Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2d26a3-346e-4d0d-ac1e-1d020ece07ea/1/IKzRn8t9pcOkCgSZiGIPawq7gDQ.roa
File: IKzRn8t9pcOkCgSZiGIPawq7gDQ.roa (raw, json)
Hash identifier: 1RVzY/KGWspbJtjpjFy2MhoC37RM3ruAd543zL5+gPs=
Subject key identifier: 20:AC:D1:9F:CB:7D:A5:C3:A4:0A:04:99:88:62:0F:6B:0A:BB:80:34
Certificate issuer: /CN=66501165645aa80dcba315885cf374acb6d21305
Certificate serial: 0185702702529FF880F91EFF9DC2798981CD
Authority key identifier: 66:50:11:65:64:5A:A8:0D:CB:A3:15:88:5C:F3:74:AC:B6:D2:13:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZlARZWRaqA3LoxWIXPN0rLbSEwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2d26a3-346e-4d0d-ac1e-1d020ece07ea/1/IKzRn8t9pcOkCgSZiGIPawq7gDQ.roa
Signing time: Mon 02 Jan 2023 01:44:42 +0000
ROA not before: Mon 02 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56841
IP address blocks: 2001:67c:acc::/48 maxlen: 48
2001:67c:2788::/48 maxlen: 48
2001:67c:ad0::/48 maxlen: 48
2001:67c:ac8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:27:02:52:9f:f8:80:f9:1e:ff:9d:c2:79:89:81:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66501165645aa80dcba315885cf374acb6d21305
Validity
Not Before: Jan 2 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20acd19fcb7da5c3a40a049988620f6b0abb8034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:ed:4e:81:83:2b:e9:91:85:7a:f6:c5:93:
f0:ac:5a:2c:72:22:c1:ee:9e:2a:d6:a9:36:f2:1d:
b7:3f:e8:d9:62:cc:59:d2:4c:34:00:44:ff:dd:57:
3a:44:ed:2c:41:4a:d9:a3:ed:f4:72:bc:79:e7:59:
fb:b7:ed:84:f1:96:43:fb:ef:c4:b9:b1:4e:28:fb:
0f:e1:6d:49:83:3d:51:40:a2:78:41:cc:40:92:7b:
73:66:a5:e0:b5:41:62:db:1e:a4:c8:45:64:50:a0:
83:65:da:2b:89:ca:1e:e6:34:60:0b:56:b1:0d:29:
ad:e9:a4:a8:38:bc:d4:42:11:70:a1:37:77:a1:75:
e2:6d:7a:ab:f3:1a:b0:80:92:83:99:47:70:bc:3f:
4f:57:75:ce:8b:25:1f:39:e3:76:86:10:2c:f2:c9:
76:ab:4d:39:99:a8:31:98:15:14:bd:c3:ec:06:fe:
d9:94:af:75:59:da:d2:28:9f:c5:c3:f7:51:49:cb:
48:5b:90:fe:f9:6e:53:c0:35:a9:74:6c:ba:4a:d6:
2e:d7:14:18:32:35:a2:0f:91:78:65:d5:4e:92:a2:
d4:db:c7:28:51:c2:db:7d:9c:60:a8:39:11:dd:35:
70:93:3f:2c:99:ea:a5:c4:18:75:49:66:d3:27:ac:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AC:D1:9F:CB:7D:A5:C3:A4:0A:04:99:88:62:0F:6B:0A:BB:80:34
X509v3 Authority Key Identifier:
keyid:66:50:11:65:64:5A:A8:0D:CB:A3:15:88:5C:F3:74:AC:B6:D2:13:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZlARZWRaqA3LoxWIXPN0rLbSEwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2d26a3-346e-4d0d-ac1e-1d020ece07ea/1/IKzRn8t9pcOkCgSZiGIPawq7gDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2d26a3-346e-4d0d-ac1e-1d020ece07ea/1/ZlARZWRaqA3LoxWIXPN0rLbSEwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:ac8::/48
2001:67c:acc::/48
2001:67c:ad0::/48
2001:67c:2788::/48
Signature Algorithm: sha256WithRSAEncryption
02:35:a0:cd:ea:d9:c4:be:17:39:c7:37:79:e0:23:96:df:4a:
37:ac:f6:b4:07:c7:0c:ee:1e:56:28:c7:1c:3d:a3:4a:7d:ae:
0e:56:ff:5d:ca:5d:34:0a:27:15:75:48:eb:cf:ef:e4:b6:6a:
55:bc:41:95:f6:ae:9b:f5:67:57:f2:29:7a:b7:b3:92:cb:05:
25:ed:21:9f:06:19:6b:cd:ba:d4:83:e5:59:f9:58:9c:15:e6:
5e:fe:b5:2d:96:b1:dc:eb:76:ed:54:b7:86:6b:92:59:62:02:
40:fb:29:cc:3f:9b:1e:1c:4b:09:89:60:fa:fc:56:aa:86:3d:
34:55:bb:c1:83:95:fe:15:32:c7:c3:43:19:63:a3:7f:e8:54:
a3:51:c7:1d:d1:cb:68:ff:13:87:a9:e5:08:54:32:41:54:af:
af:26:36:dc:47:5f:01:c2:38:e8:a4:6e:90:24:db:d3:2b:2e:
e2:ad:10:07:28:18:f1:1b:21:e6:81:6c:f1:eb:3d:92:5b:f0:
b8:97:bc:7b:20:5e:79:50:07:ed:c8:8c:97:13:d6:67:1f:7b:
16:33:a0:d3:2f:61:f6:9d:cf:81:0a:8b:7f:14:83:a7:1f:28:
1d:99:55:83:ec:a6:a2:a0:1b:3f:c8:f5:2a:3c:cc:04:f8:76:
b9:07:7d:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwJwJSn/iA+R7/ncJ5iYHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NTAxMTY1NjQ1YWE4MGRjYmEzMTU4ODVjZjM3NGFjYjZk
MjEzMDUwHhcNMjMwMTAyMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFjZDE5ZmNiN2RhNWMzYTQwYTA0OTk4ODYyMGY2YjBhYmI4MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGjtToGDK+mRhXr2xZPwrFosciLB
7p4q1qk28h23P+jZYsxZ0kw0AET/3Vc6RO0sQUrZo+30crx551n7t+2E8ZZD++/E
ubFOKPsP4W1Jgz1RQKJ4QcxAkntzZqXgtUFi2x6kyEVkUKCDZdoricoe5jRgC1ax
DSmt6aSoOLzUQhFwoTd3oXXibXqr8xqwgJKDmUdwvD9PV3XOiyUfOeN2hhAs8sl2
q005magxmBUUvcPsBv7ZlK91WdrSKJ/Fw/dRSctIW5D++W5TwDWpdGy6StYu1xQY
MjWiD5F4ZdVOkqLU28coUcLbfZxgqDkR3TVwkz8smeqlxBh1SWbTJ6wUCQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCCs0Z/LfaXDpAoEmYhiD2sKu4A0MB8GA1UdIwQY
MBaAFGZQEWVkWqgNy6MViFzzdKy20hMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmxBUlpXUmFxQTNMb3hXSVhQTjByTGJTRXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yZDI2YTMtMzQ2ZS00ZDBkLWFjMWUt
MWQwMjBlY2UwN2VhLzEvSUt6Um44dDlwY09rQ2dTWmlHSVBhd3E3Z0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yZDI2YTMtMzQ2ZS00ZDBkLWFjMWUtMWQwMjBlY2UwN2Vh
LzEvWmxBUlpXUmFxQTNMb3hXSVhQTjByTGJTRXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGfArI
AwcAIAEGfArMAwcAIAEGfArQAwcAIAEGfCeIMA0GCSqGSIb3DQEBCwUAA4IBAQAC
NaDN6tnEvhc5xzd54COW30o3rPa0B8cM7h5WKMccPaNKfa4OVv9dyl00CicVdUjr
z+/ktmpVvEGV9q6b9WdX8il6t7OSywUl7SGfBhlrzbrUg+VZ+VicFeZe/rUtlrHc
63btVLeGa5JZYgJA+ynMP5seHEsJiWD6/Faqhj00VbvBg5X+FTLHw0MZY6N/6FSj
Uccd0cto/xOHqeUIVDJBVK+vJjbcR18BwjjopG6QJNvTKy7irRAHKBjxGyHmgWzx
6z2SW/C4l7x7IF55UAftyIyXE9ZnH3sWM6DTL2H2nc+BCot/FIOnHygdmVWD7Kai
oBs/yPUqPMwE+Ha5B32o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:43 2024 by rpki-client on console-fra.rpki-client.org