Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zg1x1K8LqVB_Jj4wJOnwPq0tXoo.roa
File: zg1x1K8LqVB_Jj4wJOnwPq0tXoo.roa (raw, json)
Hash identifier: u6DcSsv5iemtAALepCRUs590YWcKBt0GBGpEktnW37I=
Subject key identifier: CE:0D:71:D4:AF:0B:A9:50:7F:26:3E:30:24:E9:F0:3E:AD:2D:5E:8A
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA1CA7DA198480B3EC7BC25F9FE02F
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zg1x1K8LqVB_Jj4wJOnwPq0tXoo.roa
Signing time: Sun 01 Jan 2023 05:24:45 +0000
ROA not before: Sun 01 Jan 2023 05:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203307
IP address blocks: 2a11:f880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:1c:a7:da:19:84:80:b3:ec:7b:c2:5f:9f:e0:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce0d71d4af0ba9507f263e3024e9f03ead2d5e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:a0:6b:56:d6:07:d5:5e:a6:20:a5:24:3b:
e6:af:db:5b:0f:72:67:07:ff:04:05:f9:98:5e:f3:
6d:54:69:f9:0b:00:ec:77:56:b5:63:93:0c:20:5d:
ee:2f:df:db:b0:80:5d:79:7d:25:a0:57:50:33:6f:
fa:cb:33:95:c2:cb:13:2f:71:32:c7:4a:b0:64:c9:
07:cf:eb:34:39:d7:cb:ef:9a:e9:a9:38:4a:90:39:
0d:5f:93:75:c4:96:b9:10:38:1c:0f:ad:6b:fc:fc:
54:ef:c9:07:da:ca:a3:7c:31:12:41:c2:17:7a:cc:
e3:eb:57:ae:5a:bc:6c:2c:04:43:54:84:86:48:6c:
1f:39:0d:56:78:c5:d4:d5:7b:4c:53:6d:f5:e8:3c:
27:d3:39:32:3f:fb:b8:3e:7a:92:d9:33:73:c0:a3:
2c:ca:81:33:7a:29:98:35:30:1d:98:20:ac:8a:47:
51:e2:f3:9d:86:49:66:ef:23:e2:a3:97:23:00:7c:
6c:27:5f:07:8d:63:7d:f8:83:23:e3:bd:50:35:6c:
75:da:eb:66:c7:46:a6:84:a1:e5:21:5a:88:46:be:
8f:61:41:d7:13:53:18:e6:62:4d:17:18:24:62:dc:
7e:e7:08:4a:de:0b:7b:71:0c:d0:3e:31:68:df:89:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0D:71:D4:AF:0B:A9:50:7F:26:3E:30:24:E9:F0:3E:AD:2D:5E:8A
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zg1x1K8LqVB_Jj4wJOnwPq0tXoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f880::/29
Signature Algorithm: sha256WithRSAEncryption
78:ec:0d:02:75:17:04:d2:fc:ba:04:ea:3e:38:c7:52:df:a4:
f2:a4:36:75:48:d8:27:bd:ea:56:fd:db:ef:30:11:49:bc:a6:
46:9b:01:ff:8a:2f:55:d5:9c:10:86:97:3c:b5:7b:bd:99:60:
ec:98:af:25:4c:55:bd:e4:ed:b0:df:d7:b1:6b:07:17:6d:94:
80:75:36:48:81:97:be:51:6c:55:18:9d:64:c1:74:45:8e:23:
1d:89:35:38:62:77:3d:48:84:d0:c9:48:21:20:c2:08:5e:fe:
a2:f0:17:c2:0e:20:b3:1f:6f:d2:82:e9:cc:5d:23:85:87:7d:
ab:12:5a:c5:65:ac:8f:e6:0e:f4:35:d6:dc:f5:d6:58:94:41:
be:23:14:9c:af:20:df:8f:07:42:fd:3f:89:2a:b4:a5:60:38:
a5:bb:63:63:8d:2c:26:69:7c:4b:9f:b7:2f:6b:6c:4a:83:76:
be:a0:08:b5:10:f9:3d:fa:0f:cb:65:f8:0d:95:88:f4:8e:1c:
06:93:de:8d:ef:02:96:1c:e9:80:ed:14:4b:8f:21:41:a0:5e:
b7:81:27:ed:a8:95:33:b5:25:80:2b:a7:dc:01:34:a7:22:9c:
6f:17:03:e9:7b:ab:82:ab:1e:56:57:c4:32:ef:ae:7c:9b:8f:
9c:34:63:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVryhyn2hmEgLPse8Jfn+AvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBkNzFkNGFmMGJhOTUwN2YyNjNlMzAyNGU5ZjAzZWFkMmQ1ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzuga1bWB9VepiClJDvmr9tbD3Jn
B/8EBfmYXvNtVGn5CwDsd1a1Y5MMIF3uL9/bsIBdeX0loFdQM2/6yzOVwssTL3Ey
x0qwZMkHz+s0OdfL75rpqThKkDkNX5N1xJa5EDgcD61r/PxU78kH2sqjfDESQcIX
eszj61euWrxsLARDVISGSGwfOQ1WeMXU1XtMU2316Dwn0zkyP/u4PnqS2TNzwKMs
yoEzeimYNTAdmCCsikdR4vOdhklm7yPio5cjAHxsJ18HjWN9+IMj471QNWx12utm
x0amhKHlIVqIRr6PYUHXE1MY5mJNFxgkYtx+5whK3gt7cQzQPjFo34l7ewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM4NcdSvC6lQfyY+MCTp8D6tLV6KMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvemcxeDFLOExxVkJfSmo0d0pPbndQcTB0WG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH4gDAN
BgkqhkiG9w0BAQsFAAOCAQEAeOwNAnUXBNL8ugTqPjjHUt+k8qQ2dUjYJ73qVv3b
7zARSbymRpsB/4ovVdWcEIaXPLV7vZlg7JivJUxVveTtsN/XsWsHF22UgHU2SIGX
vlFsVRidZMF0RY4jHYk1OGJ3PUiE0MlIISDCCF7+ovAXwg4gsx9v0oLpzF0jhYd9
qxJaxWWsj+YO9DXW3PXWWJRBviMUnK8g348HQv0/iSq0pWA4pbtjY40sJml8S5+3
L2tsSoN2vqAItRD5PfoPy2X4DZWI9I4cBpPeje8ClhzpgO0US48hQaBet4En7aiV
M7UlgCun3AE0pyKcbxcD6XurgqseVlfEMu+ufJuPnDRjfQ==
-----END CERTIFICATE-----
Generated at Thu Sep 7 09:58:53 2023 by rpki-client on console-fra.rpki-client.org