Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/4883d4-8479-4447-af67-1e6ca2f0d155/1/2D9ABzI6oRHa-VZaL8CwXMmVhyg.roa
File: 2D9ABzI6oRHa-VZaL8CwXMmVhyg.roa (raw, json)
Hash identifier: t2HXFZaZCFubeQhUmPTLd5D0k3WZv+If3Jn0obxz73s=
Subject key identifier: D8:3F:40:07:32:3A:A1:11:DA:F9:56:5A:2F:C0:B0:5C:C9:95:87:28
Certificate issuer: /CN=cc9fa0b30d5455ad67fb07e099f0fa95f8b6c19e
Certificate serial: 01856F5DA032605FE236E63AF33D69D342F8
Authority key identifier: CC:9F:A0:B3:0D:54:55:AD:67:FB:07:E0:99:F0:FA:95:F8:B6:C1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJ-gsw1UVa1n-wfgmfD6lfi2wZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/4883d4-8479-4447-af67-1e6ca2f0d155/1/2D9ABzI6oRHa-VZaL8CwXMmVhyg.roa
Signing time: Sun 01 Jan 2023 22:04:44 +0000
ROA not before: Sun 01 Jan 2023 22:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206253
IP address blocks: 2001:678:968::/48 maxlen: 48
2001:678:968::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:a0:32:60:5f:e2:36:e6:3a:f3:3d:69:d3:42:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc9fa0b30d5455ad67fb07e099f0fa95f8b6c19e
Validity
Not Before: Jan 1 22:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d83f4007323aa111daf9565a2fc0b05cc9958728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dc:43:3e:24:dd:19:c8:bd:c6:2b:15:a5:6f:
82:bf:99:65:4a:73:2a:4a:62:d2:81:99:f4:f5:dc:
1c:a6:da:1a:97:c2:7b:63:56:f9:d7:1f:b1:af:78:
58:cd:05:c1:ef:2b:5e:75:60:42:df:58:a8:d3:20:
d6:34:c4:c1:a9:d7:bf:9f:1f:74:c6:c1:a3:bb:45:
a9:45:55:23:81:fe:82:f2:3d:99:b4:6d:c8:de:c2:
28:7d:3f:ce:36:b2:fd:b5:9a:fd:0f:dd:04:39:06:
3c:42:76:1f:45:62:54:c8:74:5b:0a:d2:35:c0:a3:
a4:3e:47:42:56:14:03:7d:b1:96:d5:c7:b4:27:ac:
6c:8e:b4:40:8d:a5:51:fa:23:76:fe:6a:98:34:69:
35:bb:e7:f6:02:de:10:e5:95:36:ce:c1:e6:38:24:
02:55:2d:ff:bb:36:e0:13:1d:43:f6:29:25:75:8e:
54:ea:d5:15:a5:dd:44:79:61:e5:1b:8c:be:f4:dd:
39:bd:ad:e8:9e:04:a4:db:75:4c:87:21:29:e2:30:
4f:11:78:9e:1d:9d:d8:58:ad:ef:6a:8f:c8:c4:4a:
57:46:b8:5b:9f:28:6e:5d:61:04:49:79:76:c7:e1:
43:7c:b5:06:1d:73:a9:8c:5d:8c:b6:3a:f8:30:7c:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3F:40:07:32:3A:A1:11:DA:F9:56:5A:2F:C0:B0:5C:C9:95:87:28
X509v3 Authority Key Identifier:
keyid:CC:9F:A0:B3:0D:54:55:AD:67:FB:07:E0:99:F0:FA:95:F8:B6:C1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJ-gsw1UVa1n-wfgmfD6lfi2wZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/4883d4-8479-4447-af67-1e6ca2f0d155/1/2D9ABzI6oRHa-VZaL8CwXMmVhyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/4883d4-8479-4447-af67-1e6ca2f0d155/1/zJ-gsw1UVa1n-wfgmfD6lfi2wZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:968::/48
Signature Algorithm: sha256WithRSAEncryption
5d:09:e8:60:6e:6f:f3:ce:66:7c:dd:ea:d2:b1:4e:ec:b4:a3:
6f:86:d4:2b:42:11:6f:fd:ea:4a:08:dc:d3:4e:38:27:4c:46:
bc:39:75:b8:9b:59:aa:4b:86:c5:75:83:20:0a:a6:d6:e6:bf:
e8:27:8c:25:f8:62:09:e4:05:6a:69:30:e6:76:ed:3c:d6:d4:
4c:0e:2e:ae:cd:d6:93:80:c3:9f:65:01:bc:21:10:c0:4d:69:
c9:72:fe:33:c4:f8:36:21:29:15:7b:da:b1:c5:09:00:24:88:
d4:63:de:d1:97:35:ba:7a:27:44:fe:d4:ac:9d:1b:14:88:88:
47:7e:2e:91:c3:4f:f6:c6:d8:80:8f:a5:eb:ad:74:51:91:a5:
ea:cb:42:39:a7:f8:4c:d3:de:60:1d:df:62:18:41:bc:b0:ff:
84:5a:fd:a5:79:ad:ab:bc:99:6e:35:15:46:3d:75:86:7b:2a:
a3:b3:1c:bd:0e:1b:24:7f:ee:61:40:95:94:96:47:3d:25:53:
4e:6e:69:ef:97:9c:1c:32:e6:20:b0:cc:20:82:c3:a9:5d:42:
21:13:4c:e7:07:60:14:0d:df:ea:1c:aa:8e:79:a8:4c:f1:4b:
bb:b5:21:eb:59:01:99:c9:e8:b8:d1:68:9c:95:bf:16:6b:93:
89:22:c7:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXaAyYF/iNuY68z1p00L4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOWZhMGIzMGQ1NDU1YWQ2N2ZiMDdlMDk5ZjBmYTk1Zjhi
NmMxOWUwHhcNMjMwMTAxMjIwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNmNDAwNzMyM2FhMTExZGFmOTU2NWEyZmMwYjA1Y2M5OTU4NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtxDPiTdGci9xisVpW+Cv5llSnMq
SmLSgZn09dwcptoal8J7Y1b51x+xr3hYzQXB7ytedWBC31io0yDWNMTBqde/nx90
xsGju0WpRVUjgf6C8j2ZtG3I3sIofT/ONrL9tZr9D90EOQY8QnYfRWJUyHRbCtI1
wKOkPkdCVhQDfbGW1ce0J6xsjrRAjaVR+iN2/mqYNGk1u+f2At4Q5ZU2zsHmOCQC
VS3/uzbgEx1D9ikldY5U6tUVpd1EeWHlG4y+9N05va3ongSk23VMhyEp4jBPEXie
HZ3YWK3vao/IxEpXRrhbnyhuXWEESXl2x+FDfLUGHXOpjF2Mtjr4MHzPcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNg/QAcyOqER2vlWWi/AsFzJlYcoMB8GA1UdIwQY
MBaAFMyfoLMNVFWtZ/sH4Jnw+pX4tsGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekotZ3N3MVVWYTFuLXdmZ21mRDZsZmkyd1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC80ODgzZDQtODQ3OS00NDQ3LWFmNjct
MWU2Y2EyZjBkMTU1LzEvMkQ5QUJ6STZvUkhhLVZaYUw4Q3dYTW1WaHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC80ODgzZDQtODQ3OS00NDQ3LWFmNjctMWU2Y2EyZjBkMTU1
LzEvekotZ3N3MVVWYTFuLXdmZ21mRDZsZmkyd1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAlo
MA0GCSqGSIb3DQEBCwUAA4IBAQBdCehgbm/zzmZ83erSsU7stKNvhtQrQhFv/epK
CNzTTjgnTEa8OXW4m1mqS4bFdYMgCqbW5r/oJ4wl+GIJ5AVqaTDmdu081tRMDi6u
zdaTgMOfZQG8IRDATWnJcv4zxPg2ISkVe9qxxQkAJIjUY97RlzW6eidE/tSsnRsU
iIhHfi6Rw0/2xtiAj6XrrXRRkaXqy0I5p/hM095gHd9iGEG8sP+EWv2lea2rvJlu
NRVGPXWGeyqjsxy9Dhskf+5hQJWUlkc9JVNObmnvl5wcMuYgsMwggsOpXUIhE0zn
B2AUDd/qHKqOeahM8Uu7tSHrWQGZyei40Wiclb8Wa5OJIseC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:24 2024 by rpki-client on console-fra.rpki-client.org