Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zTM8ywfssT0yNwnXBLE4fMMwhZM.roa
File: zTM8ywfssT0yNwnXBLE4fMMwhZM.roa (raw, json)
Hash identifier: iRLz4rl2JQmGzLBf4/e36lsH1G8P09iodRC7S5BR5ro=
Subject key identifier: CD:33:3C:CB:07:EC:B1:3D:32:37:09:D7:04:B1:38:7C:C3:30:85:93
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E9035C002EF1D0104827BFBF7714A4954
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zTM8ywfssT0yNwnXBLE4fMMwhZM.roa
Signing time: Sat 30 Mar 2024 16:33:45 +0000
ROA not before: Sat 30 Mar 2024 16:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215569
IP address blocks: 2a0e:b107:28a6::/48 maxlen: 48
2a0e:b107:28a7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Apr 2024 02:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:90:35:c0:02:ef:1d:01:04:82:7b:fb:f7:71:4a:49:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 30 16:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd333ccb07ecb13d323709d704b1387cc3308593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b0:56:78:4a:75:37:6b:5a:97:53:10:c8:10:
9a:a1:d0:ae:b2:03:ae:c2:67:8b:6a:0b:a5:3a:bf:
96:a4:eb:65:d5:65:86:f9:af:e9:3c:91:12:b8:8c:
49:95:bc:a6:2e:84:f1:fa:6a:a5:7e:8e:48:2b:a1:
3b:e5:2f:db:3c:59:cd:15:55:9b:57:35:01:e7:c8:
19:93:85:a6:29:95:8c:2f:18:21:a3:38:4c:d0:cb:
e4:fb:f7:3f:80:40:69:63:e1:55:2b:ad:9b:33:ff:
61:c5:a0:73:af:a6:0d:87:ef:26:34:af:5d:ed:b4:
1e:73:9a:b5:7c:c2:13:27:14:e1:8f:7b:23:9d:9b:
1f:81:5f:bd:26:e8:1a:da:58:36:7b:01:18:a2:ad:
fb:1f:c3:3d:86:33:a3:f3:3f:c0:45:c0:64:6c:2f:
98:12:39:9c:81:0b:18:7a:22:14:92:13:04:d0:72:
72:c2:51:12:21:df:74:c3:7a:da:0a:32:94:1c:07:
17:b9:e1:af:39:dc:a5:69:3d:57:0f:6b:20:03:27:
e6:b2:35:dc:23:43:88:75:60:60:ec:9f:2e:21:97:
ce:7c:8d:33:36:09:1d:ff:bf:ac:9f:20:de:56:45:
85:4f:ea:1f:09:ee:25:a7:a6:70:71:2e:70:b3:d4:
52:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:33:3C:CB:07:EC:B1:3D:32:37:09:D7:04:B1:38:7C:C3:30:85:93
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zTM8ywfssT0yNwnXBLE4fMMwhZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:28a6::/47
Signature Algorithm: sha256WithRSAEncryption
59:df:27:a0:be:1e:10:5f:37:a5:92:6a:ee:88:f5:83:6e:05:
32:c5:6e:f4:64:ac:f8:9e:e5:3e:b4:eb:74:19:ef:6c:ef:f6:
c4:ee:f6:71:60:ca:87:c9:1e:22:82:57:93:86:d1:94:58:97:
0b:53:33:fa:29:1a:7c:ca:4b:9a:61:0e:f5:e1:9b:92:17:6a:
e7:16:89:31:4d:a2:94:48:5f:e3:24:65:75:a1:3a:1b:ff:07:
ee:7c:16:45:db:ff:3d:06:a7:e5:b8:fb:24:c1:97:10:88:4e:
b6:bf:a0:28:1f:d1:c7:29:54:df:1b:b9:02:03:7f:cf:24:47:
23:1b:87:2a:58:6b:24:22:9d:52:5b:58:f4:78:b6:69:7c:4f:
7b:a2:7e:27:1e:d2:e6:98:22:c4:49:42:04:7f:bf:76:63:45:
21:97:d1:68:ef:98:a0:c0:f6:01:13:d5:d2:39:9a:44:53:0c:
15:f6:e0:99:ec:aa:2a:82:14:58:5c:92:1d:a3:88:b2:48:2b:
23:6a:fb:1d:38:14:2b:1c:02:53:bc:e0:8c:aa:07:08:a6:07:
ad:17:f7:49:c2:de:ad:c0:bb:82:80:11:30:d3:c8:0a:fe:cc:
d6:b5:7e:6a:57:99:0f:7b:b7:03:47:8f:ea:cb:17:9f:69:21:
3a:0d:c9:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY6QNcAC7x0BBIJ7+/dxSklUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzMwMTYzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMzM2NjYjA3ZWNiMTNkMzIzNzA5ZDcwNGIxMzg3Y2MzMzA4NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17BWeEp1N2tal1MQyBCaodCusgOu
wmeLagulOr+WpOtl1WWG+a/pPJESuIxJlbymLoTx+mqlfo5IK6E75S/bPFnNFVWb
VzUB58gZk4WmKZWMLxghozhM0Mvk+/c/gEBpY+FVK62bM/9hxaBzr6YNh+8mNK9d
7bQec5q1fMITJxThj3sjnZsfgV+9Juga2lg2ewEYoq37H8M9hjOj8z/ARcBkbC+Y
EjmcgQsYeiIUkhME0HJywlESId90w3raCjKUHAcXueGvOdylaT1XD2sgAyfmsjXc
I0OIdWBg7J8uIZfOfI0zNgkd/7+snyDeVkWFT+ofCe4lp6ZwcS5ws9RSqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM0zPMsH7LE9MjcJ1wSxOHzDMIWTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvelRNOHl3ZnNzVDB5TnduWEJMRTRmTU13aFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xByim
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ3yegvh4QXzelkmruiPWDbgUyxW70ZKz4nuU+
tOt0Ge9s7/bE7vZxYMqHyR4igleThtGUWJcLUzP6KRp8ykuaYQ714ZuSF2rnFokx
TaKUSF/jJGV1oTob/wfufBZF2/89BqfluPskwZcQiE62v6AoH9HHKVTfG7kCA3/P
JEcjG4cqWGskIp1SW1j0eLZpfE97on4nHtLmmCLESUIEf792Y0Uhl9Fo75igwPYB
E9XSOZpEUwwV9uCZ7KoqghRYXJIdo4iySCsjavsdOBQrHAJTvOCMqgcIpgetF/dJ
wt6twLuCgBEw08gK/szWtX5qV5kPe7cDR4/qyxefaSE6Dcli
-----END CERTIFICATE-----
Generated at Sun Apr 7 05:21:19 2024 by rpki-client on console-ams.rpki-client.org