Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/ZpqXVDkhhjRmY9DfhFSvsRuQ6xE.roa
File: ZpqXVDkhhjRmY9DfhFSvsRuQ6xE.roa (raw, json)
Hash identifier: hjErYzuB+HAAhgTp4NuXvD0qnS7NFlAJfPKwUYRchuM=
Subject key identifier: 66:9A:97:54:39:21:86:34:66:63:D0:DF:84:54:AF:B1:1B:90:EB:11
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 018BF22DACD9903246A957B32759DA7E73C8
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/ZpqXVDkhhjRmY9DfhFSvsRuQ6xE.roa
Signing time: Tue 21 Nov 2023 13:59:21 +0000
ROA not before: Tue 21 Nov 2023 13:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202525
IP address blocks: 2a13:d047::/48 maxlen: 48
2a13:d046:fffc::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
2a13:d046:fffe::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040::/48 maxlen: 48
2001:67c:c00::/48 maxlen: 48
2a13:d046:fffd::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:2d:ac:d9:90:32:46:a9:57:b3:27:59:da:7e:73:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Nov 21 13:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=669a9754392186346663d0df8454afb11b90eb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5d:1a:87:95:c5:cf:c4:d5:2d:85:9c:f9:49:
81:3c:2e:4c:99:31:d9:83:a7:5a:57:8d:03:3d:c1:
b4:82:28:2e:25:79:6d:c6:21:48:80:16:a7:6b:f8:
3e:65:2d:de:8a:48:6c:44:cf:68:89:b8:16:22:0f:
e3:ac:c3:cc:7d:fd:8d:bb:4d:18:99:f1:7d:72:bd:
8f:22:32:28:cc:98:e5:24:ce:d2:e0:ee:90:53:ca:
53:01:f6:6f:39:73:94:29:3d:a6:54:ce:ad:c1:c0:
b1:0d:43:f4:ee:5c:10:3f:ad:11:c1:9a:2e:6f:d8:
90:eb:23:f5:93:ee:1f:ec:6e:7a:cb:7d:05:b7:aa:
62:c3:77:3f:85:85:47:72:3d:b1:f3:45:47:03:2a:
14:3c:65:a4:b6:9b:5e:b1:4f:19:ba:2d:4c:1b:6a:
b6:c7:b6:00:a0:71:9c:e5:82:66:7b:9f:e8:fa:2c:
30:7e:4c:f6:2e:b2:9d:5a:55:3d:ab:b0:99:fc:9f:
28:bf:9c:6e:10:bd:5e:31:94:b3:71:a4:56:3e:31:
d3:40:02:34:de:06:f3:53:d1:d3:39:c8:59:38:2d:
e9:6c:7c:f5:cb:f1:23:94:0b:11:f5:c1:e9:a2:52:
21:02:be:40:34:69:80:53:61:8e:f5:8e:53:02:8d:
ea:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:9A:97:54:39:21:86:34:66:63:D0:DF:84:54:AF:B1:1B:90:EB:11
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/ZpqXVDkhhjRmY9DfhFSvsRuQ6xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c00::/48
2a13:d040::/48
2a13:d040:2::/48
2a13:d046:fffc::-2a13:d047:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
83:b6:82:96:0e:77:0b:59:aa:3f:63:52:5d:95:c2:bd:ed:bc:
2d:02:ed:4c:9d:dc:ed:ec:e7:cf:20:09:1b:08:78:76:5d:0e:
30:62:34:e8:ac:c0:69:db:3c:30:48:34:3e:44:2e:56:fe:69:
60:30:d5:13:50:7f:29:2b:5f:aa:8a:c9:98:02:8f:31:01:7a:
8e:5c:69:21:25:2c:b7:eb:e4:e8:30:27:a7:dc:8c:66:32:da:
bb:59:d5:52:c8:1c:6d:d3:2c:b9:0b:62:4d:4e:9b:8b:be:04:
d8:d4:d0:ac:04:68:e2:26:b9:c1:56:64:f1:b9:5d:5c:a3:db:
6c:3d:b7:99:a8:37:87:ad:4f:cb:d9:97:5f:f5:fe:00:77:52:
5e:ec:60:4f:ae:4a:d8:6c:d8:4b:90:95:af:84:88:bd:98:f5:
53:5d:18:f5:c8:ef:05:10:85:8a:7d:20:3d:c8:5a:de:e4:8e:
46:47:dd:42:0b:b8:fa:72:32:a0:6e:39:87:66:eb:58:3f:9a:
f0:4e:af:90:c8:7b:02:32:10:3f:8b:ce:00:57:75:8c:73:7b:
42:0a:cc:a7:81:fe:52:67:eb:ca:75:81:ef:e7:68:8c:5e:94:
e3:4b:97:31:43:d0:0d:77:a4:2b:2a:15:60:3b:3f:ef:cf:95:
e3:8f:6e:d5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYvyLazZkDJGqVezJ1nafnPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjMxMTIxMTM1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjlhOTc1NDM5MjE4NjM0NjY2M2QwZGY4NDU0YWZiMTFiOTBlYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV0ah5XFz8TVLYWc+UmBPC5MmTHZ
g6daV40DPcG0giguJXltxiFIgBana/g+ZS3eikhsRM9oibgWIg/jrMPMff2Nu00Y
mfF9cr2PIjIozJjlJM7S4O6QU8pTAfZvOXOUKT2mVM6twcCxDUP07lwQP60RwZou
b9iQ6yP1k+4f7G56y30Ft6piw3c/hYVHcj2x80VHAyoUPGWktptesU8Zui1MG2q2
x7YAoHGc5YJme5/o+iwwfkz2LrKdWlU9q7CZ/J8ov5xuEL1eMZSzcaRWPjHTQAI0
3gbzU9HTOchZOC3pbHz1y/EjlAsR9cHpolIhAr5ANGmAU2GO9Y5TAo3qiQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGaal1Q5IYY0ZmPQ34RUr7EbkOsRMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvWnBxWFZEa2hoalJtWTlEZmhGU3ZzUnVRNnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAIAEGfAwA
AwcAKhPQQAAAAwcAKhPQQAACMBIDBwIqE9BG//wDBwAqE9BHAAAwDQYJKoZIhvcN
AQELBQADggEBAIO2gpYOdwtZqj9jUl2Vwr3tvC0C7Uyd3O3s588gCRsIeHZdDjBi
NOiswGnbPDBIND5ELlb+aWAw1RNQfykrX6qKyZgCjzEBeo5caSElLLfr5OgwJ6fc
jGYy2rtZ1VLIHG3TLLkLYk1Om4u+BNjU0KwEaOImucFWZPG5XVyj22w9t5moN4et
T8vZl1/1/gB3Ul7sYE+uSths2EuQla+EiL2Y9VNdGPXI7wUQhYp9ID3IWt7kjkZH
3UILuPpyMqBuOYdm61g/mvBOr5DIewIyED+LzgBXdYxze0IKzKeB/lJn68p1ge/n
aIxelONLlzFD0A13pCsqFWA7P+/PleOPbtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org