Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXiUnm0MBmjB3rj_kUCM6u3tVKs.roa
File: zXiUnm0MBmjB3rj_kUCM6u3tVKs.roa (raw, json)
Hash identifier: jYfCcmgQqjGwA6W6AjRjafBPOimsLTFFyhFam6l1AJk=
Subject key identifier: CD:78:94:9E:6D:0C:06:68:C1:DE:B8:FF:91:40:8C:EA:ED:ED:54:AB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE6E057EB49A0187F2052B6DFBE2D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXiUnm0MBmjB3rj_kUCM6u3tVKs.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197710
IP address blocks: 2a0e:b107:118a::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 11:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e6:e0:57:eb:49:a0:18:7f:20:52:b6:df:be:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd78949e6d0c0668c1deb8ff91408ceaeded54ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bd:22:88:49:07:2b:52:d2:84:dd:d7:16:09:
cd:14:bb:2f:63:07:29:87:d9:46:1d:1c:1a:3a:19:
35:d3:08:9a:8e:cd:a9:87:eb:9b:e9:89:01:b9:06:
2d:30:77:28:75:ce:fb:8c:ac:fb:14:de:05:e0:8e:
a1:64:a4:be:2f:45:b9:a4:3b:a4:28:d4:d2:df:15:
3f:27:6b:55:fb:f0:da:b2:17:08:31:a5:11:d1:99:
fc:90:98:7a:58:58:3d:38:de:b2:6f:3c:2a:c2:dd:
7c:45:e9:f1:27:4f:ad:fd:d5:a7:94:2d:25:d0:d4:
66:36:ef:97:30:52:d2:12:c6:bc:86:66:58:e1:8f:
10:58:b9:d0:a1:eb:51:2b:ad:6f:4a:22:f0:d4:eb:
11:5b:34:a2:94:a6:84:62:83:62:80:7f:39:d6:5e:
cc:d8:30:ed:12:e4:c8:df:b4:cd:7d:33:35:80:ff:
ad:c3:ef:fe:4e:13:ab:29:45:eb:46:52:2f:8e:cd:
79:93:49:40:b6:c7:29:84:e8:64:dd:01:9d:58:46:
36:99:47:97:1d:b7:f9:a9:bd:1e:cf:bc:62:3a:57:
9a:1b:0f:12:1a:20:bb:36:51:39:b7:7d:83:18:78:
ab:3e:91:29:89:f5:fd:f2:3b:1e:0f:c3:00:21:75:
91:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:78:94:9E:6D:0C:06:68:C1:DE:B8:FF:91:40:8C:EA:ED:ED:54:AB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXiUnm0MBmjB3rj_kUCM6u3tVKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:118a::/48
Signature Algorithm: sha256WithRSAEncryption
5c:df:f7:9a:80:f1:b8:5f:44:2d:64:fb:33:ed:e9:22:0a:f1:
5b:af:c4:b8:e9:93:17:db:5e:ba:16:af:f2:4c:74:b1:fe:04:
d7:e9:6b:f1:2b:8a:46:2d:ea:cc:98:ff:3b:fd:a2:13:f1:ed:
59:ad:60:93:14:09:da:91:33:6a:a4:36:54:30:f0:69:29:8e:
52:26:e4:c9:a5:81:f2:f2:17:22:fe:19:df:f2:05:8e:7b:e0:
df:8a:26:66:ab:bc:35:28:fd:8e:8f:7b:1a:0b:86:e1:45:85:
54:12:93:c9:53:a3:37:bc:81:82:07:e4:cc:44:61:fc:0f:34:
bc:f7:4e:63:df:d9:4c:8f:66:77:71:63:ea:78:21:bf:e3:e4:
55:c5:9d:e2:b4:02:d2:2c:50:16:40:87:2d:47:8b:18:61:82:
26:5c:2c:29:8a:ac:8f:ef:59:fe:e6:3e:3f:0a:f5:39:86:fe:
4e:a4:f2:6a:7e:a0:e9:86:41:be:40:50:b7:e2:46:e3:3f:ae:
10:2a:9e:c0:45:cc:81:69:f8:84:24:55:0c:6d:d5:f7:ce:9e:
d1:43:da:89:6e:7a:12:7b:c7:8c:54:27:49:af:5b:d8:fb:a0:
4e:cf:69:2e:9b:58:83:71:f8:4d:08:0c:17:cd:c8:44:1f:10:
12:79:88:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvObgV+tJoBh/IFK2374tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc4OTQ5ZTZkMGMwNjY4YzFkZWI4ZmY5MTQwOGNlYWVkZWQ1NGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr0iiEkHK1LShN3XFgnNFLsvYwcp
h9lGHRwaOhk10wiajs2ph+ub6YkBuQYtMHcodc77jKz7FN4F4I6hZKS+L0W5pDuk
KNTS3xU/J2tV+/DashcIMaUR0Zn8kJh6WFg9ON6ybzwqwt18RenxJ0+t/dWnlC0l
0NRmNu+XMFLSEsa8hmZY4Y8QWLnQoetRK61vSiLw1OsRWzSilKaEYoNigH851l7M
2DDtEuTI37TNfTM1gP+tw+/+ThOrKUXrRlIvjs15k0lAtscphOhk3QGdWEY2mUeX
Hbf5qb0ez7xiOleaGw8SGiC7NlE5t32DGHirPpEpifX98jseD8MAIXWRmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM14lJ5tDAZowd64/5FAjOrt7VSrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvelhpVW5tME1CbWpCM3JqX2tVQ002dTN0VktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxGK
MA0GCSqGSIb3DQEBCwUAA4IBAQBc3/eagPG4X0QtZPsz7ekiCvFbr8S46ZMX2166
Fq/yTHSx/gTX6WvxK4pGLerMmP87/aIT8e1ZrWCTFAnakTNqpDZUMPBpKY5SJuTJ
pYHy8hci/hnf8gWOe+DfiiZmq7w1KP2Oj3saC4bhRYVUEpPJU6M3vIGCB+TMRGH8
DzS8905j39lMj2Z3cWPqeCG/4+RVxZ3itALSLFAWQIctR4sYYYImXCwpiqyP71n+
5j4/CvU5hv5OpPJqfqDphkG+QFC34kbjP64QKp7ARcyBafiEJFUMbdX3zp7RQ9qJ
bnoSe8eMVCdJr1vY+6BOz2kum1iDcfhNCAwXzchEHxASeYhK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:41 2024 by rpki-client on console-fra.rpki-client.org