Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/boIKJjqaGKszicG4oF_qABad9-w.roa
File: boIKJjqaGKszicG4oF_qABad9-w.roa (raw, json)
Hash identifier: oyMGwFCm659ZEXfgMQ4YTHycoUjKPbU1zm4D4aRqJb8=
Subject key identifier: 6E:82:0A:26:3A:9A:18:AB:33:89:C1:B8:A0:5F:EA:00:16:9D:F7:EC
Certificate issuer: /CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Certificate serial: 018CC6B91E68D5F8DB19D2233F463B16AD0D
Authority key identifier: DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/boIKJjqaGKszicG4oF_qABad9-w.roa
Signing time: Mon 01 Jan 2024 20:31:09 +0000
ROA not before: Mon 01 Jan 2024 20:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:2b00:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1e:68:d5:f8:db:19:d2:23:3f:46:3b:16:ad:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Validity
Not Before: Jan 1 20:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e820a263a9a18ab3389c1b8a05fea00169df7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b2:84:c7:b1:1d:5a:5a:f1:6a:34:69:0d:2f:
c4:65:13:76:cc:31:a0:da:b3:64:78:fa:98:54:85:
1b:c8:84:f3:f4:59:c5:8f:09:43:e6:1a:5f:85:f9:
02:a4:b7:c2:00:3b:0b:08:c5:12:9f:bb:a9:f6:48:
e2:06:90:da:03:34:fd:0c:c0:41:b1:ce:55:95:19:
af:42:75:dc:01:50:73:c1:8e:24:a9:bc:bf:a9:ef:
49:e9:a1:e1:d6:8f:44:09:0c:0a:82:52:e9:02:75:
e5:e1:9b:54:a3:8d:eb:bb:a3:23:7d:c7:78:89:78:
26:3a:02:20:77:66:fe:a3:e8:fd:23:8e:0a:93:f1:
a7:f1:b6:37:9d:cd:0c:80:2f:7f:58:51:b4:a5:c3:
47:ce:0f:87:85:ef:a8:cc:dc:58:57:c5:4b:91:88:
2f:4d:0c:ae:92:67:8b:24:66:53:11:26:bb:8f:7e:
6d:ca:55:45:b9:c2:16:04:1b:86:4b:ed:23:b3:15:
7b:0d:f2:fa:f4:4a:af:28:22:d3:16:9a:85:6c:89:
6d:a9:45:d3:6a:ff:a5:ba:85:c2:c1:4c:d8:e8:00:
df:58:50:a0:d1:82:dc:ae:e8:8d:6b:ea:04:8b:d0:
5c:6f:26:e1:af:d8:2f:17:04:ac:ad:b2:6b:95:97:
6a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:82:0A:26:3A:9A:18:AB:33:89:C1:B8:A0:5F:EA:00:16:9D:F7:EC
X509v3 Authority Key Identifier:
keyid:DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/boIKJjqaGKszicG4oF_qABad9-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2b00:20::/48
Signature Algorithm: sha256WithRSAEncryption
12:4a:16:fe:bd:54:ff:8c:9b:ec:21:df:e4:0e:b1:70:8f:de:
44:ef:89:4b:ef:72:7d:15:3a:5b:b3:13:cf:37:df:38:b7:52:
d3:9e:30:58:d9:1b:9a:97:bd:5b:68:2f:6a:ef:71:5e:b1:c3:
6d:14:c7:4c:fa:ea:f3:73:c8:43:3d:20:2e:fc:96:5c:9f:e7:
89:10:96:c9:f0:3d:c5:b7:c3:7f:bf:88:12:9b:26:d4:d2:0e:
68:a0:43:65:d1:c5:ea:80:ae:c6:2c:21:c2:2b:6f:fb:48:68:
6f:5d:f9:a2:c1:f9:0c:2b:19:31:10:f3:68:b0:59:10:74:18:
1e:4c:90:65:f3:d8:80:fb:a8:ed:a1:d1:00:c5:66:c5:45:ba:
5c:e5:1c:b2:2e:9e:40:ea:c8:4a:d2:ab:57:6b:c2:4d:ba:7e:
e8:62:f6:bb:7d:3c:e3:28:a6:ec:1a:c0:72:ef:df:2c:33:42:
54:29:d3:83:11:aa:b0:55:9d:29:05:43:a1:cd:d8:a5:37:df:
19:41:6e:9e:f4:64:07:18:1b:db:67:56:e0:c8:34:ab:bb:d7:
0c:f3:f5:4e:9a:d7:74:ac:59:41:84:68:d6:be:48:cc:43:1b:
95:f0:2a:f2:60:bf:0c:d6:a5:c8:7b:f2:b6:c1:c9:fa:45:cc:
e1:a1:67:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuR5o1fjbGdIjP0Y7Fq0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhmZjJmM2EwYmZjNDFlYWRjMThhZjllNTJhY2QxMDA1
MjQxNDkwHhcNMjQwMTAxMjAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTgyMGEyNjNhOWExOGFiMzM4OWMxYjhhMDVmZWEwMDE2OWRmN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbKEx7EdWlrxajRpDS/EZRN2zDGg
2rNkePqYVIUbyITz9FnFjwlD5hpfhfkCpLfCADsLCMUSn7up9kjiBpDaAzT9DMBB
sc5VlRmvQnXcAVBzwY4kqby/qe9J6aHh1o9ECQwKglLpAnXl4ZtUo43ru6Mjfcd4
iXgmOgIgd2b+o+j9I44Kk/Gn8bY3nc0MgC9/WFG0pcNHzg+Hhe+ozNxYV8VLkYgv
TQyukmeLJGZTESa7j35tylVFucIWBBuGS+0jsxV7DfL69EqvKCLTFpqFbIltqUXT
av+luoXCwUzY6ADfWFCg0YLcruiNa+oEi9Bcbybhr9gvFwSsrbJrlZdq3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG6CCiY6mhirM4nBuKBf6gAWnffsMB8GA1UdIwQY
MBaAFN+4/y86C/xB6twYr55SrNEAUkFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQt
YTNkZjNiNjljZTVhLzEvYm9JS0pqcWFHS3N6aWNHNG9GX3FBQmFkOS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQtYTNkZjNiNjljZTVh
LzEvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgorAAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQASShb+vVT/jJvsId/kDrFwj95E74lL73J9FTpb
sxPPN984t1LTnjBY2Rual71baC9q73FescNtFMdM+urzc8hDPSAu/JZcn+eJEJbJ
8D3Ft8N/v4gSmybU0g5ooENl0cXqgK7GLCHCK2/7SGhvXfmiwfkMKxkxEPNosFkQ
dBgeTJBl89iA+6jtodEAxWbFRbpc5RyyLp5A6shK0qtXa8JNun7oYva7fTzjKKbs
GsBy798sM0JUKdODEaqwVZ0pBUOhzdilN98ZQW6e9GQHGBvbZ1bgyDSru9cM8/VO
mtd0rFlBhGjWvkjMQxuV8CryYL8M1qXIe/K2wcn6RczhoWe8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:12 2025 by rpki-client