Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZRqT-2SjWMurq1b7abLBgO2V5B4.roa
File: ZRqT-2SjWMurq1b7abLBgO2V5B4.roa (raw, json)
Hash identifier: 6ymuQl/z2jPmmncsHOe+PHIqJSfT/wa5mcUYUgcY/oc=
Subject key identifier: 65:1A:93:FB:64:A3:58:CB:AB:AB:56:FB:69:B2:C1:80:ED:95:E4:1E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D1E4199E1752075B33FCF2E6B8341208F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZRqT-2SjWMurq1b7abLBgO2V5B4.roa
Signing time: Thu 18 Jan 2024 20:27:12 +0000
ROA not before: Thu 18 Jan 2024 20:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a0e:b107:27d0::/46 maxlen: 48
2a0e:b107:27d4::/46 maxlen: 48
2a0e:b107:27f4::/46 maxlen: 48
2a0e:b107:27f8::/46 maxlen: 48
2a0e:b107:27fc::/46 maxlen: 48
2a0e:b107:2800::/46 maxlen: 48
2a0e:b107:2804::/46 maxlen: 48
2a0e:b107:2810::/46 maxlen: 48
2a0e:b107:2814::/46 maxlen: 48
2a0e:b107:2818::/46 maxlen: 48
2a0e:b107:281c::/46 maxlen: 48
2a0e:b107:2820::/46 maxlen: 48
2a0e:b107:2824::/46 maxlen: 48
2a0e:b107:2828::/46 maxlen: 48
2a0e:b107:282c::/46 maxlen: 48
2a0e:b107:2840::/46 maxlen: 48
2a0e:b107:2844::/46 maxlen: 48
2a0e:b107:2858::/46 maxlen: 48
2a0e:b107:285c::/46 maxlen: 48
2a0e:b107:2860::/46 maxlen: 48
2a0e:b107:2864::/46 maxlen: 48
2a0e:b107:2868::/46 maxlen: 48
2a0e:b107:286c::/46 maxlen: 48
2a0e:b107:2870::/46 maxlen: 48
2a0e:b107:2874::/46 maxlen: 48
2a0e:b107:2878::/46 maxlen: 48
2a0e:b107:287c::/46 maxlen: 48
2a0e:b107:2888::/46 maxlen: 48
2a0e:b107:288c::/46 maxlen: 48
2a0e:b107:2890::/46 maxlen: 48
2a0e:b107:2894::/46 maxlen: 48
2a0e:b107:2898::/46 maxlen: 48
2a0e:b107:289c::/46 maxlen: 48
2a0e:b107:28a0::/46 maxlen: 48
2a0e:b107:28a4::/46 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 21:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1e:41:99:e1:75:20:75:b3:3f:cf:2e:6b:83:41:20:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 18 20:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651a93fb64a358cbabab56fb69b2c180ed95e41e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:b4:b7:8b:9d:10:a8:1a:90:0d:dd:fd:6b:
25:93:d6:78:3d:e4:2c:12:9a:88:2e:5a:41:8b:6d:
d7:f6:5f:f1:29:53:54:6d:ca:c3:40:3c:9c:ee:2b:
a2:75:4e:68:ea:68:50:f5:0a:fa:75:b8:40:a8:fa:
bf:61:ff:1e:aa:04:4e:0c:08:29:0f:4b:2f:9e:03:
41:25:42:c2:d3:69:10:4f:04:dd:fc:1e:0e:e1:f8:
93:b4:ee:4b:fe:39:9b:b3:a7:32:1c:1c:9b:28:a2:
48:10:f0:07:4e:1d:1e:18:82:a7:3a:10:1c:e6:b7:
3f:9a:8a:b7:8b:15:d7:04:ba:54:c8:d5:44:0e:4d:
16:eb:1d:1a:ac:5f:49:ba:03:cd:15:bd:ee:ea:ea:
78:2f:73:57:e0:af:80:4e:38:b7:8a:91:08:98:f8:
a4:22:ee:83:41:7a:59:86:10:4d:d0:99:89:8a:69:
40:a0:e0:4e:57:c7:50:d7:19:2c:81:3c:08:e9:ed:
dd:0a:76:30:5d:8a:32:62:8b:bc:c2:a3:6a:fb:33:
c1:95:23:c3:19:33:4a:b3:0e:97:73:c1:f2:90:43:
14:af:6a:e1:80:db:32:e0:43:f7:ed:4b:39:ab:c2:
6f:d5:73:bc:10:33:e9:81:25:db:d1:05:ca:1a:d9:
2c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1A:93:FB:64:A3:58:CB:AB:AB:56:FB:69:B2:C1:80:ED:95:E4:1E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZRqT-2SjWMurq1b7abLBgO2V5B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f4::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2810::-2a0e:b107:282f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2840::/45
2a0e:b107:2858::-2a0e:b107:287f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2888::-2a0e:b107:28a7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:84:1b:27:71:c0:00:0c:34:45:30:63:af:f5:53:06:72:a4:
35:87:70:a7:07:05:b8:ec:87:e3:eb:02:56:2a:ef:b3:86:47:
ef:eb:b0:cf:6a:25:01:96:21:90:34:86:43:f7:46:c1:b0:6a:
a1:0b:69:75:21:a6:56:1b:fa:5d:73:43:83:90:00:a4:54:15:
9e:05:41:a4:ca:0f:95:a9:da:4a:8b:e7:1c:f8:6b:a8:d4:ee:
2e:1a:a0:58:b5:48:03:b4:f0:53:87:4d:cd:fd:f7:a4:3a:82:
e9:87:67:95:01:25:07:c1:a8:66:88:c0:e9:3b:b5:d1:6b:4b:
41:dc:d5:b1:10:fb:ca:a5:d9:1d:08:31:1a:80:9c:c9:af:17:
f5:bb:c2:31:7c:c6:6b:b8:5f:7a:51:c7:32:95:9e:7e:10:02:
23:45:a8:4b:d4:c0:cf:72:42:f3:77:d5:83:70:ca:e5:b7:f2:
c5:22:64:5c:c3:50:67:a4:8b:85:58:d1:89:6a:8f:21:e4:b2:
c4:9b:3e:62:31:93:ba:20:c9:b5:08:36:7e:6f:61:d0:f6:5e:
4f:26:54:52:0b:37:f4:82:75:44:de:44:5b:8b:72:5c:7f:b4:
5f:2d:38:69:ec:20:c5:29:9a:e4:12:1c:d1:c7:c1:fd:53:7a:
5c:e3:fc:d2
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY0eQZnhdSB1sz/PLmuDQSCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE4MjAyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFhOTNmYjY0YTM1OGNiYWJhYjU2ZmI2OWIyYzE4MGVkOTVlNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiW0t4udEKgakA3d/Wslk9Z4PeQs
EpqILlpBi23X9l/xKVNUbcrDQDyc7iuidU5o6mhQ9Qr6dbhAqPq/Yf8eqgRODAgp
D0svngNBJULC02kQTwTd/B4O4fiTtO5L/jmbs6cyHBybKKJIEPAHTh0eGIKnOhAc
5rc/moq3ixXXBLpUyNVEDk0W6x0arF9JugPNFb3u6up4L3NX4K+ATji3ipEImPik
Iu6DQXpZhhBN0JmJimlAoOBOV8dQ1xksgTwI6e3dCnYwXYoyYou8wqNq+zPBlSPD
GTNKsw6Xc8HykEMUr2rhgNsy4EP37Us5q8Jv1XO8EDPpgSXb0QXKGtkstQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFGUak/tko1jLq6tW+2mywYDtleQeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWlJxVC0yU2pXTXVycTFiN2FiTEJnTzJWNUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwcDKg6xByfQ
MBIDBwIqDrEHJ/QDBwMqDrEHKAAwEgMHBCoOsQcoEAMHBCoOsQcoIAMHAyoOsQco
QDASAwcDKg6xByhYAwcHKg6xBygAMBIDBwMqDrEHKIgDBwMqDrEHKKAwDQYJKoZI
hvcNAQELBQADggEBADuEGydxwAAMNEUwY6/1UwZypDWHcKcHBbjsh+PrAlYq77OG
R+/rsM9qJQGWIZA0hkP3RsGwaqELaXUhplYb+l1zQ4OQAKRUFZ4FQaTKD5Wp2kqL
5xz4a6jU7i4aoFi1SAO08FOHTc3996Q6gumHZ5UBJQfBqGaIwOk7tdFrS0Hc1bEQ
+8ql2R0IMRqAnMmvF/W7wjF8xmu4X3pRxzKVnn4QAiNFqEvUwM9yQvN31YNwyuW3
8sUiZFzDUGeki4VY0YlqjyHkssSbPmIxk7ogybUINn5vYdD2Xk8mVFILN/SCdUTe
RFuLclx/tF8tOGnsIMUpmuQSHNHHwf1Telzj/NI=
-----END CERTIFICATE-----
Generated at Mon Jan 22 23:12:46 2024 by rpki-client on console-ams.rpki-client.org