Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zOhOzf9dLhMkm9SnnMfUSDqsnA0.roa
File: zOhOzf9dLhMkm9SnnMfUSDqsnA0.roa (raw, json)
Hash identifier: WNnVYjmvTgJXQncX6NP/y5h/l8m0olVtPA7uTdV1Cx4=
Subject key identifier: CC:E8:4E:CD:FF:5D:2E:13:24:9B:D4:A7:9C:C7:D4:48:3A:AC:9C:0D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E6A079D9F8C9C6076C458839F30BF
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zOhOzf9dLhMkm9SnnMfUSDqsnA0.roa
Signing time: Mon 02 Jan 2023 06:14:56 +0000
ROA not before: Mon 02 Jan 2023 06:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209297
IP address blocks: 2a0c:b641:690::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:6a:07:9d:9f:8c:9c:60:76:c4:58:83:9f:30:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cce84ecdff5d2e13249bd4a79cc7d4483aac9c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:32:79:35:4b:1a:55:91:ea:09:48:bf:35:7e:
d3:7b:98:c7:84:68:ec:28:0b:43:0e:ca:5f:f3:f2:
32:1b:45:d9:f8:9a:01:b5:6c:03:fc:e4:c6:f5:a2:
09:4b:fd:ad:b8:bc:a0:b5:f9:a4:f9:15:53:23:b0:
94:0b:58:d5:72:50:73:69:ae:59:be:52:bd:8c:e7:
22:61:34:5d:13:7a:e4:94:7f:77:5d:d9:9a:21:a2:
8d:88:c7:ef:5c:73:f6:cf:a6:6d:82:10:0b:f3:f5:
13:72:b4:a2:4b:2c:2c:9e:73:e8:74:23:97:b1:d4:
e1:d2:d9:99:da:09:73:b8:d8:25:d6:ac:2a:1e:d2:
f1:fe:12:53:2f:e6:d9:da:7b:58:55:17:6c:a1:71:
03:bb:5e:51:2b:88:d0:1d:ba:8e:dc:83:72:6c:2d:
84:bb:1a:0f:4b:22:94:42:a8:27:6b:d3:45:b1:dc:
de:ef:f5:05:0c:89:ce:26:a1:7a:ac:19:7b:88:70:
6f:bf:22:f7:7b:74:0d:1d:47:48:c6:38:bf:90:0d:
8e:7c:f5:9a:de:c2:89:ce:a8:94:24:3e:49:e0:27:
d4:93:20:90:b8:72:71:53:62:71:26:c0:23:0f:ef:
6d:3e:32:5e:67:53:42:18:28:e1:07:a9:2c:75:43:
39:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E8:4E:CD:FF:5D:2E:13:24:9B:D4:A7:9C:C7:D4:48:3A:AC:9C:0D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zOhOzf9dLhMkm9SnnMfUSDqsnA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:690::/44
Signature Algorithm: sha256WithRSAEncryption
24:86:f8:41:08:e7:16:ba:46:4b:61:b3:56:1c:de:cd:d4:3c:
37:9c:66:25:0b:cb:dc:b4:18:f6:99:7b:f1:c8:7e:64:4d:ec:
d2:c3:c2:39:30:f7:b0:e7:45:84:19:a8:87:64:60:f4:53:13:
2f:13:7b:7c:21:69:75:b3:9f:12:16:f5:2f:2c:b1:a8:c6:a3:
f1:60:04:85:be:3d:f8:ae:42:50:d2:3f:68:b1:19:27:fa:93:
07:48:a1:4f:fa:e7:e7:9f:0b:1e:ed:5f:dc:15:c3:6f:28:0a:
d2:6a:db:00:40:c8:ac:1b:c1:0c:61:0c:b5:77:90:a0:b3:ce:
a7:09:e3:bd:1a:8b:f7:95:e5:d0:a8:fe:c2:02:95:d1:30:2e:
33:67:fd:eb:e4:69:95:94:9f:31:cd:78:94:1c:01:c8:38:aa:
53:97:94:f3:00:a8:80:86:01:e6:64:db:c3:8e:4f:af:61:28:
c4:1e:10:56:7b:ac:a0:53:0c:13:05:5e:40:9c:5b:f0:7f:23:
06:42:a1:91:3e:9b:85:3a:c7:c2:dd:04:4c:d7:6c:40:41:66:
d1:c5:f0:af:37:74:33:ec:54:9b:31:10:9c:e1:71:b1:e7:94:
0a:b9:c0:69:56:46:01:6a:24:a1:b7:3a:c4:a5:14:d6:be:84:
e2:c7:b9:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHmoHnZ+MnGB2xFiDnzC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U4NGVjZGZmNWQyZTEzMjQ5YmQ0YTc5Y2M3ZDQ0ODNhYWM5YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjJ5NUsaVZHqCUi/NX7Te5jHhGjs
KAtDDspf8/IyG0XZ+JoBtWwD/OTG9aIJS/2tuLygtfmk+RVTI7CUC1jVclBzaa5Z
vlK9jOciYTRdE3rklH93XdmaIaKNiMfvXHP2z6ZtghAL8/UTcrSiSywsnnPodCOX
sdTh0tmZ2glzuNgl1qwqHtLx/hJTL+bZ2ntYVRdsoXEDu15RK4jQHbqO3INybC2E
uxoPSyKUQqgna9NFsdze7/UFDInOJqF6rBl7iHBvvyL3e3QNHUdIxji/kA2OfPWa
3sKJzqiUJD5J4CfUkyCQuHJxU2JxJsAjD+9tPjJeZ1NCGCjhB6ksdUM5ewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzoTs3/XS4TJJvUp5zH1Eg6rJwNMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvek9oT3pmOWRMaE1rbTlTbm5NZlVTRHFzbkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAkhvhBCOcWukZLYbNWHN7N1Dw3nGYlC8vctBj2
mXvxyH5kTezSw8I5MPew50WEGaiHZGD0UxMvE3t8IWl1s58SFvUvLLGoxqPxYASF
vj34rkJQ0j9osRkn+pMHSKFP+ufnnwse7V/cFcNvKArSatsAQMisG8EMYQy1d5Cg
s86nCeO9Gov3leXQqP7CApXRMC4zZ/3r5GmVlJ8xzXiUHAHIOKpTl5TzAKiAhgHm
ZNvDjk+vYSjEHhBWe6ygUwwTBV5AnFvwfyMGQqGRPpuFOsfC3QRM12xAQWbRxfCv
N3Qz7FSbMRCc4XGx55QKucBpVkYBaiShtzrEpRTWvoTix7ms
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:07 2024 by rpki-client on console-fra.rpki-client.org