Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZqpVjG_GkA7eTA8tWbB1JqmymRE.roa
File: ZqpVjG_GkA7eTA8tWbB1JqmymRE.roa (raw, json)
Hash identifier: g5itAOmhdMkMepMmW3lLG89YcMioK3wTawIdo+BLi4s=
Subject key identifier: 66:AA:55:8C:6F:C6:90:0E:DE:4C:0F:2D:59:B0:75:26:A9:B2:99:11
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DED2DA804DBBB4D736A17FC50E813340A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZqpVjG_GkA7eTA8tWbB1JqmymRE.roa
Signing time: Wed 28 Feb 2024 00:46:48 +0000
ROA not before: Wed 28 Feb 2024 00:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212196
IP address blocks: 2a0e:b107:ec0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 20:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:2d:a8:04:db:bb:4d:73:6a:17:fc:50:e8:13:34:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 28 00:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66aa558c6fc6900ede4c0f2d59b07526a9b29911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cd:16:32:bf:0b:bf:20:a0:bb:57:07:ee:7b:
a1:b5:4a:74:64:87:a5:5c:81:32:55:38:c9:34:7e:
50:c3:8f:b5:47:16:40:cb:52:94:c3:e0:1b:ef:56:
c3:e1:63:82:e0:56:9a:a1:10:2d:86:ad:ce:5c:e0:
72:4d:e7:a7:9a:f6:0d:d6:a6:06:47:79:e6:84:7d:
28:d7:e9:56:55:1c:07:3d:a3:58:47:28:f5:e6:3b:
d9:e3:fe:87:68:d1:c1:16:1d:fe:09:1f:fc:25:d3:
e3:4f:54:ad:66:81:e2:9e:ac:f4:71:bb:08:f7:b9:
fe:86:e6:46:86:c2:63:a5:46:9c:3b:ce:5b:0b:58:
57:9c:d8:c2:53:65:ae:d6:7a:be:80:d8:ae:24:9e:
70:e5:95:ca:3a:e6:77:c9:b1:a5:3a:e7:5d:1b:02:
da:0e:94:63:3e:4c:e3:e2:c6:0d:e8:d0:67:2d:b8:
3a:d8:ce:2d:79:4e:5d:f8:d8:d2:20:9a:64:a6:c9:
4d:1f:30:f3:c1:75:f3:17:33:64:a4:b6:ec:5e:e3:
09:32:d6:d1:57:53:02:25:50:0b:d3:73:82:db:94:
77:53:1e:e4:76:95:91:b8:0a:d0:62:bd:bf:4c:8e:
96:c9:c2:89:21:ed:bf:ea:2a:dc:12:33:54:ff:ca:
6f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AA:55:8C:6F:C6:90:0E:DE:4C:0F:2D:59:B0:75:26:A9:B2:99:11
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZqpVjG_GkA7eTA8tWbB1JqmymRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
34:f5:a8:2e:02:0b:f4:34:35:c3:13:e6:93:13:43:28:75:ce:
f1:f9:e9:f9:c9:a0:a6:3f:a5:7f:e2:04:b1:92:41:99:66:24:
57:08:86:13:c4:5c:c3:55:00:fb:29:6e:eb:04:42:bf:4b:1c:
83:30:19:58:17:f8:e4:d8:f6:07:af:1f:b6:79:61:7e:15:35:
39:84:ce:78:63:17:4e:8b:4a:96:1f:a8:28:ba:79:24:bb:41:
12:49:06:60:26:a8:c1:d1:cc:36:1e:0f:78:d8:0f:00:10:9e:
cd:c6:f6:fa:72:43:dd:e0:b9:37:69:86:65:fd:ce:70:df:4c:
52:1a:00:3a:28:ee:c6:37:eb:f1:1d:62:7e:60:3f:24:e4:c4:
f2:d6:ef:b0:0d:76:ca:ea:ea:42:30:71:fd:b8:3c:4d:a6:d8:
e7:11:81:2d:cb:6e:b5:3a:9c:12:42:9f:1c:d4:8c:ca:cb:98:
5c:9b:49:e1:27:1d:3b:16:09:99:c6:a3:95:d7:62:41:d5:7b:
af:e5:38:cc:3c:12:b9:70:8e:52:9e:54:ea:bb:5c:93:48:09:
f9:80:28:78:5d:d9:04:1f:fd:68:b1:8a:5b:1b:60:9b:aa:77:
fd:59:0c:79:65:30:59:0e:9a:cb:65:a7:5b:56:34:3f:2b:a4:
75:92:ac:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3tLagE27tNc2oX/FDoEzQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjI4MDA0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFhNTU4YzZmYzY5MDBlZGU0YzBmMmQ1OWIwNzUyNmE5YjI5OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms0WMr8LvyCgu1cH7nuhtUp0ZIel
XIEyVTjJNH5Qw4+1RxZAy1KUw+Ab71bD4WOC4FaaoRAthq3OXOByTeenmvYN1qYG
R3nmhH0o1+lWVRwHPaNYRyj15jvZ4/6HaNHBFh3+CR/8JdPjT1StZoHinqz0cbsI
97n+huZGhsJjpUacO85bC1hXnNjCU2Wu1nq+gNiuJJ5w5ZXKOuZ3ybGlOuddGwLa
DpRjPkzj4sYN6NBnLbg62M4teU5d+NjSIJpkpslNHzDzwXXzFzNkpLbsXuMJMtbR
V1MCJVAL03OC25R3Ux7kdpWRuArQYr2/TI6WycKJIe2/6ircEjNU/8pv1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGaqVYxvxpAO3kwPLVmwdSapspkRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWnFwVmpHX0drQTdlVEE4dFdiQjFKcW15bVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw7A
MA0GCSqGSIb3DQEBCwUAA4IBAQA09aguAgv0NDXDE+aTE0Modc7x+en5yaCmP6V/
4gSxkkGZZiRXCIYTxFzDVQD7KW7rBEK/SxyDMBlYF/jk2PYHrx+2eWF+FTU5hM54
YxdOi0qWH6gounkku0ESSQZgJqjB0cw2Hg942A8AEJ7Nxvb6ckPd4Lk3aYZl/c5w
30xSGgA6KO7GN+vxHWJ+YD8k5MTy1u+wDXbK6upCMHH9uDxNptjnEYEty261OpwS
Qp8c1IzKy5hcm0nhJx07FgmZxqOV12JB1Xuv5TjMPBK5cI5SnlTqu1yTSAn5gCh4
XdkEH/1osYpbG2Cbqnf9WQx5ZTBZDprLZadbVjQ/K6R1kqy3
-----END CERTIFICATE-----
Generated at Tue Jul 9 22:11:51 2024 by rpki-client on console-ams.rpki-client.org