Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZCzl_TNEuo4cH5pPBdnsuFsR9zE.roa
File: ZCzl_TNEuo4cH5pPBdnsuFsR9zE.roa (raw, json)
Hash identifier: 5zbTUWED++a8js5aIYZ7ZSC+Ki1w9+wAiBHFI/NJIZM=
Subject key identifier: 64:2C:E5:FD:33:44:BA:8E:1C:1F:9A:4F:05:D9:EC:B8:5B:11:F7:31
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD00281B998F4C14080D55E47FC024
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZCzl_TNEuo4cH5pPBdnsuFsR9zE.roa
Signing time: Tue 02 Jan 2024 10:34:15 +0000
ROA not before: Tue 02 Jan 2024 10:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202673
IP address blocks: 2a0e:97c0:c40::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 23:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:00:28:1b:99:8f:4c:14:08:0d:55:e4:7f:c0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=642ce5fd3344ba8e1c1f9a4f05d9ecb85b11f731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:79:1d:9c:b0:04:15:bd:be:7e:ae:60:8e:6c:
22:0b:02:f0:a0:e0:4f:9f:97:0a:fb:6f:7a:20:0f:
d5:7c:cb:90:d0:c7:99:e2:5d:ec:7b:f9:38:ab:4f:
5c:8d:e2:fe:83:99:e9:ae:88:96:b2:67:8c:52:62:
19:5f:b4:79:39:2b:8d:dc:70:c7:e5:9e:72:0b:b5:
af:69:61:af:8f:80:5b:2e:f9:39:73:df:a2:fe:f3:
3d:d8:7a:03:56:1d:f6:2b:07:b5:d4:b3:8d:1d:54:
21:15:64:d8:8a:cd:5f:1b:6e:7f:fa:d1:49:27:15:
0a:23:cd:11:14:e6:2d:d7:84:36:0c:fd:c9:ac:2c:
7f:b8:61:99:d2:3e:81:82:78:71:f5:5f:92:fe:3b:
9d:bb:0c:93:1b:8a:79:2e:8d:e5:03:52:09:40:8c:
13:9b:ae:dc:7e:43:1c:db:77:50:ba:bd:7c:f2:e5:
4d:87:a9:e5:d1:f7:49:23:b1:84:d4:c5:4b:e5:89:
43:a3:79:9b:b2:e7:19:1f:53:ad:32:45:25:49:e8:
f8:16:4b:e2:53:0c:ff:29:04:d9:ae:fc:53:95:13:
49:25:18:5b:7e:ff:f0:b4:67:a0:2a:0b:59:a2:45:
2b:45:d8:03:f0:62:ec:26:cd:29:32:fe:83:20:e6:
35:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:E5:FD:33:44:BA:8E:1C:1F:9A:4F:05:D9:EC:B8:5B:11:F7:31
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZCzl_TNEuo4cH5pPBdnsuFsR9zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c40::/44
Signature Algorithm: sha256WithRSAEncryption
66:c0:e5:5c:da:1a:76:3d:b9:cf:fa:8a:bf:1b:b7:c5:8c:49:
ea:e2:74:ad:65:e3:a0:96:05:de:5e:52:ce:a7:99:3a:83:d4:
60:74:55:19:ef:a8:ce:2c:3a:3b:e1:82:8f:96:12:98:ef:28:
e1:2f:77:05:43:59:bb:4a:39:b9:bc:77:27:06:52:31:5a:86:
a6:4e:ba:7e:a3:d3:81:6a:f0:b5:bb:58:8a:89:30:dd:26:bb:
93:8d:0b:92:30:e3:18:e7:9d:2a:ad:cf:74:40:8b:bc:0e:09:
d1:a7:e8:d3:0d:35:a4:3f:45:76:7f:df:b4:07:68:4a:65:b7:
20:15:46:25:75:cf:92:c3:42:4a:38:1e:0c:ba:9a:78:ea:d9:
11:1a:45:62:e2:34:6a:92:76:64:59:77:a6:31:12:65:41:d1:
48:3b:af:48:c2:4c:1f:2c:b4:af:79:30:a3:bb:c2:f4:fe:c7:
7b:69:82:b5:c7:ed:bb:a9:63:a6:7b:21:84:ba:db:46:5f:df:
cc:a8:53:14:b6:98:b4:bb:11:7b:5e:38:d6:20:4d:9d:2e:9c:
bb:a8:f4:ed:0d:0a:03:2b:eb:a2:5a:3e:99:95:a4:6e:9d:46:
65:93:14:81:ee:5b:88:e7:98:28:c0:b9:58:5a:dc:f6:bb:e5:
fb:93:7c:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQAoG5mPTBQIDVXkf8AkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJjZTVmZDMzNDRiYThlMWMxZjlhNGYwNWQ5ZWNiODViMTFmNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXkdnLAEFb2+fq5gjmwiCwLwoOBP
n5cK+296IA/VfMuQ0MeZ4l3se/k4q09cjeL+g5nproiWsmeMUmIZX7R5OSuN3HDH
5Z5yC7WvaWGvj4BbLvk5c9+i/vM92HoDVh32Kwe11LONHVQhFWTYis1fG25/+tFJ
JxUKI80RFOYt14Q2DP3JrCx/uGGZ0j6Bgnhx9V+S/juduwyTG4p5Lo3lA1IJQIwT
m67cfkMc23dQur188uVNh6nl0fdJI7GE1MVL5YlDo3mbsucZH1OtMkUlSej4Fkvi
Uwz/KQTZrvxTlRNJJRhbfv/wtGegKgtZokUrRdgD8GLsJs0pMv6DIOY1lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGQs5f0zRLqOHB+aTwXZ7LhbEfcxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWkN6bF9UTkV1bzRjSDVwUEJkbnN1RnNSOXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAxA
MA0GCSqGSIb3DQEBCwUAA4IBAQBmwOVc2hp2PbnP+oq/G7fFjEnq4nStZeOglgXe
XlLOp5k6g9RgdFUZ76jOLDo74YKPlhKY7yjhL3cFQ1m7Sjm5vHcnBlIxWoamTrp+
o9OBavC1u1iKiTDdJruTjQuSMOMY550qrc90QIu8DgnRp+jTDTWkP0V2f9+0B2hK
ZbcgFUYldc+Sw0JKOB4Mupp46tkRGkVi4jRqknZkWXemMRJlQdFIO69IwkwfLLSv
eTCju8L0/sd7aYK1x+27qWOmeyGEuttGX9/MqFMUtpi0uxF7XjjWIE2dLpy7qPTt
DQoDK+uiWj6ZlaRunUZlkxSB7luI55gowLlYWtz2u+X7k3wB
-----END CERTIFICATE-----
Generated at Tue Feb 27 04:43:48 2024 by rpki-client on console-fra.rpki-client.org