Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/zCZ5MQrJeosoxIwEE4RHWydAA_o.roa
File: zCZ5MQrJeosoxIwEE4RHWydAA_o.roa (raw, json)
Hash identifier: nUwjc7lIBCtTEgIuuBYke+J7kNKZZLmvU7yTggmQxSI=
Subject key identifier: CC:26:79:31:0A:C9:7A:8B:28:C4:8C:04:13:84:47:5B:27:40:03:FA
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0189C6382FCA8835902DFE73D7D714C1B304
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/zCZ5MQrJeosoxIwEE4RHWydAA_o.roa
Signing time: Sat 05 Aug 2023 15:01:58 +0000
ROA not before: Sat 05 Aug 2023 15:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150249
IP address blocks: 2a0a:280:2a00::/40 maxlen: 48
2a0a:280:1000::/40 maxlen: 48
2a0a:280:2e00::/39 maxlen: 48
Validation: Failed, certificate revoked on Sun 03 Sep 2023 05:16:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:38:2f:ca:88:35:90:2d:fe:73:d7:d7:14:c1:b3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Aug 5 15:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc2679310ac97a8b28c48c041384475b274003fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:20:66:62:37:9f:2b:e0:27:c7:f4:97:b8:
a3:17:81:ac:6a:5b:dd:14:a9:38:00:54:4f:9c:2e:
18:ed:44:03:1d:ca:ba:09:c0:33:8b:fa:63:2c:3f:
71:2e:a1:62:e3:80:5b:28:44:e4:c4:a2:f5:8a:d5:
e1:43:ad:a5:f7:f4:26:dc:35:57:40:9d:1f:d9:23:
01:f4:98:de:f0:a1:db:71:de:b3:3d:bb:97:b6:30:
66:5e:88:5f:ba:ee:b9:87:41:c1:d0:05:67:28:8b:
a8:37:77:d7:40:73:5f:9e:d3:98:12:00:a0:12:bd:
dc:79:3e:a4:5d:c4:e2:e7:40:87:a9:ea:41:3a:a4:
73:16:b6:c6:fb:ba:30:bd:e9:89:34:45:6b:94:fb:
66:5a:d9:c3:d3:3d:d6:e4:64:69:ab:39:56:68:4d:
d3:d8:20:b3:2d:93:cf:fb:14:21:88:43:69:e0:aa:
e0:98:50:b1:66:ec:69:28:8c:a7:13:67:a4:46:c2:
f2:7d:3b:a1:91:6b:44:97:2e:86:f2:0e:c2:44:95:
71:61:84:3f:a2:34:56:47:c2:07:d5:ae:8e:30:8b:
c2:f6:41:ba:b6:13:77:61:4d:16:44:95:2a:32:29:
9c:47:95:1d:df:2d:7f:05:eb:9a:95:6f:cf:8d:b1:
77:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:26:79:31:0A:C9:7A:8B:28:C4:8C:04:13:84:47:5B:27:40:03:FA
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/zCZ5MQrJeosoxIwEE4RHWydAA_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1000::/40
2a0a:280:2a00::/40
2a0a:280:2e00::/39
Signature Algorithm: sha256WithRSAEncryption
05:2b:8f:7d:82:20:62:47:32:3c:2a:91:90:68:53:ba:24:d5:
31:de:7f:a7:b0:05:ee:f1:69:1a:ee:bc:3c:4e:36:8e:66:5e:
29:de:86:0b:21:85:c6:00:21:59:07:95:de:71:5c:21:3c:27:
71:83:c5:42:f4:f3:ed:60:61:ed:93:b8:c8:e1:21:c8:db:7f:
94:33:07:a8:2d:67:48:50:7a:f2:10:71:c0:51:ea:9f:43:04:
84:50:e3:09:65:af:e8:53:1b:71:9b:e2:91:82:23:7b:8d:6b:
29:c2:96:22:ef:92:47:77:ec:cb:c5:85:9a:42:74:73:2b:e0:
b2:45:b1:77:30:b4:be:2b:c7:e1:9f:0e:4e:7f:bb:0f:e8:2c:
29:26:be:69:ab:2d:6f:da:14:06:c0:ab:9f:ff:f4:3a:93:b0:
e3:43:a9:a8:40:77:76:32:03:d8:d6:ac:58:99:10:91:d1:34:
65:c8:e1:8d:83:67:9c:c9:15:1f:04:4e:b0:2b:68:39:6a:60:
d7:4d:a8:3b:87:47:d9:56:5c:0a:8f:9f:41:8f:55:26:a2:90:
f1:e0:cc:bd:29:2b:54:58:4f:7c:e3:a9:4f:4d:d7:e7:ac:d3:
00:84:d1:95:5e:2f:71:de:0b:38:9d:03:5b:0c:7c:8b:9b:38:
a2:cf:81:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnGOC/KiDWQLf5z19cUwbMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwODA1MTUwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzI2NzkzMTBhYzk3YThiMjhjNDhjMDQxMzg0NDc1YjI3NDAwM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPggZmI3nyvgJ8f0l7ijF4Gsalvd
FKk4AFRPnC4Y7UQDHcq6CcAzi/pjLD9xLqFi44BbKETkxKL1itXhQ62l9/Qm3DVX
QJ0f2SMB9Jje8KHbcd6zPbuXtjBmXohfuu65h0HB0AVnKIuoN3fXQHNfntOYEgCg
Er3ceT6kXcTi50CHqepBOqRzFrbG+7owvemJNEVrlPtmWtnD0z3W5GRpqzlWaE3T
2CCzLZPP+xQhiENp4KrgmFCxZuxpKIynE2ekRsLyfTuhkWtEly6G8g7CRJVxYYQ/
ojRWR8IH1a6OMIvC9kG6thN3YU0WRJUqMimcR5Ud3y1/BeualW/PjbF3GwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMwmeTEKyXqLKMSMBBOER1snQAP6MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvekNaNU1Rckplb3NveEl3RUU0UkhXeWRBQV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKgoCgBAD
BgAqCgKAKgMGASoKAoAuMA0GCSqGSIb3DQEBCwUAA4IBAQAFK499giBiRzI8KpGQ
aFO6JNUx3n+nsAXu8Wka7rw8TjaOZl4p3oYLIYXGACFZB5XecVwhPCdxg8VC9PPt
YGHtk7jI4SHI23+UMweoLWdIUHryEHHAUeqfQwSEUOMJZa/oUxtxm+KRgiN7jWsp
wpYi75JHd+zLxYWaQnRzK+CyRbF3MLS+K8fhnw5Of7sP6CwpJr5pqy1v2hQGwKuf
//Q6k7DjQ6moQHd2MgPY1qxYmRCR0TRlyOGNg2ecyRUfBE6wK2g5amDXTag7h0fZ
VlwKj59Bj1UmopDx4My9KStUWE9846lPTdfnrNMAhNGVXi9x3gs4nQNbDHyLmzii
z4EE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org