Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/zsPtqW0BFse7PAgq1_5eltfeXvs.roa
File: zsPtqW0BFse7PAgq1_5eltfeXvs.roa (raw, json)
Hash identifier: IUgTjGD4wR9iuHftpO9lGX/QMKsv+NmmNDyAF63yDI0=
Subject key identifier: CE:C3:ED:A9:6D:01:16:C7:BB:3C:08:2A:D7:FE:5E:96:D7:DE:5E:FB
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 0190A6BBF555177A766D5B62EE9351E2F216
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/zsPtqW0BFse7PAgq1_5eltfeXvs.roa
Signing time: Fri 12 Jul 2024 11:37:34 +0000
ROA not before: Fri 12 Jul 2024 11:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211286
IP address blocks: 2a0d:8d04::/32 maxlen: 48
2a0d:8d04:5::/48 maxlen: 48
2a0d:8d04:71a::/48 maxlen: 48
2a0d:8d04:71b::/48 maxlen: 48
2a0d:8d04:71d::/48 maxlen: 48
2a0d:8d04:5000::/36 maxlen: 36
2a0d:8d04:6000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 18 Jul 2024 11:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:bb:f5:55:17:7a:76:6d:5b:62:ee:93:51:e2:f2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jul 12 11:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cec3eda96d0116c7bb3c082ad7fe5e96d7de5efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dd:76:14:15:4c:01:df:a0:42:91:3a:08:31:
10:28:52:fd:ed:92:82:ad:47:b1:c2:19:fe:1f:7d:
b7:4b:c7:09:1d:01:5c:5f:0f:ea:aa:e5:bc:63:1e:
fa:98:e4:0c:9e:25:54:77:4d:d3:21:79:ee:7c:b9:
04:e5:0c:2b:36:2a:22:ad:f0:41:25:9a:08:96:66:
b9:c5:69:3a:8a:95:fa:56:45:dc:2d:6a:64:3d:28:
17:dc:c6:4f:21:b5:70:cd:47:7d:d5:c3:3a:59:79:
c2:86:88:59:a1:d5:97:97:b9:08:2e:85:ae:ee:5d:
4e:e6:25:4f:3e:59:bd:e3:f2:b5:27:f2:fc:71:df:
11:04:a8:c9:fc:b4:93:07:7d:1d:c3:4d:69:c3:b3:
4a:5f:bf:0a:bd:76:51:b2:25:bb:90:a2:2d:4a:2a:
9c:b3:b2:bd:f8:d5:cb:7c:e5:5d:c0:e2:9d:62:2c:
f8:48:a9:13:b6:35:34:fb:b2:7a:68:15:6d:7d:69:
f2:95:6f:92:d8:a7:d8:19:1a:2d:9b:a7:8f:4b:df:
a7:f2:bd:05:23:aa:1e:08:59:be:1a:ec:2c:2a:40:
20:13:cb:aa:d6:ea:dc:1d:91:15:0b:b2:d5:c7:79:
df:c5:e1:63:f0:41:34:f1:24:ec:f7:7e:db:20:cd:
91:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:ED:A9:6D:01:16:C7:BB:3C:08:2A:D7:FE:5E:96:D7:DE:5E:FB
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/zsPtqW0BFse7PAgq1_5eltfeXvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8d04::/32
Signature Algorithm: sha256WithRSAEncryption
a4:69:d9:77:63:a9:58:35:c0:b5:f4:29:68:5d:57:4d:84:9d:
ae:43:66:6d:11:be:e7:52:f5:c9:2a:b6:02:b3:31:95:f5:45:
d4:b1:d3:c2:15:9c:0c:20:fd:83:56:8c:b1:65:37:d4:d6:f1:
a4:97:21:4d:a5:d1:5f:4e:83:35:69:7d:0c:0a:a7:da:ff:45:
bb:1a:a7:9d:bd:75:e2:23:e8:6c:a7:7e:c9:61:2c:28:95:66:
38:7a:d7:cd:56:78:17:4f:bd:b5:9a:03:6b:d0:c3:c8:af:21:
ea:94:fc:ce:3f:d4:dc:95:37:b7:47:79:7a:5d:50:da:c9:e2:
ca:67:62:09:ca:89:dd:fc:81:7e:1b:04:ce:94:55:3c:d4:66:
b5:2d:73:4c:02:64:4b:48:a9:6a:12:df:22:1e:af:ea:fb:eb:
bb:8a:3a:79:fe:87:73:40:37:a5:e1:49:0b:0f:f5:36:1f:b2:
3c:14:f1:60:34:5c:8b:a9:7b:a8:ed:a5:90:cd:2d:f7:1b:03:
7f:a9:69:4b:2c:7e:be:bb:4a:a0:c2:8e:35:6a:f7:fc:b0:87:
d5:a6:a3:56:90:7b:20:20:bf:20:e2:fe:76:7b:3c:43:ca:1d:
46:85:ed:e1:df:fa:32:88:3e:79:52:e0:0a:00:75:96:38:eb:
91:d2:a9:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCmu/VVF3p2bVti7pNR4vIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjQwNzEyMTEzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMzZWRhOTZkMDExNmM3YmIzYzA4MmFkN2ZlNWU5NmQ3ZGU1ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t12FBVMAd+gQpE6CDEQKFL97ZKC
rUexwhn+H323S8cJHQFcXw/qquW8Yx76mOQMniVUd03TIXnufLkE5QwrNioirfBB
JZoIlma5xWk6ipX6VkXcLWpkPSgX3MZPIbVwzUd91cM6WXnChohZodWXl7kILoWu
7l1O5iVPPlm94/K1J/L8cd8RBKjJ/LSTB30dw01pw7NKX78KvXZRsiW7kKItSiqc
s7K9+NXLfOVdwOKdYiz4SKkTtjU0+7J6aBVtfWnylW+S2KfYGRotm6ePS9+n8r0F
I6oeCFm+GuwsKkAgE8uq1urcHZEVC7LVx3nfxeFj8EE08STs937bIM2R1QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM7D7altARbHuzwIKtf+XpbX3l77MB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvenNQdHFXMEJGc2U3UEFncTFfNWVsdGZlWHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg2NBDAN
BgkqhkiG9w0BAQsFAAOCAQEApGnZd2OpWDXAtfQpaF1XTYSdrkNmbRG+51L1ySq2
ArMxlfVF1LHTwhWcDCD9g1aMsWU31NbxpJchTaXRX06DNWl9DAqn2v9Fuxqnnb11
4iPobKd+yWEsKJVmOHrXzVZ4F0+9tZoDa9DDyK8h6pT8zj/U3JU3t0d5el1Q2sni
ymdiCcqJ3fyBfhsEzpRVPNRmtS1zTAJkS0ipahLfIh6v6vvru4o6ef6Hc0A3peFJ
Cw/1Nh+yPBTxYDRci6l7qO2lkM0t9xsDf6lpSyx+vrtKoMKONWr3/LCH1aajVpB7
ICC/IOL+dns8Q8odRoXt4d/6Mog+eVLgCgB1ljjrkdKpZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:30:08 2025 by rpki-client