Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Zg4lNFTdVf-h5R4LCNjh6bAuKeo.roa
File: Zg4lNFTdVf-h5R4LCNjh6bAuKeo.roa (raw, json)
Hash identifier: e/3uGO0K4QijV+p5QCZtzNH/k46TXg5fhuYvk2CWK7w=
Subject key identifier: 66:0E:25:34:54:DD:55:FF:A1:E5:1E:0B:08:D8:E1:E9:B0:2E:29:EA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CF596AB27663911D25495A9B370A70535
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Zg4lNFTdVf-h5R4LCNjh6bAuKeo.roa
Signing time: Wed 10 Jan 2024 22:55:41 +0000
ROA not before: Wed 10 Jan 2024 22:55:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210617
IP address blocks: 2a0e:97c0:5a0::/48 maxlen: 48
2a0e:97c0:5a1::/48 maxlen: 48
2a0e:97c0:5af::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 23:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:96:ab:27:66:39:11:d2:54:95:a9:b3:70:a7:05:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 10 22:55:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660e253454dd55ffa1e51e0b08d8e1e9b02e29ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0f:5d:22:04:80:3c:41:52:d8:c6:97:04:51:
d7:5d:89:25:6f:18:6e:61:24:8e:9c:88:77:82:29:
6a:5f:d0:72:e1:a7:86:69:16:68:ed:ae:d2:2e:b7:
1a:2d:09:82:85:19:47:55:aa:c9:af:dd:0f:94:ed:
a3:e6:eb:c8:02:ec:f7:cc:2f:0e:08:0d:c3:2f:4e:
85:dd:24:4d:46:ff:d6:aa:9e:88:78:b1:1e:2c:6e:
75:8b:18:be:5d:47:b2:5f:5c:c0:31:29:11:85:ee:
7f:76:59:eb:b8:e3:1f:83:72:64:5a:b1:ad:36:bf:
25:ce:d3:b5:d8:43:20:c0:54:29:68:dd:c8:87:48:
3a:56:f6:77:dd:6a:80:20:5c:84:70:96:ab:93:47:
37:46:3c:ac:7b:9b:3e:19:74:1f:92:ec:b2:ff:22:
b0:82:27:26:16:e7:d9:cc:61:90:ca:2c:69:c5:67:
ed:57:4d:35:93:7e:49:ea:a7:64:96:cd:d5:22:7f:
fa:13:cd:50:fd:75:0f:25:99:59:b6:30:a4:39:eb:
91:7c:17:2d:7e:fe:f5:29:49:96:06:cc:a7:c7:fb:
62:d8:71:da:35:f1:c0:6d:1d:bd:b3:51:80:42:14:
2e:4b:dc:31:3d:a8:b1:33:4c:8a:ac:0c:57:89:7f:
d1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:0E:25:34:54:DD:55:FF:A1:E5:1E:0B:08:D8:E1:E9:B0:2E:29:EA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Zg4lNFTdVf-h5R4LCNjh6bAuKeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5a0::/47
2a0e:97c0:5af::/48
Signature Algorithm: sha256WithRSAEncryption
63:7c:be:96:37:6b:af:71:a5:f7:b3:54:71:f4:60:2b:98:85:
c5:3a:eb:3a:c3:4c:d9:c2:83:7a:b1:1b:2c:eb:70:b0:1b:f9:
a9:a5:bc:82:b4:18:aa:90:5c:f6:77:ed:45:de:62:82:0b:84:
2c:30:e3:91:f4:85:bf:cc:6b:ce:cc:36:a7:4a:b2:20:40:4b:
95:8e:54:ae:fa:ab:7d:8e:b9:d4:7f:20:60:9e:21:6f:49:ce:
2c:b7:f2:16:99:9e:d9:76:d6:29:c8:62:95:4f:a8:b1:22:fc:
82:cc:35:c9:0c:1b:55:c6:b7:29:59:af:2e:d8:07:14:b1:09:
0f:a8:65:07:21:8c:26:43:ba:ee:3a:d4:d7:e6:86:ea:2b:b2:
db:61:62:11:e8:ab:5f:ec:ca:5c:b1:85:17:c0:0c:78:6e:ce:
4f:b1:ab:e3:1a:c7:31:f5:11:01:8d:27:d7:b0:82:a9:6a:d1:
81:dc:97:94:25:57:c0:08:69:3c:c0:3c:5f:c7:f7:41:ae:72:
82:df:c5:5d:42:b6:76:d9:da:a3:e4:dd:0f:23:5b:f7:db:a2:
0d:d8:1e:13:8a:c6:e8:99:5d:c1:dc:dc:60:8d:f6:31:4d:61:
a8:2f:b2:46:16:10:90:68:a4:03:22:60:a6:e3:55:07:d5:87:
a6:56:70:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz1lqsnZjkR0lSVqbNwpwU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTEwMjI1NTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjBlMjUzNDU0ZGQ1NWZmYTFlNTFlMGIwOGQ4ZTFlOWIwMmUyOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg9dIgSAPEFS2MaXBFHXXYklbxhu
YSSOnIh3gilqX9By4aeGaRZo7a7SLrcaLQmChRlHVarJr90PlO2j5uvIAuz3zC8O
CA3DL06F3SRNRv/Wqp6IeLEeLG51ixi+XUeyX1zAMSkRhe5/dlnruOMfg3JkWrGt
Nr8lztO12EMgwFQpaN3Ih0g6VvZ33WqAIFyEcJark0c3Rjyse5s+GXQfkuyy/yKw
gicmFufZzGGQyixpxWftV001k35J6qdkls3VIn/6E81Q/XUPJZlZtjCkOeuRfBct
fv71KUmWBsynx/ti2HHaNfHAbR29s1GAQhQuS9wxPaixM0yKrAxXiX/ROQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGYOJTRU3VX/oeUeCwjY4emwLinqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWmc0bE5GVGRWZi1oNVI0TENOamg2YkF1S2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAWg
AwcAKg6XwAWvMA0GCSqGSIb3DQEBCwUAA4IBAQBjfL6WN2uvcaX3s1Rx9GArmIXF
Ous6w0zZwoN6sRss63CwG/mppbyCtBiqkFz2d+1F3mKCC4QsMOOR9IW/zGvOzDan
SrIgQEuVjlSu+qt9jrnUfyBgniFvSc4st/IWmZ7ZdtYpyGKVT6ixIvyCzDXJDBtV
xrcpWa8u2AcUsQkPqGUHIYwmQ7ruOtTX5obqK7LbYWIR6Ktf7MpcsYUXwAx4bs5P
savjGscx9REBjSfXsIKpatGB3JeUJVfACGk8wDxfx/dBrnKC38VdQrZ22dqj5N0P
I1v326IN2B4TisbomV3B3NxgjfYxTWGoL7JGFhCQaKQDImCm41UH1YemVnDP
-----END CERTIFICATE-----
Generated at Fri Jan 12 00:47:00 2024 by rpki-client on console-ams.rpki-client.org