Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2zDK_gxUJvlUq39ztznpR1eADTQ.roa
File: 2zDK_gxUJvlUq39ztznpR1eADTQ.roa (raw, json)
Hash identifier: B9zcZc/8kUU/AjSHi49ad8cdgpry4xN4IszrDBhAbQg=
Subject key identifier: DB:30:CA:FE:0C:54:26:F9:54:AB:7F:73:B7:39:E9:47:57:80:0D:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AB0719F585AE424F42AAD18D91DE8DC55
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2zDK_gxUJvlUq39ztznpR1eADTQ.roa
Signing time: Wed 20 Sep 2023 02:35:50 +0000
ROA not before: Wed 20 Sep 2023 02:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:b107:27c7::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
2a0e:97c6:6801::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Sep 2023 12:54:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b0:71:9f:58:5a:e4:24:f4:2a:ad:18:d9:1d:e8:dc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 20 02:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db30cafe0c5426f954ab7f73b739e94757800d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ca:ac:83:d5:46:3e:f4:9b:2a:24:af:bb:22:
08:4c:6a:72:17:fd:ce:cd:39:b2:d7:d3:95:ba:b2:
2b:fe:d6:cf:69:40:59:35:75:4a:29:6c:3f:9e:cd:
6e:a1:e4:e4:8e:25:d7:0f:56:ec:9e:c6:f9:24:56:
8f:ff:fc:53:87:11:46:6b:b2:cd:8f:e4:5e:ea:cf:
9d:29:be:23:5b:2e:8d:be:59:a8:23:d0:c9:39:81:
34:1e:7b:40:b4:1a:ac:5e:d8:b1:1b:08:6e:e7:52:
2b:d1:e6:f6:42:99:99:25:4e:8a:3e:12:7d:42:27:
5d:27:1c:16:3f:fd:26:11:68:59:2c:1b:59:23:1e:
61:90:f4:31:96:47:fb:b1:0d:01:8c:e8:9e:1d:11:
8b:ea:13:18:54:69:e2:6e:91:ef:32:8e:34:d3:f1:
b2:75:53:fa:94:72:2c:74:90:f6:84:28:ff:66:30:
7d:02:cd:ad:c3:14:fe:7d:31:32:ac:26:35:c5:3c:
78:7f:4f:e9:f7:a6:5a:43:f2:25:5f:8b:7a:1a:2b:
ba:a5:79:f0:11:34:22:d3:4e:74:d8:8f:af:b1:41:
ba:d7:da:fc:89:13:5e:ff:d2:fc:bb:fd:b6:45:b3:
ff:50:41:46:4b:c8:9d:23:4f:c6:bd:f7:b2:0d:c0:
4c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:30:CA:FE:0C:54:26:F9:54:AB:7F:73:B7:39:E9:47:57:80:0D:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2zDK_gxUJvlUq39ztznpR1eADTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:6801::/48
2a0e:b107:27ac::/48
2a0e:b107:27c7::/48
Signature Algorithm: sha256WithRSAEncryption
50:4a:8d:d9:09:8e:1d:d8:d4:d4:42:25:ca:89:86:aa:94:47:
40:79:f4:ed:7a:c7:0c:93:77:5a:fa:f2:23:f1:44:b5:90:f7:
d5:9f:a4:35:1e:99:c9:e1:f5:19:3e:3d:df:c3:b5:ec:c8:a2:
bd:89:0c:6d:96:f8:a4:1b:a5:fc:e4:fd:1b:ae:7b:94:f7:8a:
d4:05:7e:28:f4:fb:7c:e7:9c:1a:e0:70:ce:00:08:b0:4e:e4:
72:40:72:80:ee:c6:36:7d:96:01:f5:de:a1:d3:37:ae:d8:f2:
44:fc:a7:47:05:5c:9e:57:69:40:6f:4e:08:6f:cb:99:1c:2c:
03:b7:f4:37:be:7d:47:88:48:b6:b8:e8:10:78:2a:01:e4:7c:
fa:8c:e6:21:3a:73:d0:77:9a:1d:ce:f0:2d:4b:43:da:54:64:
a2:df:17:99:98:92:1c:8b:db:c9:8f:80:ee:42:2b:e2:59:97:
61:b0:08:ee:22:1a:a9:eb:00:1f:f8:47:f3:7a:6e:57:1c:a1:
2b:5f:24:e6:08:43:44:65:1e:8e:d9:0d:19:ce:32:8e:36:b3:
0c:f9:6e:d4:07:8d:d1:f5:9b:d6:22:05:79:b4:53:1a:82:a3:
c0:1e:0a:81:12:cd:19:28:f8:a9:1e:a0:83:3e:53:77:03:3f:
09:ca:43:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqwcZ9YWuQk9CqtGNkd6NxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTIwMDIzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMwY2FmZTBjNTQyNmY5NTRhYjdmNzNiNzM5ZTk0NzU3ODAwZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicqsg9VGPvSbKiSvuyIITGpyF/3O
zTmy19OVurIr/tbPaUBZNXVKKWw/ns1uoeTkjiXXD1bsnsb5JFaP//xThxFGa7LN
j+Re6s+dKb4jWy6NvlmoI9DJOYE0HntAtBqsXtixGwhu51Ir0eb2QpmZJU6KPhJ9
QiddJxwWP/0mEWhZLBtZIx5hkPQxlkf7sQ0BjOieHRGL6hMYVGnibpHvMo400/Gy
dVP6lHIsdJD2hCj/ZjB9As2twxT+fTEyrCY1xTx4f0/p96ZaQ/IlX4t6Giu6pXnw
ETQi00502I+vsUG619r8iRNe/9L8u/22RbP/UEFGS8idI0/GvfeyDcBMgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNswyv4MVCb5VKt/c7c56UdXgA00MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMnpES19neFVKdmxVcTM5enR6bnBSMWVBRFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XxmgB
AwcAKg6xByesAwcAKg6xByfHMA0GCSqGSIb3DQEBCwUAA4IBAQBQSo3ZCY4d2NTU
QiXKiYaqlEdAefTtescMk3da+vIj8US1kPfVn6Q1HpnJ4fUZPj3fw7XsyKK9iQxt
lvikG6X85P0brnuU94rUBX4o9Pt855wa4HDOAAiwTuRyQHKA7sY2fZYB9d6h0zeu
2PJE/KdHBVyeV2lAb04Ib8uZHCwDt/Q3vn1HiEi2uOgQeCoB5Hz6jOYhOnPQd5od
zvAtS0PaVGSi3xeZmJIci9vJj4DuQiviWZdhsAjuIhqp6wAf+Efzem5XHKErXyTm
CENEZR6O2Q0ZzjKONrMM+W7UB43R9ZvWIgV5tFMagqPAHgqBEs0ZKPipHqCDPlN3
Az8JykMJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org