Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CZz0LrdoZ1XV-wzKLq_kyFToM30.roa
File: CZz0LrdoZ1XV-wzKLq_kyFToM30.roa (raw, json)
Hash identifier: qPbbPrWrxFjGP3NsGxWVxtG9q1JJ3v8abKhbQZ6n8mc=
Subject key identifier: 09:9C:F4:2E:B7:68:67:55:D5:FB:0C:CA:2E:AF:E4:C8:54:E8:33:7D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DCBE3036B0A72E32EC86039944422D89A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CZz0LrdoZ1XV-wzKLq_kyFToM30.roa
Signing time: Wed 21 Feb 2024 13:37:48 +0000
ROA not before: Wed 21 Feb 2024 13:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34927
IP address blocks: 2a10:ccc3:ccc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Feb 2024 15:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:e3:03:6b:0a:72:e3:2e:c8:60:39:94:44:22:d8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 21 13:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=099cf42eb7686755d5fb0cca2eafe4c854e8337d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f1:b0:71:21:9e:00:9d:e1:5e:a1:c7:5a:c5:
c2:de:6e:43:ee:02:76:9a:48:b6:d3:8a:09:56:9a:
7c:2e:26:d3:13:2e:b4:13:ea:4e:bf:0e:06:91:53:
a1:dd:3d:79:e2:02:85:92:93:f7:19:bc:26:11:7c:
e6:6c:fa:7e:54:5d:d3:a7:98:e2:0c:60:f3:f3:b8:
04:b8:77:2a:0c:93:96:0f:99:fe:72:24:3a:c3:e3:
ee:30:fd:37:aa:e6:2f:85:e1:b3:f9:c8:4f:45:f4:
d2:4d:e9:a3:73:1c:d1:c7:b5:26:e3:15:6d:7a:c8:
fc:56:ae:9d:50:df:e3:fc:dc:52:e6:00:46:2a:05:
c1:68:14:89:e0:66:85:a6:bf:5f:df:aa:63:73:ba:
49:f6:ff:99:cb:fd:1c:e2:5d:ed:8b:03:5f:aa:94:
8a:fd:1f:7b:23:f5:e5:a0:cd:df:b4:03:bf:a9:c0:
21:ee:e8:5a:85:ec:78:17:fe:10:32:66:ae:e1:ba:
8a:78:d1:eb:5f:64:20:fc:cf:06:35:b4:82:ef:ab:
d8:d8:e2:aa:40:3e:4e:8c:a3:d4:81:f5:65:12:38:
54:f6:5f:95:64:44:e7:a0:71:10:69:57:ae:83:95:
ec:d2:7b:88:64:31:9d:6b:3f:d4:4b:d9:32:6b:da:
25:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9C:F4:2E:B7:68:67:55:D5:FB:0C:CA:2E:AF:E4:C8:54:E8:33:7D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CZz0LrdoZ1XV-wzKLq_kyFToM30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc6::/48
Signature Algorithm: sha256WithRSAEncryption
2e:bd:80:99:d8:fc:9f:ac:dd:38:69:f1:69:f4:ce:1f:23:b1:
aa:b9:24:51:49:93:26:a3:2c:c7:a0:d9:dd:63:17:ec:50:4a:
4c:b5:5e:a9:fc:a6:46:b1:c6:75:d1:12:23:e0:7e:d2:d4:88:
1f:54:ba:22:27:99:46:a1:a9:4b:0c:c4:96:6c:f4:07:97:11:
d9:5a:d5:d3:de:8c:28:2f:7d:67:97:2f:d3:12:bc:34:8e:ab:
78:f5:30:c4:b9:12:1c:ca:fb:5b:e1:7a:a0:be:c5:20:69:a3:
06:b2:cb:fb:07:d8:66:09:47:58:d5:a0:1c:9f:9f:a5:39:8d:
09:09:51:ac:aa:17:9d:0c:98:01:f7:89:70:2c:1c:48:d6:22:
54:8c:67:35:e8:70:97:e4:58:f9:01:38:6c:ac:40:40:a0:df:
e8:19:50:98:b6:a9:32:3d:00:16:f7:f0:66:14:c2:b2:7c:fe:
9c:34:db:77:9d:9b:92:ec:cb:10:e5:71:13:11:29:68:48:59:
d4:5d:55:b4:4f:f8:0d:60:24:b0:3c:61:8f:68:70:83:e1:5c:
28:ab:80:8c:5f:ea:e2:2b:19:a3:31:5c:2a:98:31:aa:ad:e8:
2b:c2:62:0a:75:05:1b:ad:9f:90:b8:9e:ad:1b:a2:01:f5:bd:
e4:d2:a5:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3L4wNrCnLjLshgOZREItiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIxMTMzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTljZjQyZWI3Njg2NzU1ZDVmYjBjY2EyZWFmZTRjODU0ZTgzMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/GwcSGeAJ3hXqHHWsXC3m5D7gJ2
mki204oJVpp8LibTEy60E+pOvw4GkVOh3T154gKFkpP3GbwmEXzmbPp+VF3Tp5ji
DGDz87gEuHcqDJOWD5n+ciQ6w+PuMP03quYvheGz+chPRfTSTemjcxzRx7Um4xVt
esj8Vq6dUN/j/NxS5gBGKgXBaBSJ4GaFpr9f36pjc7pJ9v+Zy/0c4l3tiwNfqpSK
/R97I/XloM3ftAO/qcAh7uhahex4F/4QMmau4bqKeNHrX2Qg/M8GNbSC76vY2OKq
QD5OjKPUgfVlEjhU9l+VZETnoHEQaVeug5Xs0nuIZDGdaz/US9kya9ol/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAmc9C63aGdV1fsMyi6v5MhU6DN9MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1p6MExyZG9aMVhWLXd6S0xxX2t5RlRvTTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMw8zG
MA0GCSqGSIb3DQEBCwUAA4IBAQAuvYCZ2PyfrN04afFp9M4fI7GquSRRSZMmoyzH
oNndYxfsUEpMtV6p/KZGscZ10RIj4H7S1IgfVLoiJ5lGoalLDMSWbPQHlxHZWtXT
3owoL31nly/TErw0jqt49TDEuRIcyvtb4XqgvsUgaaMGssv7B9hmCUdY1aAcn5+l
OY0JCVGsqhedDJgB94lwLBxI1iJUjGc16HCX5Fj5AThsrEBAoN/oGVCYtqkyPQAW
9/BmFMKyfP6cNNt3nZuS7MsQ5XETESloSFnUXVW0T/gNYCSwPGGPaHCD4Vwoq4CM
X+riKxmjMVwqmDGqregrwmIKdQUbrZ+QuJ6tG6IB9b3k0qX/
-----END CERTIFICATE-----
Generated at Sat Feb 24 16:27:56 2024 by rpki-client on console-ams.rpki-client.org