Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ANG_Np6pIqKFQuDZlpt-S57BCgc.roa
File: ANG_Np6pIqKFQuDZlpt-S57BCgc.roa (raw, json)
Hash identifier: Ikw+F04OjBmwn1njvaqh6Vh9nSUsJSVbkz//BubaEew=
Subject key identifier: 00:D1:BF:36:9E:A9:22:A2:85:42:E0:D9:96:9B:7E:4B:9E:C1:0A:07
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018FE4B217256E47276C4DEEF2FA856F250D
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ANG_Np6pIqKFQuDZlpt-S57BCgc.roa
Signing time: Tue 04 Jun 2024 19:20:27 +0000
ROA not before: Tue 04 Jun 2024 19:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:66c3::/32 maxlen: 32
2a12:cc02::/32 maxlen: 32
2a12:cc04::/32 maxlen: 32
2a12:cc06::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:47:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e4:b2:17:25:6e:47:27:6c:4d:ee:f2:fa:85:6f:25:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Jun 4 19:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00d1bf369ea922a28542e0d9969b7e4b9ec10a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:58:4f:85:b0:d1:33:6a:46:50:ef:1c:c1:98:
19:e5:26:21:58:d3:7f:94:d9:20:70:70:a7:3b:50:
5d:a8:9e:24:24:23:c6:4d:b7:95:70:dc:31:8c:dc:
94:9a:06:ad:4c:71:fc:4c:63:59:36:5d:fb:0e:3c:
d6:11:48:6d:9b:91:fe:d9:a0:3d:e4:3b:b9:2a:41:
66:1e:80:10:02:1f:09:15:ac:7c:e0:01:06:a4:7a:
43:db:bf:42:52:bd:75:2e:5c:5d:cb:ce:96:65:40:
ca:62:5e:25:b0:cd:78:e1:8b:8d:50:82:e7:4b:70:
d1:52:b6:c3:95:fd:96:b3:62:b7:21:33:b0:ca:30:
eb:b3:07:2b:77:f0:06:ed:89:70:3a:20:f0:3e:a4:
1a:88:05:10:b8:22:79:db:44:d6:37:72:42:ec:70:
6b:be:56:57:8b:08:5b:51:2f:0c:25:57:00:f5:79:
bd:aa:78:78:ca:e1:5e:4f:0c:d1:65:67:ee:80:ed:
59:6c:ef:6e:f5:0d:cf:42:9c:35:b2:1b:5f:fb:ef:
39:b0:d4:66:0f:4f:c0:d1:1f:ff:1b:69:3a:fb:48:
cc:67:82:da:90:50:91:fa:d2:b0:93:00:50:07:80:
c3:d8:92:e3:ca:ad:12:48:e1:a6:1f:d2:48:74:49:
7a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D1:BF:36:9E:A9:22:A2:85:42:E0:D9:96:9B:7E:4B:9E:C1:0A:07
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/ANG_Np6pIqKFQuDZlpt-S57BCgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:66c3::/32
2a12:cc02::/32
2a12:cc04::/32
2a12:cc06::/32
Signature Algorithm: sha256WithRSAEncryption
5c:eb:d2:2a:ab:c6:2b:ed:46:0f:56:7d:11:ce:43:e2:da:74:
0f:f8:32:76:29:b1:2d:af:85:3a:07:c8:48:d9:95:8c:4b:fb:
c3:43:90:eb:98:74:81:d1:23:cf:15:fe:b7:77:77:70:84:3b:
7d:46:ae:6d:ff:95:61:60:78:28:6d:06:5e:fd:f5:5c:f8:96:
8d:e0:f9:ff:3f:c7:e1:cb:e9:1e:b2:29:83:0d:0f:88:09:8e:
94:d4:1e:cd:c9:cd:8f:f9:c3:9c:54:ec:cb:75:fa:e3:04:47:
c6:5b:17:30:e4:04:cb:20:32:d2:af:55:23:02:71:9f:45:26:
51:6c:55:f9:ed:81:18:ef:b3:64:81:9b:ed:13:e8:a1:e7:05:
51:63:0e:6a:27:de:d4:1c:b5:28:10:2f:19:6c:1b:6f:12:75:
74:13:98:a7:b4:2d:cc:ae:6b:cc:6a:14:f9:69:8f:b8:47:88:
e5:bb:18:58:04:3d:32:f6:8c:da:73:be:ab:2f:26:7d:81:16:
b7:bf:5c:84:5b:30:2a:9b:f4:78:0b:47:03:80:d0:f8:1b:5b:
40:94:f1:86:c9:06:b9:36:aa:38:01:8d:5a:77:cd:43:54:6b:
97:43:48:3d:ec:75:21:7a:ea:14:2f:c9:11:1f:7b:31:e2:31:
93:b6:b0:5b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY/kshclbkcnbE3u8vqFbyUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNjA0MTkyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQxYmYzNjllYTkyMmEyODU0MmUwZDk5NjliN2U0YjllYzEwYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1hPhbDRM2pGUO8cwZgZ5SYhWNN/
lNkgcHCnO1BdqJ4kJCPGTbeVcNwxjNyUmgatTHH8TGNZNl37DjzWEUhtm5H+2aA9
5Du5KkFmHoAQAh8JFax84AEGpHpD279CUr11Llxdy86WZUDKYl4lsM144YuNUILn
S3DRUrbDlf2Ws2K3ITOwyjDrswcrd/AG7YlwOiDwPqQaiAUQuCJ520TWN3JC7HBr
vlZXiwhbUS8MJVcA9Xm9qnh4yuFeTwzRZWfugO1ZbO9u9Q3PQpw1shtf++85sNRm
D0/A0R//G2k6+0jMZ4LakFCR+tKwkwBQB4DD2JLjyq0SSOGmH9JIdEl6pQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFADRvzaeqSKihULg2ZabfkuewQoHMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvQU5HX05wNnBJcUtGUXVEWmxwdC1TNTdCQ2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFmwwMF
ACoSzAIDBQAqEswEAwUAKhLMBjANBgkqhkiG9w0BAQsFAAOCAQEAXOvSKqvGK+1G
D1Z9Ec5D4tp0D/gydimxLa+FOgfISNmVjEv7w0OQ65h0gdEjzxX+t3d3cIQ7fUau
bf+VYWB4KG0GXv31XPiWjeD5/z/H4cvpHrIpgw0PiAmOlNQezcnNj/nDnFTsy3X6
4wRHxlsXMOQEyyAy0q9VIwJxn0UmUWxV+e2BGO+zZIGb7RPooecFUWMOaife1By1
KBAvGWwbbxJ1dBOYp7QtzK5rzGoU+WmPuEeI5bsYWAQ9MvaM2nO+qy8mfYEWt79c
hFswKpv0eAtHA4DQ+BtbQJTxhskGuTaqOAGNWnfNQ1Rrl0NIPex1IXrqFC/JER97
MeIxk7awWw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:17 2024 by rpki-client on console-ams.rpki-client.org