Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZTfDG8XL1-NIU9Hmnk0gC0BM0rQ.roa
File: ZTfDG8XL1-NIU9Hmnk0gC0BM0rQ.roa (raw, json)
Hash identifier: KA5H46SOvR9+afpV3jIuOMNxM97zV24dHEW+mGLbiDA=
Subject key identifier: 65:37:C3:1B:C5:CB:D7:E3:48:53:D1:E6:9E:4D:20:0B:40:4C:D2:B4
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF02EF5D865F67FC3E4F1574103358
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZTfDG8XL1-NIU9Hmnk0gC0BM0rQ.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60729
IP address blocks: 2a03:f85:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:02:ef:5d:86:5f:67:fc:3e:4f:15:74:10:33:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6537c31bc5cbd7e34853d1e69e4d200b404cd2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4e:b4:67:65:48:1f:29:bb:c8:e2:7c:a8:df:
f8:27:ce:99:a1:5d:a8:c3:ed:d1:5d:5a:37:41:45:
59:1f:cd:fa:9f:fb:9a:1d:5c:ea:a0:cb:98:a8:6b:
ec:9d:02:56:ba:19:7f:af:75:ed:ae:77:92:45:84:
02:8f:00:dc:f4:e6:98:3e:7c:05:08:01:46:e4:77:
7b:2b:08:78:3e:02:ba:e5:72:a4:51:06:d0:a9:51:
4f:ca:d6:e8:7b:86:33:89:32:03:f7:6a:38:7d:42:
55:5b:4a:05:e3:c7:89:d0:66:3e:1d:4a:08:08:2c:
23:87:14:a2:47:0c:d7:10:b0:cb:2b:5c:b7:67:41:
08:2c:33:bf:ec:ca:e2:4d:99:b3:e2:7f:b2:a2:7f:
1c:43:49:a2:fe:99:29:52:a8:ec:52:97:22:41:8c:
67:dc:0c:d2:3f:dd:5e:18:7f:20:31:e2:7a:67:fd:
0a:79:5c:dc:5d:c9:f3:96:8c:c4:3a:69:9a:82:52:
a1:c2:5a:28:55:a8:a5:76:b5:e9:00:27:0c:60:0d:
06:07:fc:4d:eb:01:4e:64:bb:02:03:ff:3e:9f:1d:
5d:ea:62:48:04:db:f4:bc:2c:51:1e:a6:79:9d:7f:
6e:87:e9:b9:59:8f:ac:73:03:de:dd:d1:73:df:b8:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:37:C3:1B:C5:CB:D7:E3:48:53:D1:E6:9E:4D:20:0B:40:4C:D2:B4
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZTfDG8XL1-NIU9Hmnk0gC0BM0rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:8::/48
Signature Algorithm: sha256WithRSAEncryption
86:1a:a0:4f:d9:37:20:57:86:5a:f1:40:fd:49:d4:99:05:65:
a6:6c:fd:03:0f:57:c1:8c:0e:b2:4b:9e:2e:6d:ae:6f:ff:a9:
76:07:c7:82:2f:f9:6e:06:00:30:1f:ad:dc:e4:72:72:26:91:
05:a9:0b:5c:c0:aa:06:2b:cc:26:72:dc:d5:76:cb:7d:b4:12:
67:b0:c9:8a:23:c3:6e:77:84:9e:8f:63:37:c8:a0:98:07:aa:
0b:4f:0f:83:94:f4:60:35:8d:da:7e:08:11:93:c7:19:6d:51:
96:04:ce:0d:77:0e:2e:ab:2e:4e:f2:47:fa:cb:1c:45:cd:ef:
2c:a3:2f:ce:6d:da:c4:cc:ad:de:0f:5c:7a:c0:85:33:c1:f2:
02:aa:be:b7:31:a4:25:a0:60:0b:3b:11:bb:22:57:35:c6:74:
68:dc:4d:54:47:ef:b9:fa:dc:84:3c:12:86:8c:8f:98:ac:3a:
d8:a1:16:c9:0c:e7:fb:c4:31:1d:4c:64:6a:e0:49:16:94:d5:
e5:7b:8e:87:90:8a:39:9d:24:99:93:12:7d:17:5f:bd:53:cb:
ed:d4:a5:97:83:f0:62:ed:6c:1f:f2:79:48:28:35:23:39:b1:
94:09:3d:cc:d2:b4:ea:35:50:ed:3f:07:2c:c5:37:89:60:04:
55:e6:88:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrwLvXYZfZ/w+TxV0EDNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM3YzMxYmM1Y2JkN2UzNDg1M2QxZTY5ZTRkMjAwYjQwNGNkMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj060Z2VIHym7yOJ8qN/4J86ZoV2o
w+3RXVo3QUVZH836n/uaHVzqoMuYqGvsnQJWuhl/r3XtrneSRYQCjwDc9OaYPnwF
CAFG5Hd7Kwh4PgK65XKkUQbQqVFPytboe4YziTID92o4fUJVW0oF48eJ0GY+HUoI
CCwjhxSiRwzXELDLK1y3Z0EILDO/7MriTZmz4n+yon8cQ0mi/pkpUqjsUpciQYxn
3AzSP91eGH8gMeJ6Z/0KeVzcXcnzlozEOmmaglKhwlooVaildrXpACcMYA0GB/xN
6wFOZLsCA/8+nx1d6mJIBNv0vCxRHqZ5nX9uh+m5WY+scwPe3dFz37ghYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGU3wxvFy9fjSFPR5p5NIAtATNK0MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvWlRmREc4WEwxLU5JVTlIbW5rMGdDMEJNMHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCGGqBP2TcgV4Za8UD9SdSZBWWmbP0DD1fBjA6y
S54uba5v/6l2B8eCL/luBgAwH63c5HJyJpEFqQtcwKoGK8wmctzVdst9tBJnsMmK
I8Nud4Sej2M3yKCYB6oLTw+DlPRgNY3afggRk8cZbVGWBM4Ndw4uqy5O8kf6yxxF
ze8soy/ObdrEzK3eD1x6wIUzwfICqr63MaQloGALOxG7Ilc1xnRo3E1UR++5+tyE
PBKGjI+YrDrYoRbJDOf7xDEdTGRq4EkWlNXle46HkIo5nSSZkxJ9F1+9U8vt1KWX
g/Bi7Wwf8nlIKDUjObGUCT3M0rTqNVDtPwcsxTeJYARV5ogr
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org