Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PZKHAQk2awYrh_VZhs-20WnbqDA.roa
File: PZKHAQk2awYrh_VZhs-20WnbqDA.roa (raw, json)
Hash identifier: uNr2RkRG0xJ6uT6gQPaZ1+b8XPAUH8dHfIPCzQU26Tg=
Subject key identifier: 3D:92:87:01:09:36:6B:06:2B:87:F5:59:86:CF:B6:D1:69:DB:A8:30
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01862B7195F26EE905AB579B2CFDBA7CB407
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PZKHAQk2awYrh_VZhs-20WnbqDA.roa
Signing time: Tue 07 Feb 2023 10:35:09 +0000
ROA not before: Tue 07 Feb 2023 10:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 2a0e:d784::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:71:95:f2:6e:e9:05:ab:57:9b:2c:fd:ba:7c:b4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Feb 7 10:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d92870109366b062b87f55986cfb6d169dba830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6b:1d:43:6e:ca:e1:93:ca:66:8b:16:7c:46:
32:55:09:c2:21:36:a2:df:26:c6:3a:5f:47:2f:a4:
1b:28:57:f8:e1:d5:32:c5:19:bf:20:59:81:77:54:
4e:9a:ee:5e:80:8b:48:8e:c1:3c:47:18:ad:dd:91:
bc:3c:60:a3:72:3c:2d:23:d8:35:66:9b:d4:f9:e5:
06:37:2f:86:4d:1a:ea:58:93:9e:1f:2b:94:43:13:
dc:56:0a:86:89:a3:aa:82:f1:83:90:b1:e4:73:24:
92:ed:9c:e2:21:dc:a6:a2:84:d7:f0:4f:da:26:29:
c6:6b:7b:64:bf:b9:ce:32:8b:c6:72:b7:45:e6:56:
b3:e8:57:dc:0d:11:76:44:68:34:a0:a7:03:d8:de:
bd:09:62:2a:57:06:3b:85:7e:ad:d0:10:e5:ec:e5:
a5:2c:7a:06:31:34:b9:ae:21:40:6b:92:08:10:63:
e8:83:7f:c5:59:9d:d3:5b:e3:38:78:7d:c8:3a:9d:
23:0f:5a:d4:54:f9:3d:b1:02:ad:32:78:ca:fc:0f:
0d:36:4f:02:0f:88:6b:b4:73:26:1d:2e:b7:41:d9:
ce:b9:03:c0:e7:40:01:7a:88:d0:0d:41:15:3f:80:
f4:41:1b:fd:74:39:76:02:b1:e0:da:fd:5d:00:b2:
80:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:92:87:01:09:36:6B:06:2B:87:F5:59:86:CF:B6:D1:69:DB:A8:30
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PZKHAQk2awYrh_VZhs-20WnbqDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d784::/32
Signature Algorithm: sha256WithRSAEncryption
51:99:2f:3f:3f:c5:2d:f4:3d:c5:24:cd:73:4b:ca:23:8c:01:
c0:96:3a:60:55:b5:98:db:48:14:06:50:63:9f:ff:a6:74:93:
7d:44:c4:cd:24:ad:ed:75:b6:f5:3d:bb:ca:f9:36:8c:aa:26:
6e:a1:d4:6d:1c:3c:86:11:64:70:71:7b:0e:6a:b6:32:21:a4:
27:9d:db:65:8a:f4:95:ce:20:ca:ad:2e:45:2b:b5:a3:b7:45:
87:8f:95:82:a9:7c:85:6c:45:3d:63:05:a8:2f:44:0e:95:0e:
0f:b5:d0:db:bb:3e:c3:ae:f5:a8:15:7f:9c:2d:2c:fd:5e:3d:
20:e5:33:73:59:cc:57:80:bf:b1:b5:74:a7:77:9a:d8:ff:32:
b5:48:c1:e2:5d:94:06:3f:2e:5f:14:91:5d:31:a4:ec:78:c5:
cc:9f:38:eb:73:9e:dd:2c:fc:65:8a:9c:d4:2f:bb:2d:18:41:
a9:4a:77:f9:3e:89:bd:c7:44:3f:6a:bd:37:27:10:c7:1f:e3:
98:71:39:5c:d8:92:9c:42:78:d4:a7:9c:df:06:cd:a6:e9:3e:
c3:37:56:4f:52:2f:90:29:24:4a:cf:1c:43:31:ba:aa:15:0d:
34:b6:1b:e0:d2:47:26:16:07:8b:2d:b4:c9:47:26:dc:e5:bb:
ad:08:19:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYrcZXybukFq1ebLP26fLQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMjA3MTAzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkyODcwMTA5MzY2YjA2MmI4N2Y1NTk4NmNmYjZkMTY5ZGJhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2sdQ27K4ZPKZosWfEYyVQnCITai
3ybGOl9HL6QbKFf44dUyxRm/IFmBd1ROmu5egItIjsE8Rxit3ZG8PGCjcjwtI9g1
ZpvU+eUGNy+GTRrqWJOeHyuUQxPcVgqGiaOqgvGDkLHkcySS7ZziIdymooTX8E/a
JinGa3tkv7nOMovGcrdF5laz6FfcDRF2RGg0oKcD2N69CWIqVwY7hX6t0BDl7OWl
LHoGMTS5riFAa5IIEGPog3/FWZ3TW+M4eH3IOp0jD1rUVPk9sQKtMnjK/A8NNk8C
D4hrtHMmHS63QdnOuQPA50ABeojQDUEVP4D0QRv9dDl2ArHg2v1dALKA1QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD2ShwEJNmsGK4f1WYbPttFp26gwMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUFpLSEFRazJhd1lyaF9WWmhzLTIwV25icURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7XhDAN
BgkqhkiG9w0BAQsFAAOCAQEAUZkvPz/FLfQ9xSTNc0vKI4wBwJY6YFW1mNtIFAZQ
Y5//pnSTfUTEzSSt7XW29T27yvk2jKombqHUbRw8hhFkcHF7Dmq2MiGkJ53bZYr0
lc4gyq0uRSu1o7dFh4+Vgql8hWxFPWMFqC9EDpUOD7XQ27s+w671qBV/nC0s/V49
IOUzc1nMV4C/sbV0p3ea2P8ytUjB4l2UBj8uXxSRXTGk7HjFzJ8463Oe3Sz8ZYqc
1C+7LRhBqUp3+T6JvcdEP2q9NycQxx/jmHE5XNiSnEJ41Kec3wbNpuk+wzdWT1Iv
kCkkSs8cQzG6qhUNNLYb4NJHJhYHiy20yUcm3OW7rQgZig==
-----END CERTIFICATE-----
Generated at Thu Nov 30 09:58:18 2023 by rpki-client on console-fra.rpki-client.org