Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zfGA3sXPw_iZSTrFRKHBQrdInb0.roa
File: zfGA3sXPw_iZSTrFRKHBQrdInb0.roa (raw, json)
Hash identifier: QOzNqajDMKVd1VAodW84I/K74SkuRNXtH5rtQexd0/s=
Subject key identifier: CD:F1:80:DE:C5:CF:C3:F8:99:49:3A:C5:44:A1:C1:42:B7:48:9D:BD
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246C9452CA414A4FF2BBDA92FEEF77C
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zfGA3sXPw_iZSTrFRKHBQrdInb0.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142036
IP address blocks: 2a0c:9a40:82e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c9:45:2c:a4:14:a4:ff:2b:bd:a9:2f:ee:f7:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdf180dec5cfc3f899493ac544a1c142b7489dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:b3:ae:6f:5a:67:44:6d:2c:95:27:39:85:
cd:09:ab:4c:11:14:b9:23:1d:f7:b1:de:2e:16:da:
d3:34:44:bc:93:7b:3d:34:0f:88:fd:9e:bf:34:c5:
54:0f:7f:2c:f6:5c:bd:97:c3:ab:0e:36:02:3f:47:
f7:ac:0a:8e:b7:04:1e:ab:9f:94:9c:35:fb:be:be:
8c:bf:bd:ff:94:47:b3:ef:d3:b2:e8:64:57:0b:09:
85:27:76:65:1f:f5:5b:a7:28:9d:4b:dd:6e:37:92:
de:26:a3:27:f3:61:5b:93:df:a1:7b:f8:7b:15:26:
9b:da:dd:55:1b:26:30:6a:29:a4:b4:f9:af:43:2b:
0e:7b:76:8d:c9:ab:a4:e7:1a:ee:54:be:97:c3:0d:
cc:dc:26:20:cc:c1:2d:ae:3d:0a:9a:bc:36:48:63:
02:fd:16:6b:8c:48:7c:4e:29:8f:64:7c:0e:a3:f4:
6a:3c:6f:3c:0e:45:d3:c8:4b:fb:7f:32:81:1e:f5:
66:c3:29:b0:68:0b:62:c4:47:6d:e1:3e:5b:00:f1:
09:89:61:2c:a7:dd:15:6e:62:23:96:de:49:cc:89:
d4:a1:8b:92:e4:33:99:27:60:a7:65:cc:4a:16:36:
da:fe:75:c1:da:58:69:55:78:83:f7:c0:80:6d:c4:
b0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:80:DE:C5:CF:C3:F8:99:49:3A:C5:44:A1:C1:42:B7:48:9D:BD
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zfGA3sXPw_iZSTrFRKHBQrdInb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:82e0::/44
Signature Algorithm: sha256WithRSAEncryption
76:b8:43:23:f3:10:b5:0f:21:bd:7d:c8:b2:65:2b:22:80:71:
05:b9:2f:a8:b6:63:b9:b5:43:18:5c:cc:7e:fb:8c:3b:d9:51:
d4:db:bd:24:26:a5:3c:2f:67:05:9d:d6:c1:7b:5b:71:77:38:
d2:95:9b:a0:ce:36:fd:41:ef:29:84:49:81:8f:c4:85:67:b5:
7e:5c:64:bd:8b:3c:5a:1d:60:41:f8:68:e2:4f:79:d0:1a:98:
d7:7e:b8:75:37:84:99:c0:d7:19:ff:96:03:3a:ae:69:97:0d:
d3:5b:6d:84:24:a3:92:54:62:8a:32:ec:6b:dc:49:73:2d:bd:
af:88:3d:db:7f:cc:84:ac:1d:4a:a0:d4:b2:aa:b2:82:83:cc:
24:37:f0:fb:3e:8a:3f:6a:6b:03:3e:39:ed:e3:3d:f9:fd:c2:
b3:00:b6:12:70:34:03:5c:e3:b3:94:de:1d:76:fa:59:40:4c:
37:24:12:35:30:29:ce:f1:5e:21:22:22:f7:ad:5c:41:56:d9:
3f:a3:a7:27:45:6b:4f:2e:ab:0c:6a:f7:6e:d1:3a:ae:47:eb:
89:99:df:b2:e2:7e:18:0b:d0:30:64:c2:5a:8e:76:0b:26:15:
aa:17:cc:b0:fa:5b:8f:a0:f4:cd:03:73:d9:d8:40:fc:d6:df:
57:f0:14:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRslFLKQUpP8rvakv7vd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxODBkZWM1Y2ZjM2Y4OTk0OTNhYzU0NGExYzE0MmI3NDg5ZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPyzrm9aZ0RtLJUnOYXNCatMERS5
Ix33sd4uFtrTNES8k3s9NA+I/Z6/NMVUD38s9ly9l8OrDjYCP0f3rAqOtwQeq5+U
nDX7vr6Mv73/lEez79Oy6GRXCwmFJ3ZlH/VbpyidS91uN5LeJqMn82Fbk9+he/h7
FSab2t1VGyYwaimktPmvQysOe3aNyauk5xruVL6Xww3M3CYgzMEtrj0Kmrw2SGMC
/RZrjEh8TimPZHwOo/RqPG88DkXTyEv7fzKBHvVmwymwaAtixEdt4T5bAPEJiWEs
p90VbmIjlt5JzInUoYuS5DOZJ2CnZcxKFjba/nXB2lhpVXiD98CAbcSwBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM3xgN7Fz8P4mUk6xUShwUK3SJ29MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvemZHQTNzWFB3X2laU1RyRlJLSEJRcmRJbmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQILg
MA0GCSqGSIb3DQEBCwUAA4IBAQB2uEMj8xC1DyG9fciyZSsigHEFuS+otmO5tUMY
XMx++4w72VHU270kJqU8L2cFndbBe1txdzjSlZugzjb9Qe8phEmBj8SFZ7V+XGS9
izxaHWBB+GjiT3nQGpjXfrh1N4SZwNcZ/5YDOq5plw3TW22EJKOSVGKKMuxr3Elz
Lb2viD3bf8yErB1KoNSyqrKCg8wkN/D7Poo/amsDPjnt4z35/cKzALYScDQDXOOz
lN4ddvpZQEw3JBI1MCnO8V4hIiL3rVxBVtk/o6cnRWtPLqsMavdu0TquR+uJmd+y
4n4YC9AwZMJajnYLJhWqF8yw+luPoPTNA3PZ2ED81t9X8BRh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org