Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z1_esJ11pU640sJEknQCHzHai5s.roa
File: Z1_esJ11pU640sJEknQCHzHai5s.roa (raw, json)
Hash identifier: UI+dWJDUofwaFbq9Z1JG8M83tGP/+c/uFtaDB7jiIu0=
Subject key identifier: 67:5F:DE:B0:9D:75:A5:4E:B8:D2:C2:44:92:74:02:1F:31:DA:8B:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCD90CFBC2DE976F6B21CED413A445
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z1_esJ11pU640sJEknQCHzHai5s.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133846
IP address blocks: 2a0e:b107:2c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 02:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d9:0c:fb:c2:de:97:6f:6b:21:ce:d4:13:a4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675fdeb09d75a54eb8d2c2449274021f31da8b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ce:9c:45:a4:44:e4:53:50:53:34:5a:a8:40:
ff:14:c0:cd:c9:0b:03:c0:fb:22:ee:10:b9:7f:79:
da:eb:5f:81:88:1f:46:cd:5c:dd:67:cd:e6:43:24:
82:a1:8e:f9:ee:25:15:a2:2e:4b:b2:01:df:fc:85:
ba:79:93:47:3c:c2:15:5e:2b:f6:e8:c2:ea:79:9b:
4b:21:f4:31:81:39:ee:ef:ae:16:80:01:ed:71:9c:
da:d3:19:a3:4a:58:23:69:44:2a:84:b5:9c:0d:e3:
e1:b8:93:2d:35:2a:63:58:4d:4e:17:fd:3a:21:24:
d2:ed:24:a5:aa:72:bf:88:b5:2b:32:8e:7e:09:71:
2d:0e:2d:57:43:d3:22:12:c1:3b:b9:1b:0a:f6:f6:
48:96:2c:0e:ca:b2:5f:22:bf:a4:ab:22:eb:57:68:
c3:c8:be:10:76:00:87:3f:b4:27:d7:b5:18:59:6b:
f2:42:cb:3a:3c:bf:ca:bf:4a:fd:7e:53:92:1b:51:
65:b9:83:07:94:2c:74:e9:08:49:ae:72:4e:29:0a:
99:fb:6d:c6:a7:4c:33:7d:19:65:30:e9:e1:1e:04:
be:c3:01:35:77:22:08:eb:1e:e6:e4:a6:e5:6c:cb:
e6:9d:e5:76:64:d5:09:5a:b0:ae:bb:e6:ca:15:f2:
e0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5F:DE:B0:9D:75:A5:4E:B8:D2:C2:44:92:74:02:1F:31:DA:8B:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z1_esJ11pU640sJEknQCHzHai5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
b3:f4:42:e3:a3:84:65:ba:9e:b8:75:0a:4e:17:bf:69:36:ac:
cd:ce:5e:a0:66:db:9f:14:82:3e:9d:ab:24:67:09:fb:c5:c2:
80:3f:dc:6e:92:95:6e:cc:31:89:50:e5:31:01:8d:76:73:66:
b8:74:88:26:c2:22:23:dc:14:bf:d0:fe:46:81:0f:b6:a3:3f:
c6:f8:2d:31:79:2a:b8:36:d3:9c:c0:17:7f:9b:85:70:69:a5:
96:76:08:e9:60:07:1c:ec:82:d5:92:72:1c:62:78:a3:9e:70:
6b:1a:d2:73:0a:87:fb:f1:56:98:57:b0:bc:e7:d5:d7:4d:c3:
d8:00:e0:67:95:33:b0:c8:b4:cc:ba:2e:8b:81:b3:5c:26:c0:
00:a9:b5:29:e7:69:e6:69:41:a8:77:bd:d5:e0:33:3c:f2:40:
5f:e2:13:ed:63:a8:85:80:9c:01:3e:63:94:a2:f5:b6:85:d6:
e0:24:7c:4b:74:28:e1:50:46:46:a7:5c:ea:eb:e3:8f:c2:84:
6f:af:8c:c5:98:ae:1d:ee:c7:bf:65:07:6a:99:69:63:95:f4:
dd:d5:23:5c:53:90:41:7f:9f:9a:d7:0f:61:ad:ea:30:ff:7d:
28:01:4a:ed:6f:1e:01:bf:73:d6:94:dd:1d:02:7d:3c:4c:95:
e9:6f:1f:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvNkM+8Lel29rIc7UE6RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVmZGViMDlkNzVhNTRlYjhkMmMyNDQ5Mjc0MDIxZjMxZGE4YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj86cRaRE5FNQUzRaqED/FMDNyQsD
wPsi7hC5f3na61+BiB9GzVzdZ83mQySCoY757iUVoi5LsgHf/IW6eZNHPMIVXiv2
6MLqeZtLIfQxgTnu764WgAHtcZza0xmjSlgjaUQqhLWcDePhuJMtNSpjWE1OF/06
ISTS7SSlqnK/iLUrMo5+CXEtDi1XQ9MiEsE7uRsK9vZIliwOyrJfIr+kqyLrV2jD
yL4QdgCHP7Qn17UYWWvyQss6PL/Kv0r9flOSG1FluYMHlCx06QhJrnJOKQqZ+23G
p0wzfRllMOnhHgS+wwE1dyII6x7m5KblbMvmneV2ZNUJWrCuu+bKFfLgEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGdf3rCddaVOuNLCRJJ0Ah8x2oubMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWjFfZXNKMTFwVTY0MHNKRWtuUUNIekhhaTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCz9ELjo4Rlup64dQpOF79pNqzNzl6gZtufFII+
naskZwn7xcKAP9xukpVuzDGJUOUxAY12c2a4dIgmwiIj3BS/0P5GgQ+2oz/G+C0x
eSq4NtOcwBd/m4VwaaWWdgjpYAcc7ILVknIcYnijnnBrGtJzCof78VaYV7C859XX
TcPYAOBnlTOwyLTMui6LgbNcJsAAqbUp52nmaUGod73V4DM88kBf4hPtY6iFgJwB
PmOUovW2hdbgJHxLdCjhUEZGp1zq6+OPwoRvr4zFmK4d7se/ZQdqmWljlfTd1SNc
U5BBf5+a1w9hreow/30oAUrtbx4Bv3PWlN0dAn08TJXpbx+W
-----END CERTIFICATE-----
Generated at Wed Jan 10 03:41:31 2024 by rpki-client on console-fra.rpki-client.org