Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZJaYT6g0gbz-pQfG0m9YxpGvPbE.roa
File: ZJaYT6g0gbz-pQfG0m9YxpGvPbE.roa (raw, json)
Hash identifier: /wyUIxq0kkLtPSLeynk+f0l6Pye55fxWs5AqXK06t4U=
Subject key identifier: 64:96:98:4F:A8:34:81:BC:FE:A5:07:C6:D2:6F:58:C6:91:AF:3D:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185F83744AF72B188B51279D3BEB207369C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZJaYT6g0gbz-pQfG0m9YxpGvPbE.roa
Signing time: Sat 28 Jan 2023 11:50:49 +0000
ROA not before: Sat 28 Jan 2023 11:50:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200885
IP address blocks: 2a0e:b107:178a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f8:37:44:af:72:b1:88:b5:12:79:d3:be:b2:07:36:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 11:50:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6496984fa83481bcfea507c6d26f58c691af3db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7d:8b:eb:0e:9e:c9:f2:52:2b:5c:10:cf:77:
c5:3b:2a:b3:6c:9e:7a:68:24:6d:61:6e:f8:b7:f3:
4d:f8:8e:8f:d6:67:19:b5:7f:a2:67:0e:0a:64:b4:
19:30:24:0c:46:dd:ec:23:1d:3a:c7:7b:8a:dd:68:
6f:c5:63:74:be:cf:4f:40:b9:a7:3f:00:f9:e7:75:
14:e1:df:4e:28:af:5b:3d:a3:70:ee:d5:bf:45:47:
b6:97:28:11:c3:a9:c4:f6:77:d5:54:48:92:fe:1e:
e8:06:18:35:74:3b:13:a0:f1:31:2a:29:f8:85:2a:
3e:84:2b:aa:9b:ce:a9:04:31:0d:0a:60:9a:3c:00:
b1:6b:f7:b5:30:d6:32:02:ef:9b:6b:a7:a3:74:81:
73:f4:32:da:b6:b0:f2:c4:5c:da:9a:80:ca:e0:36:
78:61:64:f8:18:20:26:8e:c5:89:0b:9a:00:f9:e8:
b5:62:2c:b8:b6:29:f1:bd:67:4b:0e:4d:d3:e1:39:
32:72:bc:39:c9:7d:0e:dd:a3:ac:dc:4c:5d:97:fa:
28:ad:80:2f:3f:15:aa:b1:7e:da:0b:11:83:f6:63:
6c:0e:1b:72:e4:93:62:61:80:45:81:1d:36:26:62:
f8:2b:e8:5a:c5:82:86:6e:09:43:3a:a8:e7:59:11:
47:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:96:98:4F:A8:34:81:BC:FE:A5:07:C6:D2:6F:58:C6:91:AF:3D:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZJaYT6g0gbz-pQfG0m9YxpGvPbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:178a::/48
Signature Algorithm: sha256WithRSAEncryption
9b:42:88:cc:d5:0c:a6:44:d9:6a:19:78:37:e5:bf:9b:d6:8e:
dc:ff:2d:5c:f5:66:ad:b7:15:35:1b:22:b0:d2:ad:8e:d8:89:
fc:42:0c:b3:c2:19:e9:c5:f7:9b:18:7b:59:64:b9:f2:76:b2:
9f:a6:6f:13:9c:b5:6f:44:01:18:2e:46:52:c1:67:05:33:1a:
bd:61:dd:fe:28:a7:76:42:07:a3:4f:0c:19:25:2d:7c:a0:86:
0f:dc:f3:29:81:49:ac:53:e7:34:a3:b3:16:84:de:85:45:fb:
29:c4:fb:4c:3b:7c:6e:65:a9:09:dc:3e:01:d6:e4:d3:d9:a3:
d6:70:21:11:ec:93:6b:5e:b6:12:31:45:f9:2b:18:8f:9b:0f:
e6:df:43:b6:a6:38:ce:86:3b:e6:75:7d:4b:62:19:a6:54:4b:
14:b9:0b:78:ab:12:eb:96:8a:55:f5:57:fc:41:6c:4e:02:de:
0a:72:4b:33:b1:b6:a7:47:2f:ce:de:36:1c:06:37:db:ab:86:
93:22:21:b6:b2:bb:ae:22:8d:92:84:53:18:52:4f:a3:48:ce:
c9:ba:91:77:bf:41:42:9d:50:3d:6d:a7:7a:94:9b:75:34:5c:
b8:46:9f:7d:de:a8:c0:09:13:ea:0b:54:28:67:43:95:8a:e7:
cf:59:f4:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYX4N0SvcrGItRJ5076yBzacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI4MTE1MDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDk2OTg0ZmE4MzQ4MWJjZmVhNTA3YzZkMjZmNThjNjkxYWYzZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH2L6w6eyfJSK1wQz3fFOyqzbJ56
aCRtYW74t/NN+I6P1mcZtX+iZw4KZLQZMCQMRt3sIx06x3uK3WhvxWN0vs9PQLmn
PwD553UU4d9OKK9bPaNw7tW/RUe2lygRw6nE9nfVVEiS/h7oBhg1dDsToPExKin4
hSo+hCuqm86pBDENCmCaPACxa/e1MNYyAu+ba6ejdIFz9DLatrDyxFzamoDK4DZ4
YWT4GCAmjsWJC5oA+ei1Yiy4tinxvWdLDk3T4Tkycrw5yX0O3aOs3Exdl/oorYAv
PxWqsX7aCxGD9mNsDhty5JNiYYBFgR02JmL4K+haxYKGbglDOqjnWRFH6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGSWmE+oNIG8/qUHxtJvWMaRrz2xMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWkphWVQ2ZzBnYnotcFFmRzBtOVl4cEd2UGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxeK
MA0GCSqGSIb3DQEBCwUAA4IBAQCbQojM1QymRNlqGXg35b+b1o7c/y1c9WattxU1
GyKw0q2O2In8QgyzwhnpxfebGHtZZLnydrKfpm8TnLVvRAEYLkZSwWcFMxq9Yd3+
KKd2QgejTwwZJS18oIYP3PMpgUmsU+c0o7MWhN6FRfspxPtMO3xuZakJ3D4B1uTT
2aPWcCER7JNrXrYSMUX5KxiPmw/m30O2pjjOhjvmdX1LYhmmVEsUuQt4qxLrlopV
9Vf8QWxOAt4KckszsbanRy/O3jYcBjfbq4aTIiG2sruuIo2ShFMYUk+jSM7JupF3
v0FCnVA9bad6lJt1NFy4Rp993qjACRPqC1QoZ0OViufPWfSo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org