2:bb:78:f0:71:a1:e1:70:87:
f5:3c:cb:a7:94:75:30:af:22:be:91:46:1d:36:1d:e5:39:d6:
9d:10:3e:30:0e:e0:93:86:2c:ac:f4:96:29:36:b2:20:d8:a2:
de:d2:47:10:ed:4f:82:92:72:e9:4e:35:47:b0:59:0f:b7:a6:
ea:ab:3a:9a:08:a7:89:bb:85:4b:29:55:dc:ae:55:dc:49:86:
5e:c9:5d:50:29:24:e5:a7:a4:cc:bc:53:bc:78:93:94:4b:c6:
bd:00:2a:32:0d:a2:16:8f:a3:12:91:aa:01:f2:d8:d4:c3:67:
56:87:6e:19:69:bb:52:df:f4:5d:33:fe:e0:52:ac:12:c2:c3:
ea:90:fa:27:4f:2c:f6:d8:95:b0:53:26:9c:98:73:17:0d:16:
d4:2a:3a:3b:81:6d:6d:6d:c5:ca:73:f5:f8:15:93:9e:eb:82:
37:0c:c8:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J5ouMzrXutEtkAI2En4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2I5MjQ3ODZiY2M4NWYyNjEyZWEyYmVhYTQ0MDRkZmI1YTBiMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EMGke2g3HQxyNAlMybBuXOn8ysy
lXalyo4lOzjM0FzaxJv76w/p3FC1+fPvsqYCYmbLW6qqBaNUWd0mm8baoO3s8ctJ
rBJBhdB14tZNqcx29OHjB+IE+U9gMkO3FzgQoIvOLzzmEE/JH1cMfsn7Ca4yGF5+
UVSuddL1VD/jTRywasC125h4BKShlZEQHXkvDGbK1+OP0Q67JVBjst0eBBpPSUuw
ue8wI/zYktf9Odzq1L9c+QZKzPkk+T+aaY+p+ppG+qUOekrvU9gCMnxg8gD1dFRq
FdbsY+Jtu940mPqjc++1irlZjqEj3+5Cx2JBNjMnFOapP+4Kpm0/31JQ0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMy5JHhrzIXyYS6ivqpEBN+1oLESMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvekxra2VHdk1oZkpoTHFLLXFrUUUzN1dnc1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD1
MA0GCSqGSIb3DQEBCwUAA4IBAQAc3WKDyVpj9Jtw+2Fq7tJwXORalxTCkiJR1swh
zUWrTt2t25fKWAFOrW8mB0e6iPFCwWM3q/Z84+Zd3RsuLXyMOobBmkI6Edi9vBH/
POvIL3byu3jwcaHhcIf1PMunlHUwryK+kUYdNh3lOdadED4wDuCThiys9JYpNrIg
2KLe0kcQ7U+CknLpTjVHsFkPt6bqqzqaCKeJu4VLKVXcrlXcSYZeyV1QKSTlp6TM
vFO8eJOUS8a9ACoyDaIWj6MSkaoB8tjUw2dWh24ZabtS3/RdM/7gUqwSwsPqkPon
Tyz22JWwUyacmHMXDRbUKjo7gW1tbcXKc/X4FZOe64I3DMh4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org