Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wZmZo2baeoMc1x9cmIEZwlNPkrU.roa
File: wZmZo2baeoMc1x9cmIEZwlNPkrU.roa (raw, json)
Hash identifier: ja/lAJlXy6jAXcDhCRGZrBXN+vkNfRImoij6/B3wHAc=
Subject key identifier: C1:99:99:A3:66:DA:7A:83:1C:D7:1F:5C:98:81:19:C2:53:4F:92:B5
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 01856D6F744278AB80DA1A714BD73CA12AE0
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wZmZo2baeoMc1x9cmIEZwlNPkrU.roa
Signing time: Sun 01 Jan 2023 13:04:58 +0000
ROA not before: Sun 01 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate revoked on Fri 02 Jun 2023 08:43:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:74:42:78:ab:80:da:1a:71:4b:d7:3c:a1:2a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c19999a366da7a831cd71f5c988119c2534f92b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:68:66:9c:da:a7:76:c6:41:95:6e:52:ac:
59:8c:8d:49:92:08:60:62:cd:43:29:e1:fa:e4:cf:
f2:ee:0c:da:76:4f:da:81:9c:9a:64:b9:ad:ce:e5:
59:2d:c7:18:44:5b:22:52:ab:49:5e:bc:54:8e:82:
7d:99:92:4e:4a:62:bc:29:35:89:2a:fd:dd:2a:3f:
b3:8e:7a:8a:d1:49:b7:5e:81:50:46:1b:e2:54:8e:
cb:8c:c4:30:20:83:0e:73:cd:64:e9:3f:01:a1:46:
92:c5:e1:44:b9:87:be:33:2f:7b:b8:b4:96:64:8c:
b7:39:23:b5:4c:54:51:d4:2c:af:88:98:71:12:6f:
6b:4a:09:69:eb:d1:3d:28:17:d3:30:40:d4:4a:d5:
3e:35:f3:5b:59:54:56:4b:dd:7b:d9:93:44:d3:e9:
af:8b:58:a5:5c:5f:12:e9:9e:36:18:d0:80:ce:40:
12:34:66:91:d1:f6:e5:be:02:61:f8:52:b5:21:1e:
a1:4d:73:c6:0b:34:6d:06:61:a2:23:f1:ab:a2:a5:
4e:aa:40:e6:dc:7d:30:38:12:45:bf:49:32:b4:56:
1e:c9:55:22:9e:75:2d:9a:5b:68:55:5b:f6:e4:92:
34:f6:65:62:7a:9a:5e:c4:08:7c:3c:30:a8:1a:de:
db:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:99:99:A3:66:DA:7A:83:1C:D7:1F:5C:98:81:19:C2:53:4F:92:B5
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/wZmZo2baeoMc1x9cmIEZwlNPkrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
Signature Algorithm: sha256WithRSAEncryption
1d:0d:77:5f:e2:a2:c5:8b:77:cc:6e:9c:5f:df:9a:c0:31:98:
f2:33:b5:91:8e:e4:32:dc:ee:64:4b:8a:3f:f5:db:33:04:35:
73:77:ce:49:d7:37:85:1d:e4:25:0e:9c:21:c2:52:56:71:5d:
90:d9:45:7e:ce:4b:7f:14:06:9e:93:6c:63:a0:5f:81:b2:1c:
b0:92:a6:28:28:39:59:37:fe:98:29:b0:7a:f9:8c:4f:01:7c:
90:ca:e3:18:e4:e4:e1:78:1d:87:9c:89:9a:63:9f:8a:6f:0c:
da:6b:0b:72:64:00:36:93:c9:5b:a8:de:7a:90:40:34:a7:15:
f0:55:ac:13:23:11:87:07:82:25:05:47:98:f6:19:be:16:c9:
e0:af:0e:af:a8:2a:01:0e:c0:d9:02:16:ce:ec:3e:d7:7f:99:
77:aa:85:9e:1e:7d:26:79:d9:40:d3:8a:7f:6a:76:5d:a5:5a:
e1:34:db:0e:3d:04:ce:02:67:76:63:28:8a:17:b0:89:eb:0e:
a3:d3:cb:f6:a2:e1:16:a8:f8:f9:73:0e:69:83:23:10:61:de:
f8:fb:8d:09:94:f2:31:11:14:e4:f3:19:16:ed:10:72:19:f9:
f0:6a:15:19:05:04:bf:e0:1a:2a:19:ef:3f:1c:05:07:3c:6d:
71:08:e0:41
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVtb3RCeKuA2hpxS9c8oSrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwMTAxMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk5OTlhMzY2ZGE3YTgzMWNkNzFmNWM5ODgxMTljMjUzNGY5MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIRoZpzap3bGQZVuUqxZjI1Jkghg
Ys1DKeH65M/y7gzadk/agZyaZLmtzuVZLccYRFsiUqtJXrxUjoJ9mZJOSmK8KTWJ
Kv3dKj+zjnqK0Um3XoFQRhviVI7LjMQwIIMOc81k6T8BoUaSxeFEuYe+My97uLSW
ZIy3OSO1TFRR1CyviJhxEm9rSglp69E9KBfTMEDUStU+NfNbWVRWS9172ZNE0+mv
i1ilXF8S6Z42GNCAzkASNGaR0fblvgJh+FK1IR6hTXPGCzRtBmGiI/GroqVOqkDm
3H0wOBJFv0kytFYeyVUinnUtmltoVVv25JI09mVieppexAh8PDCoGt7bcQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFMGZmaNm2nqDHNcfXJiBGcJTT5K1MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvd1ptWm8yYmFlb01jMXg5Y21JRVp3bE5Qa3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgBLwCAA
AwYAKgBLwCEwDQYJKoZIhvcNAQELBQADggEBAB0Nd1/iosWLd8xunF/fmsAxmPIz
tZGO5DLc7mRLij/12zMENXN3zknXN4Ud5CUOnCHCUlZxXZDZRX7OS38UBp6TbGOg
X4GyHLCSpigoOVk3/pgpsHr5jE8BfJDK4xjk5OF4HYeciZpjn4pvDNprC3JkADaT
yVuo3nqQQDSnFfBVrBMjEYcHgiUFR5j2Gb4WyeCvDq+oKgEOwNkCFs7sPtd/mXeq
hZ4efSZ52UDTin9qdl2lWuE02w49BM4CZ3ZjKIoXsInrDqPTy/ai4Rao+PlzDmmD
IxBh3vj7jQmU8jERFOTzGRbtEHIZ+fBqFRkFBL/gGioZ7z8cBQc8bXEI4EE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:20 2024 by rpki-client on console-ams.rpki-client.org