Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zGZJTFgrmP2ODnrUMNIT9P3vGEo.roa
File: zGZJTFgrmP2ODnrUMNIT9P3vGEo.roa (raw, json)
Hash identifier: Clcpc9vEJkr5gVjE8GBXEZuythmgHY22IFeSnXwK0tc=
Subject key identifier: CC:66:49:4C:58:2B:98:FD:8E:0E:7A:D4:30:D2:13:F4:FD:EF:18:4A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018914737558CA6EAFC174BFB4D6F798EBA3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zGZJTFgrmP2ODnrUMNIT9P3vGEo.roa
Signing time: Sun 02 Jul 2023 02:34:18 +0000
ROA not before: Sun 02 Jul 2023 02:34:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a10:ccc2:9c00::/38 maxlen: 48
2a06:de01:400::/38 maxlen: 48
2a10:ccc3:ccc3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Aug 2023 22:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:14:73:75:58:ca:6e:af:c1:74:bf:b4:d6:f7:98:eb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 2 02:34:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc66494c582b98fd8e0e7ad430d213f4fdef184a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:18:23:79:c7:c7:35:9f:46:3c:43:4c:15:f2:
c6:83:f3:2e:c2:65:bc:70:23:a9:91:ec:ed:80:a6:
30:44:e0:06:5a:f0:9f:ee:5b:98:21:e3:3b:50:c4:
dc:cd:22:0b:e7:2e:f8:76:23:a0:65:6a:5e:da:25:
58:04:f3:6f:38:f5:d3:86:14:d6:f9:b4:11:58:c1:
ac:b8:d6:2e:ce:c5:a7:6c:bc:04:6f:ff:fa:cc:e4:
dc:88:74:b0:40:94:05:d9:25:b2:3e:0c:c8:5c:4a:
24:dc:d0:af:39:b9:a8:46:b1:85:41:5b:43:fb:0d:
15:33:99:d0:9e:53:ee:a8:52:3e:bf:a4:57:3d:54:
e2:81:a8:7e:4d:5c:58:dd:e0:b1:4e:f1:ac:bd:e8:
46:d3:28:1c:60:01:9c:eb:c8:92:8e:a2:c9:a5:5a:
41:a3:4d:76:5d:18:45:5f:32:e6:45:6b:9f:ad:65:
1d:ea:11:26:5e:a3:e5:9c:b6:c4:0c:1c:cd:bf:02:
b8:43:d2:0e:c9:2c:56:39:4b:4f:84:53:44:5e:64:
cd:bb:aa:a6:79:f2:0a:5f:c8:32:e2:a1:7b:59:69:
de:26:64:bb:3e:0c:41:78:58:d0:35:36:3c:73:b3:
f6:53:6f:3a:8a:f3:65:f2:66:0a:b6:eb:0f:ee:cb:
fa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:66:49:4C:58:2B:98:FD:8E:0E:7A:D4:30:D2:13:F4:FD:EF:18:4A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zGZJTFgrmP2ODnrUMNIT9P3vGEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:400::/38
2a10:ccc2:9c00::/38
2a10:ccc3:ccc3::/48
Signature Algorithm: sha256WithRSAEncryption
7b:46:3b:e8:d6:9f:18:69:2e:53:05:d0:6d:96:00:94:85:c8:
39:ad:3d:1e:58:5e:97:f3:55:aa:51:eb:34:53:9f:bc:40:fa:
82:14:d0:75:48:f5:6d:25:6a:58:49:0b:78:eb:2b:42:57:d0:
83:2b:45:24:cc:72:01:c6:6a:9a:ad:40:e3:bd:69:26:07:a4:
e8:66:7c:67:01:b6:47:6d:54:55:38:5d:e2:25:ab:64:dc:4b:
97:43:15:36:ef:f5:a3:b5:42:cd:f9:81:70:0b:fd:61:e5:1a:
bb:10:9e:95:24:b1:7c:e4:4d:0e:09:a6:31:ab:2d:e5:5d:15:
21:98:7b:a0:11:db:24:15:93:12:77:1a:ef:f1:64:4f:4b:44:
01:b4:29:05:a6:45:c1:f3:8a:74:9b:9d:f5:02:6c:e1:6c:5c:
32:a2:49:13:c6:02:ac:c1:03:5e:40:59:d1:28:d0:50:8a:42:
b4:0f:39:ad:66:4a:60:15:25:74:79:03:07:27:bd:18:01:2c:
f6:e3:83:3c:d3:e5:c1:14:85:3c:f7:d8:1a:bb:18:fa:56:f1:
ed:00:be:08:45:a0:7f:29:30:19:d1:4d:34:39:c8:8c:1c:51:
1d:cf:3c:3e:c7:5e:59:22:aa:6e:29:1f:c6:9e:23:4e:10:f9:
95:cc:b6:95
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYkUc3VYym6vwXS/tNb3mOujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzAyMDIzNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY2NDk0YzU4MmI5OGZkOGUwZTdhZDQzMGQyMTNmNGZkZWYxODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RgjecfHNZ9GPENMFfLGg/MuwmW8
cCOpkeztgKYwROAGWvCf7luYIeM7UMTczSIL5y74diOgZWpe2iVYBPNvOPXThhTW
+bQRWMGsuNYuzsWnbLwEb//6zOTciHSwQJQF2SWyPgzIXEok3NCvObmoRrGFQVtD
+w0VM5nQnlPuqFI+v6RXPVTigah+TVxY3eCxTvGsvehG0ygcYAGc68iSjqLJpVpB
o012XRhFXzLmRWufrWUd6hEmXqPlnLbEDBzNvwK4Q9IOySxWOUtPhFNEXmTNu6qm
efIKX8gy4qF7WWneJmS7PgxBeFjQNTY8c7P2U286ivNl8mYKtusP7sv6bwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFMxmSUxYK5j9jg561DDSE/T97xhKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvekdaSlRGZ3JtUDJPRG5yVU1OSVQ5UDN2R0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYCKgbeAQQD
BgIqEMzCnAMHACoQzMPMwzANBgkqhkiG9w0BAQsFAAOCAQEAe0Y76NafGGkuUwXQ
bZYAlIXIOa09Hlhel/NVqlHrNFOfvED6ghTQdUj1bSVqWEkLeOsrQlfQgytFJMxy
AcZqmq1A471pJgek6GZ8ZwG2R21UVThd4iWrZNxLl0MVNu/1o7VCzfmBcAv9YeUa
uxCelSSxfORNDgmmMast5V0VIZh7oBHbJBWTEnca7/FkT0tEAbQpBaZFwfOKdJud
9QJs4WxcMqJJE8YCrMEDXkBZ0SjQUIpCtA85rWZKYBUldHkDBye9GAEs9uODPNPl
wRSFPPfYGrsY+lbx7QC+CEWgfykwGdFNNDnIjBxRHc88PsdeWSKqbikfxp4jThD5
lcy2lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org