Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/d9FGEWtO8XWVhqPRr0bep4UHlKA.roa
File: d9FGEWtO8XWVhqPRr0bep4UHlKA.roa (raw, json)
Hash identifier: pp1qYu3Hrky7p+NapL/YrKAzHJxhkjbm73ImdJu87UE=
Subject key identifier: 77:D1:46:11:6B:4E:F1:75:95:86:A3:D1:AF:46:DE:A7:85:07:94:A0
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 01857094F74F01F42A66AEE12FEEC4D1698F
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/d9FGEWtO8XWVhqPRr0bep4UHlKA.roa
Signing time: Mon 02 Jan 2023 03:44:48 +0000
ROA not before: Mon 02 Jan 2023 03:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53755
IP address blocks: 2a0d:da07::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f7:4f:01:f4:2a:66:ae:e1:2f:ee:c4:d1:69:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Jan 2 03:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77d146116b4ef1759586a3d1af46dea7850794a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:70:c8:a7:01:f2:23:04:b7:2a:a2:48:b5:5e:
8a:8d:19:15:f7:1d:82:ee:76:db:d1:08:92:ce:8a:
ca:27:3c:6e:d8:ba:ed:5e:84:01:3f:f6:fa:28:af:
d8:b6:6c:d7:57:d3:81:7b:02:5b:7a:bd:47:44:74:
b1:84:03:cd:1d:00:f1:56:74:9b:a2:65:49:5a:32:
4f:b1:25:b0:c8:84:2e:06:7e:72:98:01:07:d8:08:
13:52:10:b4:55:7f:25:fb:4f:eb:b6:11:11:95:58:
f3:b9:cb:e9:df:50:8c:ee:14:15:0a:98:bd:b5:f9:
85:7a:10:3d:3c:28:ba:1d:ec:e5:d5:d7:ec:c2:d1:
b8:86:0c:08:52:38:20:5f:6c:a8:1a:a4:d8:00:8b:
dd:db:f1:ff:45:53:a7:e8:b8:12:b6:e9:5a:6a:c1:
88:2b:10:f8:6c:7b:16:8b:2a:f1:4b:fe:7b:60:2d:
ae:db:4e:64:29:11:be:0b:c5:5f:5a:7c:8e:e1:ae:
07:b6:ed:33:8f:81:75:89:9a:3d:ac:1c:5d:84:50:
41:ad:fe:61:0e:dd:8d:46:f8:fd:64:ac:9e:c2:7d:
38:1d:45:c2:de:7c:c2:97:2c:03:c2:18:56:d4:af:
49:6c:95:35:f9:c2:ac:2e:fb:bb:dd:63:d5:09:a7:
86:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D1:46:11:6B:4E:F1:75:95:86:A3:D1:AF:46:DE:A7:85:07:94:A0
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/d9FGEWtO8XWVhqPRr0bep4UHlKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:da07::/32
Signature Algorithm: sha256WithRSAEncryption
60:3b:0f:3a:82:05:ea:92:d1:e7:f3:2f:22:f5:29:f5:3c:66:
94:57:0b:43:84:d6:7f:cd:bc:fe:27:84:f3:74:26:14:c6:e0:
8f:f0:77:47:4a:b9:92:10:a3:b7:07:1e:34:b2:40:b2:5c:29:
a9:0c:36:97:09:57:0f:f1:78:7c:f6:48:25:0c:96:9d:62:d9:
0f:53:5b:25:00:ea:9d:ca:22:00:50:0b:66:a3:11:6f:4f:32:
de:21:54:39:7c:0c:14:33:7d:2a:37:70:14:86:80:60:d6:13:
de:0a:b4:95:67:7b:be:56:d5:47:fc:79:a5:50:0f:ee:c7:76:
78:47:0f:59:49:ed:e5:64:4e:56:38:a5:52:ce:a6:0f:58:4d:
16:38:e2:d9:27:80:69:43:20:09:a3:d7:2b:4a:b5:a9:fd:2e:
f1:95:1c:22:31:63:85:73:24:69:fd:42:55:e9:01:26:76:94:
88:0c:e5:07:79:cc:35:58:c7:2c:de:68:8a:e9:94:dc:27:80:
31:b6:9a:10:b4:c8:46:97:32:9a:42:0c:12:a2:b3:e9:10:94:
20:ef:ec:c9:eb:bc:7d:59:57:1e:d1:aa:07:0a:7a:a3:26:4f:
15:e6:97:39:72:d5:37:09:b5:e3:a1:67:19:90:4e:63:a0:47:
88:93:44:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwlPdPAfQqZq7hL+7E0WmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx
NTkwNjAwHhcNMjMwMTAyMDM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QxNDYxMTZiNGVmMTc1OTU4NmEzZDFhZjQ2ZGVhNzg1MDc5NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHDIpwHyIwS3KqJItV6KjRkV9x2C
7nbb0QiSzorKJzxu2LrtXoQBP/b6KK/YtmzXV9OBewJber1HRHSxhAPNHQDxVnSb
omVJWjJPsSWwyIQuBn5ymAEH2AgTUhC0VX8l+0/rthERlVjzucvp31CM7hQVCpi9
tfmFehA9PCi6Hezl1dfswtG4hgwIUjggX2yoGqTYAIvd2/H/RVOn6LgStulaasGI
KxD4bHsWiyrxS/57YC2u205kKRG+C8VfWnyO4a4Htu0zj4F1iZo9rBxdhFBBrf5h
Dt2NRvj9ZKyewn04HUXC3nzClywDwhhW1K9JbJU1+cKsLvu73WPVCaeGxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHfRRhFrTvF1lYaj0a9G3qeFB5SgMB8GA1UdIwQY
MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt
YzFkMjk2ZjhmZDA3LzEvZDlGR0VXdE84WFdWaHFQUnIwYmVwNFVIbEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3
LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3aBzAN
BgkqhkiG9w0BAQsFAAOCAQEAYDsPOoIF6pLR5/MvIvUp9TxmlFcLQ4TWf828/ieE
83QmFMbgj/B3R0q5khCjtwceNLJAslwpqQw2lwlXD/F4fPZIJQyWnWLZD1NbJQDq
ncoiAFALZqMRb08y3iFUOXwMFDN9KjdwFIaAYNYT3gq0lWd7vlbVR/x5pVAP7sd2
eEcPWUnt5WROVjilUs6mD1hNFjji2SeAaUMgCaPXK0q1qf0u8ZUcIjFjhXMkaf1C
VekBJnaUiAzlB3nMNVjHLN5oiumU3CeAMbaaELTIRpcymkIMEqKz6RCUIO/syeu8
fVlXHtGqBwp6oyZPFeaXOXLVNwm146FnGZBOY6BHiJNEkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:22 2024 by rpki-client on console-fra.rpki-client.org