Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/zl3bqLx24K2CfvRhU4LubHvco_I.roa
File: zl3bqLx24K2CfvRhU4LubHvco_I.roa (raw, json)
Hash identifier: xvdISV1seRT1wOTTZsDcxasxwhpurCh4fsqDLE28qj8=
Subject key identifier: CE:5D:DB:A8:BC:76:E0:AD:82:7E:F4:61:53:82:EE:6C:7B:DC:A3:F2
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01927D4BCAB64A263986FB7174AEA1DDE348
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/zl3bqLx24K2CfvRhU4LubHvco_I.roa
Signing time: Fri 11 Oct 2024 20:36:11 +0000
ROA not before: Fri 11 Oct 2024 20:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0e:7f40::/32 maxlen: 32
2a0e:7f43::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 12 Oct 2024 20:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:ca:b6:4a:26:39:86:fb:71:74:ae:a1:dd:e3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Oct 11 20:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce5ddba8bc76e0ad827ef4615382ee6c7bdca3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ca:0e:08:9a:c2:4c:b7:fd:81:cd:2e:d1:2a:
f9:32:17:ca:67:10:d6:ff:4e:02:6d:f5:f9:9c:d2:
4e:75:d5:71:30:65:c3:0e:0c:9e:d9:33:51:2b:d6:
01:02:a2:79:1b:d3:e8:d9:08:20:86:9a:bc:f4:e4:
34:f4:41:16:15:55:21:87:1f:56:ec:5d:64:02:fa:
81:e0:1e:d5:9c:59:a6:57:74:32:f0:a7:7a:11:b7:
b2:5d:90:f6:20:86:bd:14:2a:f8:41:0c:54:cf:06:
d9:83:2f:98:80:00:eb:b6:59:c2:2a:e3:81:d6:1e:
6f:c9:42:cd:7e:dd:63:fe:f0:6b:de:07:de:d3:fb:
ae:4e:bf:62:1f:ec:4e:76:62:e5:e9:2b:3d:94:54:
15:51:66:ce:e2:38:88:33:4d:b4:f5:f5:52:25:fa:
be:1b:7a:07:be:41:46:97:48:3f:f8:92:92:72:1b:
ae:56:84:0e:4e:00:85:84:f7:24:88:66:b1:fd:30:
99:01:9d:ed:96:a2:ac:1a:cf:04:a2:7e:9e:74:f1:
9b:25:8e:02:ca:7f:4f:2b:47:8e:ea:c6:2a:9d:4c:
25:a0:18:d4:90:23:09:78:96:a6:35:2c:79:9e:bf:
5e:6b:f5:16:c2:7e:9b:f2:37:a4:7e:3e:b0:55:10:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5D:DB:A8:BC:76:E0:AD:82:7E:F4:61:53:82:EE:6C:7B:DC:A3:F2
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/zl3bqLx24K2CfvRhU4LubHvco_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/32
2a0e:7f43::/32
Signature Algorithm: sha256WithRSAEncryption
a5:0b:3d:76:ea:f9:d2:70:8c:e2:76:33:e2:68:8c:d5:a8:4f:
bc:aa:87:17:32:5c:5f:11:1a:14:eb:93:e6:ef:2c:2b:be:2c:
28:95:6a:9b:eb:6b:49:b2:7f:a0:b8:73:a8:37:44:7d:3c:d2:
4a:9c:84:b7:ed:04:24:83:f8:7e:43:65:e1:e0:3e:a3:99:9e:
e2:cb:c0:11:ca:dd:11:c7:d5:37:33:ca:fc:b7:ca:62:7f:c3:
a7:55:67:e5:97:fa:5f:ba:35:f5:fc:03:b1:e0:93:90:90:09:
18:35:27:88:bb:de:b4:94:ea:76:46:04:f1:7e:c7:0f:86:39:
bf:06:37:97:43:1d:46:88:7a:d5:3d:bd:81:23:d8:b5:fe:ce:
2e:1e:e8:b4:b6:8c:49:7d:25:1f:20:87:75:7a:ef:43:3f:41:
fe:dd:90:22:04:ad:16:9a:d8:16:dc:73:55:1a:f5:5d:58:aa:
0f:10:c6:58:2f:58:b5:9a:b1:53:6a:55:6d:39:54:85:77:2a:
56:be:87:40:93:c2:f2:a8:4a:67:52:ff:11:8c:ba:7e:bf:cd:
9f:8d:2b:ec:0a:2f:35:da:56:fe:37:7a:c5:c8:ae:a9:2e:99:
6e:ba:57:3f:a2:f5:50:0e:92:e2:9a:57:c1:75:08:18:27:d5:
67:b0:45:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9S8q2SiY5hvtxdK6h3eNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQxMDExMjAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVkZGJhOGJjNzZlMGFkODI3ZWY0NjE1MzgyZWU2YzdiZGNhM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2coOCJrCTLf9gc0u0Sr5MhfKZxDW
/04CbfX5nNJOddVxMGXDDgye2TNRK9YBAqJ5G9Po2Qgghpq89OQ09EEWFVUhhx9W
7F1kAvqB4B7VnFmmV3Qy8Kd6EbeyXZD2IIa9FCr4QQxUzwbZgy+YgADrtlnCKuOB
1h5vyULNft1j/vBr3gfe0/uuTr9iH+xOdmLl6Ss9lFQVUWbO4jiIM0209fVSJfq+
G3oHvkFGl0g/+JKSchuuVoQOTgCFhPckiGax/TCZAZ3tlqKsGs8Eon6edPGbJY4C
yn9PK0eO6sYqnUwloBjUkCMJeJamNSx5nr9ea/UWwn6b8jekfj6wVRAKCwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM5d26i8duCtgn70YVOC7mx73KPyMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvemwzYnFMeDI0SzJDZnZSaFU0THViSHZjb19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/QAMF
ACoOf0MwDQYJKoZIhvcNAQELBQADggEBAKULPXbq+dJwjOJ2M+JojNWoT7yqhxcy
XF8RGhTrk+bvLCu+LCiVapvra0myf6C4c6g3RH080kqchLftBCSD+H5DZeHgPqOZ
nuLLwBHK3RHH1Tczyvy3ymJ/w6dVZ+WX+l+6NfX8A7Hgk5CQCRg1J4i73rSU6nZG
BPF+xw+GOb8GN5dDHUaIetU9vYEj2LX+zi4e6LS2jEl9JR8gh3V670M/Qf7dkCIE
rRaa2Bbcc1Ua9V1Yqg8QxlgvWLWasVNqVW05VIV3Kla+h0CTwvKoSmdS/xGMun6/
zZ+NK+wKLzXaVv43esXIrqkumW66Vz+i9VAOkuKaV8F1CBgn1WewRQ0=
-----END CERTIFICATE-----
Generated at Sat Oct 12 22:40:43 2024 by rpki-client on console-ams.rpki-client.org