Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ZVjdSL77XPSnNGPMaCUw2jQsqg4.roa
File: ZVjdSL77XPSnNGPMaCUw2jQsqg4.roa (raw, json)
Hash identifier: 3wiWNJVroTJ7XzMyAbBTSyX4QmA7roA2UQRnaVjPljI=
Subject key identifier: 65:58:DD:48:BE:FB:5C:F4:A7:34:63:CC:68:25:30:DA:34:2C:AA:0E
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018C641A7AF6F0C23F6042C6008EA11FB369
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ZVjdSL77XPSnNGPMaCUw2jQsqg4.roa
Signing time: Wed 13 Dec 2023 16:55:06 +0000
ROA not before: Wed 13 Dec 2023 16:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150249
IP address blocks: 2a0a:280:2e00::/39 maxlen: 48
2a0a:280:2a00::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:1a:7a:f6:f0:c2:3f:60:42:c6:00:8e:a1:1f:b3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Dec 13 16:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6558dd48befb5cf4a73463cc682530da342caa0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:29:f3:c9:0d:31:1a:40:e4:42:fe:01:7b:cc:
d5:01:c7:30:ed:c0:b2:70:8d:40:66:3d:73:d9:a7:
15:67:ec:21:71:81:64:fa:db:6f:de:d1:77:b7:f2:
8a:39:1e:f7:4a:ee:c4:7c:bc:2d:0a:e9:93:5d:69:
6a:15:9b:1f:5c:24:67:43:c4:8d:3b:36:e8:ae:ce:
11:2b:02:50:d6:c6:c2:07:22:c7:62:e8:6e:09:31:
f2:0f:65:3e:19:69:7b:c0:29:eb:7e:f4:c9:09:3a:
cb:d0:9d:ef:33:20:1d:0d:f9:2f:b6:87:80:89:23:
25:6c:bb:33:b0:a4:8e:d9:2b:7e:fc:d7:9f:bb:26:
63:34:be:63:96:44:7b:39:b1:b4:f9:ec:59:7a:20:
0b:a9:9b:ce:01:e3:39:08:c2:b9:88:2a:bb:fc:57:
19:a5:d6:00:6c:09:18:e7:8d:57:27:8b:f4:39:b5:
60:91:f8:82:63:47:f6:61:98:a1:24:70:36:9a:14:
ef:a2:b9:ff:af:f7:25:ef:ec:a0:c7:45:d2:47:eb:
7e:87:2f:3f:67:11:e9:7b:f8:7c:d1:fc:73:41:f3:
9f:5e:0b:06:0f:9f:5a:19:0d:5e:91:1c:ec:da:6a:
bc:9f:ff:42:e3:5c:72:88:d0:1e:df:25:94:96:9a:
2d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:58:DD:48:BE:FB:5C:F4:A7:34:63:CC:68:25:30:DA:34:2C:AA:0E
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ZVjdSL77XPSnNGPMaCUw2jQsqg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2a00::/40
2a0a:280:2e00::/39
Signature Algorithm: sha256WithRSAEncryption
36:d3:21:d9:38:ca:3a:36:1a:8a:e4:dd:37:80:98:d9:da:56:
4a:3c:55:a6:82:67:5b:14:d5:06:3e:bf:0b:8a:7e:6d:7e:fb:
3a:f9:d9:e7:e6:19:6b:64:04:81:7d:20:6d:8e:fd:d3:6e:01:
79:17:71:e0:8d:1b:61:f3:67:9e:a1:5a:cc:37:38:75:1c:d1:
13:7d:70:55:5f:9c:17:96:60:e8:5b:fe:30:32:d6:e3:df:c3:
37:cb:60:4b:91:15:35:ba:aa:6a:94:cc:d7:d0:a8:5d:14:86:
d2:6b:82:ab:b1:6d:4b:22:f3:0b:89:92:11:0b:d8:ca:1a:a8:
56:87:77:0a:3d:04:54:e7:5c:79:1a:3e:35:1b:c6:48:f4:a0:
dc:94:af:f1:e7:29:2a:8a:33:2f:67:d3:7b:5f:56:41:d4:e7:
eb:1e:7e:29:62:c6:e1:06:ca:8c:4e:de:7c:07:8d:f1:43:ce:
0e:6f:a1:4d:70:7c:34:d4:03:82:f9:c3:5b:3c:47:1a:85:84:
1b:5a:24:a6:0f:43:fa:15:d9:fc:eb:8d:b5:ab:ad:10:63:24:
ba:0c:36:7f:77:0c:67:da:7c:04:49:0d:ca:8d:04:7f:3e:8e:
f3:44:ed:43:82:09:4a:4a:4d:76:b0:a2:cc:e4:dc:0a:97:e2:
8e:c1:84:89
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYxkGnr28MI/YELGAI6hH7NpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMxMjEzMTY1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTU4ZGQ0OGJlZmI1Y2Y0YTczNDYzY2M2ODI1MzBkYTM0MmNhYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkynzyQ0xGkDkQv4Be8zVAccw7cCy
cI1AZj1z2acVZ+whcYFk+ttv3tF3t/KKOR73Su7EfLwtCumTXWlqFZsfXCRnQ8SN
Ozbors4RKwJQ1sbCByLHYuhuCTHyD2U+GWl7wCnrfvTJCTrL0J3vMyAdDfkvtoeA
iSMlbLszsKSO2St+/NefuyZjNL5jlkR7ObG0+exZeiALqZvOAeM5CMK5iCq7/FcZ
pdYAbAkY541XJ4v0ObVgkfiCY0f2YZihJHA2mhTvorn/r/cl7+ygx0XSR+t+hy8/
ZxHpe/h80fxzQfOfXgsGD59aGQ1ekRzs2mq8n/9C41xyiNAe3yWUlpotFwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGVY3Ui++1z0pzRjzGglMNo0LKoOMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvWlZqZFNMNzdYUFNuTkdQTWFDVXcyalFzcWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgoCgCoD
BgEqCgKALjANBgkqhkiG9w0BAQsFAAOCAQEANtMh2TjKOjYaiuTdN4CY2dpWSjxV
poJnWxTVBj6/C4p+bX77OvnZ5+YZa2QEgX0gbY79024BeRdx4I0bYfNnnqFazDc4
dRzRE31wVV+cF5Zg6Fv+MDLW49/DN8tgS5EVNbqqapTM19CoXRSG0muCq7FtSyLz
C4mSEQvYyhqoVod3Cj0EVOdceRo+NRvGSPSg3JSv8ecpKoozL2fTe19WQdTn6x5+
KWLG4QbKjE7efAeN8UPODm+hTXB8NNQDgvnDWzxHGoWEG1okpg9D+hXZ/OuNtaut
EGMkugw2f3cMZ9p8BEkNyo0Efz6O80TtQ4IJSkpNdrCizOTcCpfijsGEiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org