Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zvf6ZHRzWK0ANWIzC37_GCT7g-c.roa
File: zvf6ZHRzWK0ANWIzC37_GCT7g-c.roa (raw, json)
Hash identifier: SQmLfJVtV3+M25rDQPkgeWISW7UCTPbMWQTsJ4fd/f0=
Subject key identifier: CE:F7:FA:64:74:73:58:AD:00:35:62:33:0B:7E:FF:18:24:FB:83:E7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0190D0AE42351E9FF65F403489967E7F0B13
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zvf6ZHRzWK0ANWIzC37_GCT7g-c.roa
Signing time: Sat 20 Jul 2024 15:06:39 +0000
ROA not before: Sat 20 Jul 2024 15:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214527
IP address blocks: 2a0e:97c0:7a0::/44 maxlen: 48
2a10:ccc5:5550::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 13:45:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d0:ae:42:35:1e:9f:f6:5f:40:34:89:96:7e:7f:0b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 20 15:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cef7fa64747358ad003562330b7eff1824fb83e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:cb:0a:23:e1:16:ad:66:19:91:3a:b7:db:
31:24:41:bc:1a:04:98:e6:37:ed:26:bf:45:03:b8:
4c:ff:a8:aa:94:03:6f:95:26:31:73:5b:57:99:7e:
19:18:77:9d:d0:ab:9d:4a:31:5b:13:4e:2b:ed:6e:
0f:8a:81:b0:1a:99:76:63:b1:4f:a3:a7:e3:10:cd:
46:ba:ac:ae:e8:fa:1e:11:f6:79:a2:e5:ea:43:37:
51:55:d2:36:7a:5f:cd:6b:56:aa:5c:d4:66:21:f9:
a1:de:c5:a3:f5:c2:b0:93:8d:7f:12:83:80:7e:70:
98:c8:bb:8e:e0:06:a8:9e:02:ba:df:a8:63:e2:0d:
33:3b:51:f7:b2:51:b3:0e:b2:b8:3f:8f:3c:25:e2:
5a:50:d1:11:c0:bf:88:89:05:cc:57:d1:81:19:49:
18:ff:5b:54:5c:dd:cb:71:0e:5b:8a:be:3a:87:b0:
77:96:82:9e:70:3c:c0:7b:69:8a:09:51:52:5f:ce:
f5:d8:17:69:ae:ec:1c:7c:1c:3a:df:13:92:fa:94:
88:3e:34:36:62:25:d2:cb:63:06:8c:39:10:56:3b:
47:08:e3:ca:88:27:86:4a:7e:9d:25:32:2a:83:c1:
5b:71:de:43:1f:3a:8e:b0:9a:ad:0b:c5:0e:b2:83:
01:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F7:FA:64:74:73:58:AD:00:35:62:33:0B:7E:FF:18:24:FB:83:E7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zvf6ZHRzWK0ANWIzC37_GCT7g-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:7a0::/44
2a10:ccc5:5550::/48
Signature Algorithm: sha256WithRSAEncryption
10:66:6f:87:67:ce:22:f9:1f:0d:fd:f0:62:42:6b:0b:31:51:
12:f4:94:0d:15:cd:0d:06:11:f8:cd:8f:00:b5:d3:c7:d4:f3:
c2:f7:9b:9f:da:94:0a:36:67:d1:48:f7:5e:5d:66:bb:a7:a8:
82:bb:5b:cc:a0:93:b4:4d:2e:5c:05:84:93:4e:63:e9:70:37:
52:06:55:44:be:4b:03:70:93:ae:82:16:af:1c:49:3c:bc:23:
d9:cc:b5:96:9d:bb:0d:a3:2d:b6:24:e7:50:8b:03:24:43:df:
31:78:91:5e:06:31:ec:64:c3:3b:98:e1:a9:a7:53:3f:7f:cc:
1e:27:ce:9b:d3:d7:d7:c0:53:01:a0:94:c2:79:8b:ad:a1:9d:
22:74:fb:4b:4f:fa:27:91:f9:82:d0:35:ef:fe:cf:13:4e:81:
70:83:16:4f:b7:60:d1:d1:e5:42:81:db:24:64:96:e5:99:82:
ba:c6:2d:8f:b3:f2:f6:dd:ad:84:79:d8:f7:33:97:fe:e0:20:
10:51:29:c5:ef:6a:f0:23:e6:f3:f4:d0:40:37:ff:19:ef:5e:
1c:ab:46:b4:d9:fd:fe:2f:07:84:91:06:f5:09:ff:65:21:5d:
c9:d8:90:48:c9:b0:02:06:9a:7c:ef:1f:de:76:77:fd:60:72:
fc:14:d2:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDQrkI1Hp/2X0A0iZZ+fwsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzIwMTUwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWY3ZmE2NDc0NzM1OGFkMDAzNTYyMzMwYjdlZmYxODI0ZmI4M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruDLCiPhFq1mGZE6t9sxJEG8GgSY
5jftJr9FA7hM/6iqlANvlSYxc1tXmX4ZGHed0KudSjFbE04r7W4PioGwGpl2Y7FP
o6fjEM1Guqyu6PoeEfZ5ouXqQzdRVdI2el/Na1aqXNRmIfmh3sWj9cKwk41/EoOA
fnCYyLuO4AaongK636hj4g0zO1H3slGzDrK4P488JeJaUNERwL+IiQXMV9GBGUkY
/1tUXN3LcQ5bir46h7B3loKecDzAe2mKCVFSX8712BdpruwcfBw63xOS+pSIPjQ2
YiXSy2MGjDkQVjtHCOPKiCeGSn6dJTIqg8Fbcd5DHzqOsJqtC8UOsoMB9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM73+mR0c1itADViMwt+/xgk+4PnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvenZmNlpIUnpXSzBBTldJekMzN19HQ1Q3Zy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAeg
AwcAKhDMxVVQMA0GCSqGSIb3DQEBCwUAA4IBAQAQZm+HZ84i+R8N/fBiQmsLMVES
9JQNFc0NBhH4zY8AtdPH1PPC95uf2pQKNmfRSPdeXWa7p6iCu1vMoJO0TS5cBYST
TmPpcDdSBlVEvksDcJOughavHEk8vCPZzLWWnbsNoy22JOdQiwMkQ98xeJFeBjHs
ZMM7mOGpp1M/f8weJ86b09fXwFMBoJTCeYutoZ0idPtLT/onkfmC0DXv/s8TToFw
gxZPt2DR0eVCgdskZJblmYK6xi2Ps/L23a2Eedj3M5f+4CAQUSnF72rwI+bz9NBA
N/8Z714cq0a02f3+LweEkQb1Cf9lIV3J2JBIybACBpp87x/ednf9YHL8FNIv
-----END CERTIFICATE-----
Generated at Thu Aug 1 16:11:52 2024 by rpki-client on console-fra.rpki-client.org