Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ZJsMBFvIkMTTAyqdGawfP5ZkAIA.roa
File: ZJsMBFvIkMTTAyqdGawfP5ZkAIA.roa (raw, json)
Hash identifier: 4IU/FKkh0ezO2CnQTgckci3TA551qAfE9uvt4mv4Juc=
Subject key identifier: 64:9B:0C:04:5B:C8:90:C4:D3:03:2A:9D:19:AC:1F:3F:96:64:00:80
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018CC5014861D6A36B62D7329EEB7E692D62
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ZJsMBFvIkMTTAyqdGawfP5ZkAIA.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51659
IP address blocks: 2a12:cc01::/32 maxlen: 32
2a12:cc03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 May 2024 10:40:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:48:61:d6:a3:6b:62:d7:32:9e:eb:7e:69:2d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=649b0c045bc890c4d3032a9d19ac1f3f96640080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:d4:a9:71:af:67:ff:53:0b:49:d0:b4:20:
43:e0:fb:3d:1f:21:b6:ff:cf:de:31:8d:b2:7e:06:
2f:c0:2b:67:ba:da:c4:6e:7a:72:d2:92:26:41:a0:
e0:44:15:fb:e9:da:4b:1b:ef:b4:73:37:d1:4c:02:
52:e2:c5:52:99:ad:9d:85:38:f2:c3:b5:e6:21:9b:
55:2a:b3:87:69:0c:e4:26:3c:05:ad:ce:bb:c9:e3:
ff:fd:2e:72:a3:3c:79:a7:c6:ac:d2:5c:b9:8e:00:
94:6c:2f:5c:19:11:8b:90:51:c6:d1:ab:9d:82:69:
ba:1e:e6:3d:2f:01:d0:2f:25:ce:b8:6f:16:f0:88:
ac:5c:12:86:b3:55:d4:80:cf:eb:2a:0e:82:d0:77:
92:59:d0:70:c8:53:f1:e8:7e:a0:19:dc:7d:c9:1d:
12:3f:e5:a6:a4:cf:8e:e1:d3:ab:67:da:b1:21:fe:
3f:34:a8:fe:f1:05:63:ab:37:ea:8f:fd:35:50:b0:
46:1d:f0:1b:28:2b:21:22:df:ab:0f:05:98:9a:9b:
c2:7c:16:72:7f:a7:28:8e:b7:6f:78:18:c7:39:f9:
4f:a4:1c:5b:42:b1:fe:0a:08:84:1a:f8:1b:83:cc:
d5:04:35:fe:83:39:4f:91:c2:72:f5:a7:4a:f8:2e:
7a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9B:0C:04:5B:C8:90:C4:D3:03:2A:9D:19:AC:1F:3F:96:64:00:80
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ZJsMBFvIkMTTAyqdGawfP5ZkAIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:cc01::/32
2a12:cc03::/32
Signature Algorithm: sha256WithRSAEncryption
24:42:97:b6:7a:b5:46:68:ad:5e:b3:5a:88:51:8f:14:3a:5c:
85:00:c3:63:16:53:cc:7c:e7:e7:d2:57:c4:09:62:71:8b:5e:
5a:21:80:32:52:3b:3d:3c:cf:e0:d6:c3:70:6f:a7:80:2f:c3:
d8:2a:e3:17:d5:9f:42:2b:86:14:19:de:a1:c4:1b:2b:d1:f6:
9a:2d:79:20:82:ba:4c:58:40:48:41:71:81:4b:65:29:f8:62:
f6:e2:33:93:bd:10:ab:70:a4:ef:db:07:b9:ec:8f:2e:7c:32:
1a:4a:ca:ef:42:de:6e:8f:8f:1c:a0:3d:b9:be:58:5d:e3:8b:
9d:dd:cb:f7:39:4a:11:4a:fc:dd:24:fc:75:f9:10:38:47:38:
0f:05:d9:0c:73:fa:f8:dc:c0:d5:d3:52:11:54:0d:d7:a6:ed:
49:40:ec:18:80:fa:0c:f0:81:4c:a4:1d:bf:72:91:92:ba:8a:
06:c2:04:10:5c:7c:84:76:4f:bd:25:0b:73:41:23:86:3f:f6:
a6:cd:fc:7a:10:bb:16:36:01:0f:c1:0f:10:a8:ed:28:fa:33:
e8:cc:55:2d:3c:06:71:fc:2d:f0:c3:34:f6:d1:0e:4a:71:76:
0e:b9:46:e1:51:ac:98:a4:45:24:1a:59:28:7b:36:24:82:91:
cb:8d:53:27
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFAUhh1qNrYtcynut+aS1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDliMGMwNDViYzg5MGM0ZDMwMzJhOWQxOWFjMWYzZjk2NjQwMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAbUqXGvZ/9TC0nQtCBD4Ps9HyG2
/8/eMY2yfgYvwCtnutrEbnpy0pImQaDgRBX76dpLG++0czfRTAJS4sVSma2dhTjy
w7XmIZtVKrOHaQzkJjwFrc67yeP//S5yozx5p8as0ly5jgCUbC9cGRGLkFHG0aud
gmm6HuY9LwHQLyXOuG8W8IisXBKGs1XUgM/rKg6C0HeSWdBwyFPx6H6gGdx9yR0S
P+WmpM+O4dOrZ9qxIf4/NKj+8QVjqzfqj/01ULBGHfAbKCshIt+rDwWYmpvCfBZy
f6cojrdveBjHOflPpBxbQrH+CgiEGvgbg8zVBDX+gzlPkcJy9adK+C56RwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGSbDARbyJDE0wMqnRmsHz+WZACAMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvWkpzTUJGdklrTVRUQXlxZEdhd2ZQNVprQUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhLMAQMF
ACoSzAMwDQYJKoZIhvcNAQELBQADggEBACRCl7Z6tUZorV6zWohRjxQ6XIUAw2MW
U8x85+fSV8QJYnGLXlohgDJSOz08z+DWw3Bvp4Avw9gq4xfVn0IrhhQZ3qHEGyvR
9poteSCCukxYQEhBcYFLZSn4YvbiM5O9EKtwpO/bB7nsjy58MhpKyu9C3m6Pjxyg
Pbm+WF3ji53dy/c5ShFK/N0k/HX5EDhHOA8F2Qxz+vjcwNXTUhFUDdem7UlA7BiA
+gzwgUykHb9ykZK6igbCBBBcfIR2T70lC3NBI4Y/9qbN/HoQuxY2AQ/BDxCo7Sj6
M+jMVS08BnH8LfDDNPbRDkpxdg65RuFRrJikRSQaWSh7NiSCkcuNUyc=
-----END CERTIFICATE-----
Generated at Wed May 8 14:04:58 2024 by rpki-client on console-ams.rpki-client.org