Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/PzkHrlKQG82K233p4LFgiqarmYc.roa
File: PzkHrlKQG82K233p4LFgiqarmYc.roa (raw, json)
Hash identifier: sX6K6zBHdyq0DFCAlfxc9bLOPhxTRUVJvMfYRVhDaLo=
Subject key identifier: 3F:39:07:AE:52:90:1B:CD:8A:DB:7D:E9:E0:B1:60:8A:A6:AB:99:87
Certificate issuer: /CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Certificate serial: 01856CCAFF2DA8138B8485FE3A4132036DA5
Authority key identifier: EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/PzkHrlKQG82K233p4LFgiqarmYc.roa
Signing time: Sun 01 Jan 2023 10:05:20 +0000
ROA not before: Sun 01 Jan 2023 10:05:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39753
IP address blocks: 2a0d:2406:400::/39 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ff:2d:a8:13:8b:84:85:fe:3a:41:32:03:6d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Validity
Not Before: Jan 1 10:05:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3907ae52901bcd8adb7de9e0b1608aa6ab9987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ca:8d:4e:69:6a:55:6f:35:5a:54:b6:e6:a6:
e6:dd:49:63:dd:00:9c:5f:c5:2b:11:46:ea:34:f0:
eb:4c:aa:cb:3e:40:ba:b3:33:48:f2:f1:9f:4b:74:
ca:99:77:b0:8f:26:81:00:03:16:31:cb:26:65:6d:
49:e9:9f:ed:f2:03:85:40:15:40:b1:14:9c:70:fb:
6d:4c:16:08:b5:af:16:25:8b:59:1f:d0:7c:66:37:
22:c6:ae:75:26:7c:cf:f6:e8:66:5f:11:a0:07:20:
3a:af:6f:3b:ae:a6:cc:a5:26:d3:9d:f6:8a:60:d6:
dd:17:61:dc:28:f6:96:6f:8a:c6:b1:02:ba:1b:03:
5e:08:e7:80:31:b5:85:bd:4b:71:68:55:19:8c:09:
9a:26:cd:53:48:e0:16:fe:76:1d:e3:ca:02:f6:7c:
e3:74:01:83:7c:88:48:16:92:3b:2e:2f:c5:e0:7d:
74:67:ab:22:51:07:23:c6:fc:96:65:d4:96:f8:b5:
d0:db:1e:9b:4c:42:22:63:8e:b3:3b:77:ee:c6:72:
62:05:84:b1:e1:4c:a1:cb:b3:e2:f2:1f:1c:e0:40:
78:58:c9:93:4a:86:57:02:51:6d:90:7a:be:40:f0:
e9:7f:28:41:ba:7d:f5:bf:8e:ae:64:0e:e5:6f:47:
3e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:39:07:AE:52:90:1B:CD:8A:DB:7D:E9:E0:B1:60:8A:A6:AB:99:87
X509v3 Authority Key Identifier:
keyid:EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/PzkHrlKQG82K233p4LFgiqarmYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2406:400::/39
Signature Algorithm: sha256WithRSAEncryption
61:9c:db:8c:64:4d:6a:b2:f7:49:25:32:ef:3d:13:89:83:56:
59:4a:73:96:20:cf:f5:25:d9:61:7a:c6:92:eb:f7:bb:17:81:
8f:e9:d8:18:58:15:2f:b6:e0:61:e0:06:20:8d:a7:6b:94:8c:
17:d5:e7:8f:27:8c:04:58:ee:bd:c0:19:aa:a6:60:de:02:c7:
79:13:09:b2:cd:81:07:0b:e2:14:82:78:85:ab:a6:8e:e8:c9:
bc:76:a1:28:5a:7f:05:a8:80:75:0c:77:33:4c:5c:65:38:00:
f3:a6:fa:f5:ff:00:e7:18:76:b3:b5:da:83:e3:f7:1f:fc:20:
be:c7:3f:80:e3:5c:42:ad:9f:36:73:7a:67:77:eb:1a:e5:2e:
fe:38:46:f9:fd:bb:03:0c:0e:9e:65:ec:70:04:a7:67:8f:c5:
8a:18:c6:94:0f:89:d8:27:e5:db:7f:3b:6b:32:7b:51:40:c4:
a1:13:02:98:cd:6a:c5:fd:0a:70:1e:87:a0:e3:86:42:12:b5:
51:8e:bf:26:e6:cb:37:80:18:60:8d:22:2d:5c:d3:21:aa:fc:
be:8e:c9:53:cc:b4:40:f2:89:1f:5d:9e:af:2d:ca:24:b6:a0:
ab:a6:54:14:83:f5:3d:81:3b:47:4c:8c:86:51:18:67:e7:d5:
d0:88:09:47
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsyv8tqBOLhIX+OkEyA22lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGZiMDYxYTk0MjZlNGZiMjg4NWQ4MjI4Njc1NzJhMWI1
OGE0YzAwHhcNMjMwMTAxMTAwNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM5MDdhZTUyOTAxYmNkOGFkYjdkZTllMGIxNjA4YWE2YWI5OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcqNTmlqVW81WlS25qbm3Ulj3QCc
X8UrEUbqNPDrTKrLPkC6szNI8vGfS3TKmXewjyaBAAMWMcsmZW1J6Z/t8gOFQBVA
sRSccPttTBYIta8WJYtZH9B8Zjcixq51JnzP9uhmXxGgByA6r287rqbMpSbTnfaK
YNbdF2HcKPaWb4rGsQK6GwNeCOeAMbWFvUtxaFUZjAmaJs1TSOAW/nYd48oC9nzj
dAGDfIhIFpI7Li/F4H10Z6siUQcjxvyWZdSW+LXQ2x6bTEIiY46zO3fuxnJiBYSx
4Uyhy7Pi8h8c4EB4WMmTSoZXAlFtkHq+QPDpfyhBun31v46uZA7lb0c+LQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD85B65SkBvNitt96eCxYIqmq5mHMB8GA1UdIwQY
MBaAFOxPsGGpQm5PsohdgihnVyobWKTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEt
Y2U1NzE1MDY5NWE5LzEvUHprSHJsS1FHODJLMjMzcDRMRmdpcWFybVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEtY2U1NzE1MDY5NWE5
LzEvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYBKg0kBgQw
DQYJKoZIhvcNAQELBQADggEBAGGc24xkTWqy90klMu89E4mDVllKc5Ygz/Ul2WF6
xpLr97sXgY/p2BhYFS+24GHgBiCNp2uUjBfV548njARY7r3AGaqmYN4Cx3kTCbLN
gQcL4hSCeIWrpo7oybx2oShafwWogHUMdzNMXGU4APOm+vX/AOcYdrO12oPj9x/8
IL7HP4DjXEKtnzZzemd36xrlLv44Rvn9uwMMDp5l7HAEp2ePxYoYxpQPidgn5dt/
O2sye1FAxKETApjNasX9CnAeh6DjhkIStVGOvybmyzeAGGCNIi1c0yGq/L6OyVPM
tEDyiR9dnq8tyiS2oKumVBSD9T2BO0dMjIZRGGfn1dCICUc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:00 2024 by rpki-client on console-ams.rpki-client.org