Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z76WEwFFALIJ3W05q3XjDCn5zz0.roa
File: Z76WEwFFALIJ3W05q3XjDCn5zz0.roa (raw, json)
Hash identifier: 8Y97zcuftoib8bZ+kOIPPVPQD/9tF0KqSuwXnStn6zk=
Subject key identifier: 67:BE:96:13:01:45:00:B2:09:DD:6D:39:AB:75:E3:0C:29:F9:CF:3D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E796F15E3D11E819B71EF13C9DAC66
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z76WEwFFALIJ3W05q3XjDCn5zz0.roa
Signing time: Mon 02 Jan 2023 05:15:03 +0000
ROA not before: Mon 02 Jan 2023 05:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142282
IP address blocks: 2a0e:b107:120f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:96:f1:5e:3d:11:e8:19:b7:1e:f1:3c:9d:ac:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67be9613014500b209dd6d39ab75e30c29f9cf3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:0a:01:77:0f:bf:1e:43:97:92:c1:54:ae:
9c:83:3d:22:ca:0b:fc:b3:af:8c:b5:7f:d7:f4:08:
28:fd:78:b2:76:68:f5:69:07:a4:cd:7b:da:99:ca:
3c:7f:1d:7b:02:9d:2f:55:ca:6b:ec:28:07:d4:12:
34:7b:f4:82:d7:b7:e6:a9:ee:d4:a3:cf:f3:62:4b:
f7:2f:ea:f7:db:67:b5:2f:93:78:44:1e:0a:94:a7:
a1:80:d8:46:72:96:e3:38:de:05:ff:d8:5c:32:e6:
25:e0:e2:ee:be:bb:34:43:34:ee:de:14:f3:5a:1c:
44:e5:ac:05:21:8c:ec:a6:52:7d:3f:a3:ad:65:e9:
e6:82:60:3c:40:d8:92:96:3e:3c:5d:e4:9d:fc:ac:
c2:62:ad:24:31:0f:76:84:79:76:41:ba:7b:1f:ad:
06:58:08:75:63:73:7c:8a:a8:10:b7:e6:cb:ff:e0:
70:b8:75:65:93:d2:36:eb:64:f9:35:cf:dc:7e:64:
44:7e:2d:8f:f6:c1:fe:c2:84:ba:6e:97:97:ab:a5:
1b:28:8b:b7:d6:e6:8f:4d:80:da:e3:06:98:58:48:
02:07:5b:35:40:dc:d4:5f:a3:5c:15:30:d1:18:39:
5f:e1:61:c6:a5:06:47:d5:5c:84:d7:d1:1b:a9:e8:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BE:96:13:01:45:00:B2:09:DD:6D:39:AB:75:E3:0C:29:F9:CF:3D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z76WEwFFALIJ3W05q3XjDCn5zz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:120f::/48
Signature Algorithm: sha256WithRSAEncryption
a4:78:45:31:28:11:2b:66:ce:a4:28:38:4e:7a:ba:76:b1:43:
15:6d:b4:f1:aa:93:16:11:a8:c4:a8:b5:b8:a6:8c:50:55:22:
d8:4b:15:25:ab:49:f2:22:80:8d:3e:77:de:8a:86:98:24:25:
83:a5:16:62:43:f7:68:c1:ac:ac:99:fa:12:6f:af:46:bf:8e:
e2:cd:a0:ae:6b:67:a8:d4:be:7a:fd:bf:1b:56:01:10:9f:25:
2a:09:60:c6:44:2c:62:cf:e6:d8:e7:08:17:d3:7b:48:29:fa:
28:63:1c:b0:b9:af:35:92:09:f8:18:20:ae:d8:53:ee:7e:cc:
a7:3d:13:94:70:84:5c:d0:a9:1d:9a:87:16:44:b6:aa:3e:2e:
9b:ed:05:d7:33:94:ba:5b:18:f9:65:45:4a:ad:48:79:05:f5:
a2:46:c8:e9:13:dd:bf:b1:02:60:3b:ec:c4:64:d9:3b:57:bc:
67:ef:14:cc:e1:7c:68:80:31:8d:83:04:8f:79:8e:28:7f:77:
93:9a:a1:0f:d9:0e:a6:ec:46:ac:70:b0:eb:34:66:4f:09:05:
b9:4a:5f:95:aa:fb:cf:25:aa:61:0e:86:ee:1b:7e:f2:8f:a0:
52:fb:61:57:e2:0b:26:7f:a6:67:13:12:38:53:e3:da:01:7b:
74:b9:58:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw55bxXj0R6Bm3HvE8naxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2JlOTYxMzAxNDUwMGIyMDlkZDZkMzlhYjc1ZTMwYzI5ZjljZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVIKAXcPvx5Dl5LBVK6cgz0iygv8
s6+MtX/X9Ago/Xiydmj1aQekzXvamco8fx17Ap0vVcpr7CgH1BI0e/SC17fmqe7U
o8/zYkv3L+r322e1L5N4RB4KlKehgNhGcpbjON4F/9hcMuYl4OLuvrs0QzTu3hTz
WhxE5awFIYzsplJ9P6OtZenmgmA8QNiSlj48XeSd/KzCYq0kMQ92hHl2Qbp7H60G
WAh1Y3N8iqgQt+bL/+BwuHVlk9I262T5Nc/cfmREfi2P9sH+woS6bpeXq6UbKIu3
1uaPTYDa4waYWEgCB1s1QNzUX6NcFTDRGDlf4WHGpQZH1VyE19Ebqeh+hwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGe+lhMBRQCyCd1tOat14wwp+c89MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWjc2V0V3RkZBTElKM1cwNXEzWGpEQ241enowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxIP
MA0GCSqGSIb3DQEBCwUAA4IBAQCkeEUxKBErZs6kKDhOerp2sUMVbbTxqpMWEajE
qLW4poxQVSLYSxUlq0nyIoCNPnfeioaYJCWDpRZiQ/dowaysmfoSb69Gv47izaCu
a2eo1L56/b8bVgEQnyUqCWDGRCxiz+bY5wgX03tIKfooYxywua81kgn4GCCu2FPu
fsynPROUcIRc0KkdmocWRLaqPi6b7QXXM5S6Wxj5ZUVKrUh5BfWiRsjpE92/sQJg
O+zEZNk7V7xn7xTM4XxogDGNgwSPeY4of3eTmqEP2Q6m7EascLDrNGZPCQW5Sl+V
qvvPJaphDobuG37yj6BS+2FX4gsmf6ZnExI4U+PaAXt0uViS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org