Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/xk1yYzqtMymdZTiesv3sOFkM91w.roa
File: xk1yYzqtMymdZTiesv3sOFkM91w.roa (raw, json)
Hash identifier: Vyh20ewZF3XfLC+ZtKBcz59tHTsYANzai6aw6vIEAlU=
Subject key identifier: C6:4D:72:63:3A:AD:33:29:9D:65:38:9E:B2:FD:EC:38:59:0C:F7:5C
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018FC004AC6BD6514A7717F5430BC22ED05F
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/xk1yYzqtMymdZTiesv3sOFkM91w.roa
Signing time: Tue 28 May 2024 16:24:42 +0000
ROA not before: Tue 28 May 2024 16:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a12:cc02::/32 maxlen: 32
2a12:cc04::/32 maxlen: 32
2a12:cc06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Jun 2024 19:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:04:ac:6b:d6:51:4a:77:17:f5:43:0b:c2:2e:d0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: May 28 16:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64d72633aad33299d65389eb2fdec38590cf75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:51:ed:8d:39:39:e1:be:03:f9:06:76:1d:72:
e9:78:08:59:bf:f6:49:a8:06:c8:0e:51:e0:9f:f9:
d7:cb:45:ab:52:65:eb:1f:f5:7b:36:bc:79:1e:da:
5c:e3:61:86:56:2b:d4:a9:16:fb:e7:bd:43:43:9d:
b4:24:69:22:c6:50:1f:47:ba:98:68:7a:8b:6d:d9:
45:5e:ec:38:87:16:6c:18:fb:38:af:5b:39:d1:f2:
8c:96:20:ad:37:f3:ac:c3:8e:60:6c:89:a7:81:f7:
6d:f5:3e:35:6b:31:4b:17:5a:08:90:07:0a:b9:af:
e6:ea:71:3f:80:49:09:f4:08:6d:de:3c:a9:cf:d3:
50:30:15:15:9a:50:45:cf:43:a3:2a:1f:35:ab:7a:
4c:91:15:81:6b:7a:23:90:74:1f:7d:b3:dc:8e:e1:
94:7a:57:e1:9a:2e:12:54:93:db:87:db:16:56:6e:
c0:8b:27:1d:51:3b:d4:de:e2:27:01:e3:a6:87:de:
43:9d:1c:0b:11:bf:9d:62:31:75:2c:91:6f:7f:c0:
71:e9:8e:8c:a4:a2:a2:a5:f9:81:84:97:6f:5e:12:
e3:f6:17:13:d5:e7:4c:9d:48:7f:0b:d4:d9:7e:63:
07:22:2a:d4:e9:0b:2e:27:42:87:f1:cb:7f:51:3c:
5b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4D:72:63:3A:AD:33:29:9D:65:38:9E:B2:FD:EC:38:59:0C:F7:5C
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/xk1yYzqtMymdZTiesv3sOFkM91w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:cc02::/32
2a12:cc04::/32
2a12:cc06::/32
Signature Algorithm: sha256WithRSAEncryption
9d:a1:66:7f:f0:19:d9:86:26:7b:6c:fd:81:34:2e:49:20:5e:
49:24:c3:7a:3e:87:84:45:4f:e0:50:31:de:91:1f:1d:60:7c:
c3:df:f7:96:61:f4:99:ef:2e:a9:2a:c6:d1:8e:a2:b5:0f:84:
cc:be:50:f6:44:07:aa:5d:29:42:98:b3:35:0f:e9:9a:b1:94:
96:87:f4:5f:10:e8:02:4e:6b:a0:0e:6b:02:95:f2:14:60:0d:
c6:b4:6f:73:2e:4e:5c:87:c7:77:ee:09:8c:6f:ed:2e:70:79:
d2:aa:c9:a3:a0:26:37:ad:75:ab:41:0f:18:3a:d2:d4:7f:a6:
c0:03:d4:07:dd:c0:81:65:32:b0:4c:69:3c:6e:2e:d7:5e:9e:
58:29:9a:0d:b5:36:c5:ec:d6:a8:2d:88:f1:04:ce:5e:ce:a1:
8f:52:dd:97:13:8f:20:3f:e3:8c:33:64:2e:a3:2e:8e:7f:24:
50:d6:07:5d:4a:88:b1:35:4d:d1:7e:2b:3a:1a:b9:98:c6:ce:
2b:91:fe:36:a3:5c:b3:12:d2:a1:9d:48:f0:30:ee:cd:ad:3f:
9c:d8:78:60:0f:ff:72:73:35:e9:c4:bb:e2:66:27:f5:1e:f1:
87:42:28:cd:f1:33:bc:56:86:54:4e:7c:a7:1e:c2:bf:c2:fe:
1d:07:2f:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/ABKxr1lFKdxf1QwvCLtBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNTI4MTYyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRkNzI2MzNhYWQzMzI5OWQ2NTM4OWViMmZkZWMzODU5MGNmNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslHtjTk54b4D+QZ2HXLpeAhZv/ZJ
qAbIDlHgn/nXy0WrUmXrH/V7Nrx5Htpc42GGVivUqRb7571DQ520JGkixlAfR7qY
aHqLbdlFXuw4hxZsGPs4r1s50fKMliCtN/Osw45gbImngfdt9T41azFLF1oIkAcK
ua/m6nE/gEkJ9Aht3jypz9NQMBUVmlBFz0OjKh81q3pMkRWBa3ojkHQffbPcjuGU
elfhmi4SVJPbh9sWVm7AiycdUTvU3uInAeOmh95DnRwLEb+dYjF1LJFvf8Bx6Y6M
pKKipfmBhJdvXhLj9hcT1edMnUh/C9TZfmMHIirU6QsuJ0KH8ct/UTxbowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMZNcmM6rTMpnWU4nrL97DhZDPdcMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEveGsxeVl6cXRNeW1kWlRpZXN2M3NPRmtNOTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhLMAgMF
ACoSzAQDBQAqEswGMA0GCSqGSIb3DQEBCwUAA4IBAQCdoWZ/8BnZhiZ7bP2BNC5J
IF5JJMN6PoeERU/gUDHekR8dYHzD3/eWYfSZ7y6pKsbRjqK1D4TMvlD2RAeqXSlC
mLM1D+masZSWh/RfEOgCTmugDmsClfIUYA3GtG9zLk5ch8d37gmMb+0ucHnSqsmj
oCY3rXWrQQ8YOtLUf6bAA9QH3cCBZTKwTGk8bi7XXp5YKZoNtTbF7NaoLYjxBM5e
zqGPUt2XE48gP+OMM2Quoy6OfyRQ1gddSoixNU3Rfis6GrmYxs4rkf42o1yzEtKh
nUjwMO7NrT+c2HhgD/9yczXpxLviZif1HvGHQijN8TO8VoZUTnynHsK/wv4dBy+Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:58 2024 by rpki-client on console-fra.rpki-client.org