Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZvjRbM0VAk_kMaMSQ1f8fjYuXWY.roa
File: ZvjRbM0VAk_kMaMSQ1f8fjYuXWY.roa (raw, json)
Hash identifier: pvIXFcZn02IMBNCSsgbMra8JB12ZqwFBtFjoYJ3C2zo=
Subject key identifier: 66:F8:D1:6C:CD:15:02:4F:E4:31:A3:12:43:57:FC:7E:36:2E:5D:66
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018EF0E4BC27CAF3AD041C5488BC727B7BAB
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZvjRbM0VAk_kMaMSQ1f8fjYuXWY.roa
Signing time: Thu 18 Apr 2024 11:08:25 +0000
ROA not before: Thu 18 Apr 2024 11:08:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 2a0e:d781::/32 maxlen: 32
2a0e:d782::/32 maxlen: 32
2a0e:d783::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:e4:bc:27:ca:f3:ad:04:1c:54:88:bc:72:7b:7b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Apr 18 11:08:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f8d16ccd15024fe431a3124357fc7e362e5d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:24:83:59:68:a0:fe:25:70:f2:3d:f6:0d:b1:
80:b1:c6:ee:0e:9b:7e:86:d6:9b:8a:fb:98:27:b3:
c5:1c:e8:33:f1:97:70:4c:0d:bd:00:c3:28:2c:c8:
b6:cc:00:13:66:34:52:07:fd:05:6d:c0:04:46:af:
6a:85:3f:f2:a8:bc:72:8c:8d:4b:26:99:24:80:ed:
f8:49:82:d3:d8:11:d8:30:db:d1:76:54:bd:b8:7d:
1b:ee:60:e0:a0:0b:93:31:31:e8:58:02:46:39:6b:
74:0e:c6:e1:47:a6:d1:1a:0b:7c:37:32:d0:6b:98:
72:f2:88:ca:50:55:0e:0e:e5:57:02:06:26:2c:69:
3d:00:43:1f:77:17:aa:72:84:26:b3:3e:f7:16:7d:
fa:98:1a:5b:c2:50:6d:01:17:88:29:2a:34:40:82:
60:c8:df:65:0a:b0:f3:a7:e2:19:b3:a4:23:7a:39:
22:7e:02:a9:f4:e4:56:c1:6c:ec:80:b2:eb:66:85:
cc:3f:73:80:f8:d1:b3:d6:52:47:2b:39:36:c8:0b:
63:e4:32:09:de:49:67:5d:08:6b:cd:33:6f:e4:a0:
c4:dd:d6:19:14:7e:4f:45:3f:8c:e2:d9:c0:fe:13:
cd:b3:de:5d:55:2a:5d:59:fe:fd:df:05:b0:d3:0e:
94:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F8:D1:6C:CD:15:02:4F:E4:31:A3:12:43:57:FC:7E:36:2E:5D:66
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZvjRbM0VAk_kMaMSQ1f8fjYuXWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:37:d7:99:52:ec:6a:4d:4a:10:55:58:d4:3f:57:7a:ce:89:
02:39:ab:33:2b:f6:11:67:dd:7f:59:f5:b0:f5:2f:03:4f:4b:
03:d1:87:77:c4:2f:3e:f9:4d:15:f4:3c:14:20:74:1f:ae:45:
74:48:8b:65:72:a3:fb:5d:48:1b:b1:0f:48:dd:33:27:00:f7:
cf:0f:d6:9f:e6:10:5f:a8:aa:5f:25:f1:89:f7:97:ef:f9:e0:
69:01:71:81:89:c0:ec:ee:8c:0f:01:54:b3:6d:27:06:90:6e:
63:73:c4:f7:b9:5b:5c:e3:69:e9:31:7a:84:05:0d:df:3a:7b:
f1:7c:55:8f:36:b7:3a:c1:a1:e5:8c:74:f2:35:eb:3b:96:4c:
e8:94:1a:fc:67:3f:aa:8e:4e:49:1b:df:c5:a4:8c:b6:71:1c:
e1:1e:4d:1d:4d:1d:8e:de:14:52:92:d5:17:61:4a:6c:09:41:
b0:9d:ed:00:9b:59:22:70:30:e6:81:a1:6a:dc:20:e9:39:6e:
3b:71:b5:7b:c2:4b:4e:94:14:00:9a:f7:d1:5b:cd:30:03:f3:
46:2c:dc:d0:34:cf:aa:05:84:b2:a3:0f:2f:c3:5b:4c:e5:dc:
a3:f9:5a:55:b5:d2:b6:0a:a6:f7:38:90:69:2a:55:91:b5:2c:
be:98:77:ff
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY7w5LwnyvOtBBxUiLxye3urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwNDE4MTEwODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmY4ZDE2Y2NkMTUwMjRmZTQzMWEzMTI0MzU3ZmM3ZTM2MmU1ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCSDWWig/iVw8j32DbGAscbuDpt+
htabivuYJ7PFHOgz8ZdwTA29AMMoLMi2zAATZjRSB/0FbcAERq9qhT/yqLxyjI1L
JpkkgO34SYLT2BHYMNvRdlS9uH0b7mDgoAuTMTHoWAJGOWt0DsbhR6bRGgt8NzLQ
a5hy8ojKUFUODuVXAgYmLGk9AEMfdxeqcoQmsz73Fn36mBpbwlBtAReIKSo0QIJg
yN9lCrDzp+IZs6QjejkifgKp9ORWwWzsgLLrZoXMP3OA+NGz1lJHKzk2yAtj5DIJ
3klnXQhrzTNv5KDE3dYZFH5PRT+M4tnA/hPNs95dVSpdWf793wWw0w6UiwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGb40WzNFQJP5DGjEkNX/H42Ll1mMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWnZqUmJNMFZBa19rTWFNU1ExZjhmall1WFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDteB
AwUCKg7XgDANBgkqhkiG9w0BAQsFAAOCAQEAbDfXmVLsak1KEFVY1D9Xes6JAjmr
Myv2EWfdf1n1sPUvA09LA9GHd8QvPvlNFfQ8FCB0H65FdEiLZXKj+11IG7EPSN0z
JwD3zw/Wn+YQX6iqXyXxifeX7/ngaQFxgYnA7O6MDwFUs20nBpBuY3PE97lbXONp
6TF6hAUN3zp78XxVjza3OsGh5Yx08jXrO5ZM6JQa/Gc/qo5OSRvfxaSMtnEc4R5N
HU0djt4UUpLVF2FKbAlBsJ3tAJtZInAw5oGhatwg6TluO3G1e8JLTpQUAJr30VvN
MAPzRizc0DTPqgWEsqMPL8NbTOXco/laVbXStgqm9ziQaSpVkbUsvph3/w==
-----END CERTIFICATE-----
Generated at Wed Oct 23 11:59:33 2024 by rpki-client on console-fra.rpki-client.org