Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/Zb5iZ2F_spLGo9jyv5ihnbeVoaY.roa
File: Zb5iZ2F_spLGo9jyv5ihnbeVoaY.roa (raw, json)
Hash identifier: E/PGNp4yW/ouBX1KJwxWGwI86SBlEixt4pbPb5rqv0k=
Subject key identifier: 65:BE:62:67:61:7F:B2:92:C6:A3:D8:F2:BF:98:A1:9D:B7:95:A1:A6
Certificate issuer: /CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Certificate serial: 018CC86F97C3986B4ACFBB64AC3F7D0096BF
Authority key identifier: EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/Zb5iZ2F_spLGo9jyv5ihnbeVoaY.roa
Signing time: Tue 02 Jan 2024 04:30:05 +0000
ROA not before: Tue 02 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212025
IP address blocks: 2a0d:2406:11ea::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:97:c3:98:6b:4a:cf:bb:64:ac:3f:7d:00:96:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Validity
Not Before: Jan 2 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65be6267617fb292c6a3d8f2bf98a19db795a1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:86:29:04:29:12:bf:36:a4:90:7a:ae:dd:
f2:df:3a:f1:42:a0:6c:c6:40:86:11:40:c6:99:f6:
bb:6d:97:36:6d:5e:f5:41:4b:b3:db:63:9e:b8:b4:
ec:2d:20:0d:32:1b:b1:46:3a:d3:17:cf:d8:a4:26:
e7:13:99:6c:0a:a7:3b:d7:22:1a:c5:5d:43:f4:54:
54:12:98:2a:a0:35:fc:0b:b3:61:02:d1:08:6e:be:
c4:19:97:9e:13:2a:a7:5b:1e:20:3f:7c:15:28:54:
6d:1a:2e:24:a6:75:1a:38:36:b0:02:d0:be:05:f5:
82:19:5b:03:78:d3:94:24:0e:c3:71:d4:0c:94:79:
f8:27:2d:10:b5:74:f2:67:50:24:34:3b:12:5e:77:
b0:94:38:7a:13:e4:6f:82:7e:bb:91:92:b6:48:9d:
60:64:18:45:1d:cb:33:5f:59:e3:72:39:2a:36:93:
6f:66:02:42:2a:f7:a4:84:e1:d9:7b:79:fc:7e:79:
64:cb:5b:78:d2:86:16:31:49:4a:60:e2:73:e6:dc:
64:b9:df:e5:fb:1e:ea:96:2e:fd:97:b6:08:06:13:
fd:f9:65:b2:b1:b1:29:11:24:92:c2:78:86:57:8a:
3e:a1:1e:54:81:ba:77:54:36:0f:6a:2b:94:c8:d4:
b8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BE:62:67:61:7F:B2:92:C6:A3:D8:F2:BF:98:A1:9D:B7:95:A1:A6
X509v3 Authority Key Identifier:
keyid:EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/Zb5iZ2F_spLGo9jyv5ihnbeVoaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2406:11ea::/48
Signature Algorithm: sha256WithRSAEncryption
0f:4d:ce:4b:9d:bd:cb:f5:2e:44:f7:0a:72:2a:81:cf:6e:ba:
37:b1:98:b9:40:5d:b5:88:92:07:58:24:cf:ce:76:0e:48:b8:
38:5d:d3:55:29:3c:30:68:10:18:80:51:f2:14:df:01:b0:0b:
6f:d0:98:5f:6b:0a:2c:5a:29:56:63:30:f8:3b:58:7e:20:f1:
c6:0e:5a:59:63:aa:36:11:01:25:f0:bd:43:3f:ca:2a:41:b4:
d6:92:20:2a:af:9a:c8:d1:0e:5c:96:83:fa:6d:cd:aa:2b:72:
f6:be:bc:dd:91:88:72:30:28:fe:b2:79:6e:ae:9b:ca:ee:66:
fa:25:b8:41:bc:9a:87:df:b5:7f:c8:93:b0:98:a0:3a:e8:3c:
2b:18:35:b3:f8:ff:22:c8:5d:4a:05:42:51:22:22:48:31:c4:
b6:62:a3:ef:c3:ec:38:b7:ee:86:9a:49:22:1e:d0:f8:90:fd:
ef:fe:ce:a7:4e:51:4a:2c:54:b9:08:f0:cb:e9:94:40:d3:00:
6c:8b:29:b9:38:9e:e5:37:c0:08:71:30:b3:0b:89:f6:53:97:
eb:dc:a9:25:ef:12:2e:c1:19:19:fe:e1:8d:51:57:54:79:66:
7c:6b:6d:97:90:57:51:a7:94:cd:aa:23:e7:61:20:26:5e:4f:
4b:be:44:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb5fDmGtKz7tkrD99AJa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGZiMDYxYTk0MjZlNGZiMjg4NWQ4MjI4Njc1NzJhMWI1
OGE0YzAwHhcNMjQwMTAyMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJlNjI2NzYxN2ZiMjkyYzZhM2Q4ZjJiZjk4YTE5ZGI3OTVhMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD2GKQQpEr82pJB6rt3y3zrxQqBs
xkCGEUDGmfa7bZc2bV71QUuz22OeuLTsLSANMhuxRjrTF8/YpCbnE5lsCqc71yIa
xV1D9FRUEpgqoDX8C7NhAtEIbr7EGZeeEyqnWx4gP3wVKFRtGi4kpnUaODawAtC+
BfWCGVsDeNOUJA7DcdQMlHn4Jy0QtXTyZ1AkNDsSXnewlDh6E+Rvgn67kZK2SJ1g
ZBhFHcszX1njcjkqNpNvZgJCKvekhOHZe3n8fnlky1t40oYWMUlKYOJz5txkud/l
+x7qli79l7YIBhP9+WWysbEpESSSwniGV4o+oR5Ugbp3VDYPaiuUyNS4bQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGW+Ymdhf7KSxqPY8r+YoZ23laGmMB8GA1UdIwQY
MBaAFOxPsGGpQm5PsohdgihnVyobWKTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEt
Y2U1NzE1MDY5NWE5LzEvWmI1aVoyRl9zcExHbzlqeXY1aWhuYmVWb2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEtY2U1NzE1MDY5NWE5
LzEvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0kBhHq
MA0GCSqGSIb3DQEBCwUAA4IBAQAPTc5Lnb3L9S5E9wpyKoHPbro3sZi5QF21iJIH
WCTPznYOSLg4XdNVKTwwaBAYgFHyFN8BsAtv0JhfawosWilWYzD4O1h+IPHGDlpZ
Y6o2EQEl8L1DP8oqQbTWkiAqr5rI0Q5cloP6bc2qK3L2vrzdkYhyMCj+snlurpvK
7mb6JbhBvJqH37V/yJOwmKA66DwrGDWz+P8iyF1KBUJRIiJIMcS2YqPvw+w4t+6G
mkkiHtD4kP3v/s6nTlFKLFS5CPDL6ZRA0wBsiym5OJ7lN8AIcTCzC4n2U5fr3Kkl
7xIuwRkZ/uGNUVdUeWZ8a22XkFdRp5TNqiPnYSAmXk9LvkSR
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:52 2025 by rpki-client