Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zFiKFZv4gvx__1OMC4DKujdSS7g.roa
File: zFiKFZv4gvx__1OMC4DKujdSS7g.roa (raw, json)
Hash identifier: Puu7J8SQxurESoD6BN/rsUUsOXRUNaN9693ijhkW87g=
Subject key identifier: CC:58:8A:15:9B:F8:82:FC:7F:FF:53:8C:0B:80:CA:BA:37:52:4B:B8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FD5E11351EAABEA80989E3347B6725973
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zFiKFZv4gvx__1OMC4DKujdSS7g.roa
Signing time: Sat 01 Jun 2024 22:17:28 +0000
ROA not before: Sat 01 Jun 2024 22:17:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jun 2024 22:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d5:e1:13:51:ea:ab:ea:80:98:9e:33:47:b6:72:59:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 1 22:17:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc588a159bf882fc7fff538c0b80caba37524bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:ac:e6:cc:e6:78:6c:3e:8d:92:5e:88:52:
92:88:d7:e6:32:21:4c:3a:4e:15:2d:7d:f0:0f:2d:
74:b5:e8:3d:2a:c7:75:2c:96:bd:86:96:95:b0:e7:
e4:27:b1:c3:a3:d5:9a:f0:b8:bb:43:8a:af:a0:82:
f0:ad:3a:46:89:95:3d:f0:97:e6:3e:f5:d6:fe:99:
cf:32:bd:cb:7c:e2:20:dc:e9:98:21:8b:ec:53:53:
dc:f4:58:05:c5:41:59:9b:9d:52:2d:ac:4e:e0:7e:
4a:5f:f6:aa:c6:10:82:b4:1f:ae:0a:71:50:9c:74:
14:e8:ba:18:a3:78:dc:7d:3d:29:fd:55:b6:8b:e2:
00:16:5c:93:fa:90:e8:6b:09:bd:64:fa:83:6e:46:
ba:c6:ad:65:ec:28:b0:24:82:01:67:a2:e9:38:ed:
d4:a2:e7:bd:05:9e:7c:b0:2a:77:c2:4e:cf:8a:db:
9b:8a:b9:19:47:ee:b1:06:23:94:f1:0e:ae:11:a7:
cd:cc:cd:07:3c:8b:19:ee:00:1c:c6:26:e1:ef:92:
18:d5:e4:09:be:c3:6b:fa:06:42:9b:81:3a:ca:78:
58:d9:d4:8c:79:1d:fd:e2:0c:ed:9c:62:48:49:99:
aa:9e:92:c2:44:9f:91:c3:bd:9c:47:17:5e:b1:16:
b1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:58:8A:15:9B:F8:82:FC:7F:FF:53:8C:0B:80:CA:BA:37:52:4B:B8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zFiKFZv4gvx__1OMC4DKujdSS7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
08:ed:98:7e:be:99:72:92:a6:57:a8:65:9d:c0:37:4e:a3:c3:
18:04:3f:f2:0f:64:7e:30:d8:d3:0a:2d:68:55:d9:b8:7c:06:
6b:97:7f:1d:71:83:e1:65:72:15:c8:28:f4:5e:41:97:85:25:
de:7d:49:0d:b1:5d:fd:65:4d:b3:6e:a7:e7:04:2f:ab:ec:c3:
15:25:25:8b:d4:32:3b:66:a0:7a:65:50:30:75:49:9f:31:f8:
85:3f:51:f0:83:22:9b:0a:30:40:bc:79:ef:77:4d:76:33:89:
03:98:55:af:45:12:46:b5:1f:91:34:ff:6e:3c:16:5b:e8:9a:
0e:76:04:47:0f:90:7f:f6:bf:d4:87:92:96:a4:fa:15:4a:32:
82:84:cf:d4:86:c9:23:40:d9:49:db:6e:8d:07:2d:2d:c2:ac:
4e:b2:07:f3:b8:68:a2:1c:6c:86:ce:62:e9:9b:2a:2c:83:bd:
ca:9a:89:b1:e1:f9:b9:c3:3c:b3:12:a7:23:85:12:c3:30:4c:
75:46:66:3f:6d:65:92:3a:4e:0e:26:8d:e6:b2:20:17:0f:6f:
67:3a:ad:33:0b:45:92:0e:fe:81:3f:72:71:d4:81:ee:85:45:
e8:93:73:0d:0b:52:32:6a:b2:ae:75:d0:b9:42:3b:e2:9f:12:
33:89:7c:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/V4RNR6qvqgJieM0e2cllzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjAxMjIxNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU4OGExNTliZjg4MmZjN2ZmZjUzOGMwYjgwY2FiYTM3NTI0YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Ss5szmeGw+jZJeiFKSiNfmMiFM
Ok4VLX3wDy10teg9Ksd1LJa9hpaVsOfkJ7HDo9Wa8Li7Q4qvoILwrTpGiZU98Jfm
PvXW/pnPMr3LfOIg3OmYIYvsU1Pc9FgFxUFZm51SLaxO4H5KX/aqxhCCtB+uCnFQ
nHQU6LoYo3jcfT0p/VW2i+IAFlyT+pDoawm9ZPqDbka6xq1l7CiwJIIBZ6LpOO3U
oue9BZ58sCp3wk7PitubirkZR+6xBiOU8Q6uEafNzM0HPIsZ7gAcxibh75IY1eQJ
vsNr+gZCm4E6ynhY2dSMeR394gztnGJISZmqnpLCRJ+Rw72cRxdesRaxRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMxYihWb+IL8f/9TjAuAyro3Uku4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvekZpS0ZadjRndnhfXzFPTUM0REt1amRTUzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwASA
AwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQAI7Zh+vplykqZXqGWdwDdOo8MY
BD/yD2R+MNjTCi1oVdm4fAZrl38dcYPhZXIVyCj0XkGXhSXefUkNsV39ZU2zbqfn
BC+r7MMVJSWL1DI7ZqB6ZVAwdUmfMfiFP1HwgyKbCjBAvHnvd012M4kDmFWvRRJG
tR+RNP9uPBZb6JoOdgRHD5B/9r/Uh5KWpPoVSjKChM/UhskjQNlJ226NBy0twqxO
sgfzuGiiHGyGzmLpmyosg73Kmomx4fm5wzyzEqcjhRLDMEx1RmY/bWWSOk4OJo3m
siAXD29nOq0zC0WSDv6BP3Jx1IHuhUXok3MNC1IyarKuddC5QjvinxIziXxp
-----END CERTIFICATE-----
Generated at Sat Jun 29 02:17:09 2024 by rpki-client on console-fra.rpki-client.org