Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/zX6ALIx7jJ2M8U4nuQm48jvYRqo.roa
File: zX6ALIx7jJ2M8U4nuQm48jvYRqo.roa (raw, json)
Hash identifier: QcmI3eV2FKGGl78xid8G8l91MyZnISSnfriDymXNejY=
Subject key identifier: CD:7E:80:2C:8C:7B:8C:9D:8C:F1:4E:27:B9:09:B8:F2:3B:D8:46:AA
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 01887B4669CB78FA4A5EB59EF745062E9A49
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/zX6ALIx7jJ2M8U4nuQm48jvYRqo.roa
Signing time: Fri 02 Jun 2023 08:43:12 +0000
ROA not before: Fri 02 Jun 2023 08:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Jun 2023 11:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:46:69:cb:78:fa:4a:5e:b5:9e:f7:45:06:2e:9a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jun 2 08:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd7e802c8c7b8c9d8cf14e27b909b8f23bd846aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:f4:58:76:5f:56:8e:a0:24:d4:b4:b1:87:
22:32:1f:b9:6e:10:2d:53:51:05:67:5b:74:ac:b7:
55:62:85:70:a4:e3:58:c0:50:d7:1e:34:e2:84:66:
a3:c9:03:f9:0c:7d:56:cf:27:fa:26:24:04:cb:65:
4f:3c:c6:19:04:0f:61:d3:e2:e9:c2:fe:1a:c0:87:
82:10:1e:f9:25:16:5c:76:77:d9:02:72:79:e4:06:
ab:48:13:8c:15:33:ec:5a:3d:8f:aa:35:dd:90:a1:
2d:fb:4e:70:c2:55:49:51:e9:b8:4d:49:a4:fd:19:
06:3d:ac:d0:58:e7:fd:fc:07:39:02:0d:e2:72:87:
6f:e8:9a:a9:64:1d:53:c4:f9:a1:e0:01:56:f6:19:
e1:b6:a8:1d:e5:0f:6b:f9:60:1e:ce:54:5a:79:1e:
07:a6:c6:a3:a5:f1:1e:44:6e:ca:3d:d8:5a:6f:6f:
3b:73:9e:bb:50:db:7e:e6:63:70:95:b5:e7:a4:ad:
9c:0a:32:cc:c5:c5:d1:fe:c1:de:6f:fb:a6:ac:e9:
6a:29:57:a9:f8:5f:e0:dd:cd:42:ea:56:28:fa:79:
ab:b9:93:16:86:34:15:c0:c1:3b:90:5b:30:3c:73:
b0:f2:bb:1e:9e:05:2c:8d:6f:73:89:27:6f:4a:25:
6a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7E:80:2C:8C:7B:8C:9D:8C:F1:4E:27:B9:09:B8:F2:3B:D8:46:AA
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/zX6ALIx7jJ2M8U4nuQm48jvYRqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2400::/40
Signature Algorithm: sha256WithRSAEncryption
97:ee:76:9f:06:85:14:d2:7b:54:0c:e7:c6:a7:82:5a:e2:9c:
37:9a:e8:cd:d8:2f:a5:45:3e:42:63:fe:80:0b:81:7c:13:c3:
45:86:9e:fd:0c:95:0b:58:bd:64:e3:17:50:fc:cf:9e:f4:00:
8e:a5:f2:c9:f2:f2:9a:c4:5c:74:21:3c:96:7b:8d:14:44:b8:
2e:50:4a:69:f3:7b:f7:bf:0f:57:08:b6:57:07:9e:73:05:60:
d2:30:54:e9:18:04:50:97:9e:50:e4:7d:35:63:5b:28:eb:40:
3e:6e:d2:8e:ee:60:ee:84:d4:3a:df:d2:a4:50:6b:85:32:24:
8c:c3:b2:12:ff:50:e7:ba:4b:05:b4:13:22:1f:84:de:57:ad:
86:89:37:fe:03:9a:f1:5e:5f:39:99:0f:e1:4d:43:d3:61:f0:
5c:62:6a:c5:85:75:bf:46:e0:72:71:99:ad:08:27:59:97:2f:
82:d5:79:92:65:6d:18:f7:3a:9e:9c:a1:de:c0:89:f8:63:7e:
45:10:ce:d7:1f:de:38:c3:c6:a8:69:35:18:ef:1b:d4:1e:88:
3f:7d:b7:5e:0b:a5:7f:7c:e7:84:c6:5c:dc:70:59:5f:93:15:
1d:f3:af:22:6e:b7:39:40:41:ca:9c:1d:28:6b:94:75:2c:62:
e0:8d:17:db
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYh7RmnLePpKXrWe90UGLppJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwNjAyMDg0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdlODAyYzhjN2I4YzlkOGNmMTRlMjdiOTA5YjhmMjNiZDg0NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmL0WHZfVo6gJNS0sYciMh+5bhAt
U1EFZ1t0rLdVYoVwpONYwFDXHjTihGajyQP5DH1Wzyf6JiQEy2VPPMYZBA9h0+Lp
wv4awIeCEB75JRZcdnfZAnJ55AarSBOMFTPsWj2PqjXdkKEt+05wwlVJUem4TUmk
/RkGPazQWOf9/Ac5Ag3icodv6JqpZB1TxPmh4AFW9hnhtqgd5Q9r+WAezlRaeR4H
psajpfEeRG7KPdhab287c567UNt+5mNwlbXnpK2cCjLMxcXR/sHeb/umrOlqKVep
+F/g3c1C6lYo+nmruZMWhjQVwME7kFswPHOw8rsengUsjW9ziSdvSiVqKQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFM1+gCyMe4ydjPFOJ7kJuPI72EaqMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvelg2QUxJeDdqSjJNOFU0bnVRbTQ4anZZUnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcEKgBLwCAA
AwYAKgBLwCEDBgAqAEvAJDANBgkqhkiG9w0BAQsFAAOCAQEAl+52nwaFFNJ7VAzn
xqeCWuKcN5rozdgvpUU+QmP+gAuBfBPDRYae/QyVC1i9ZOMXUPzPnvQAjqXyyfLy
msRcdCE8lnuNFES4LlBKafN7978PVwi2VweecwVg0jBU6RgEUJeeUOR9NWNbKOtA
Pm7Sju5g7oTUOt/SpFBrhTIkjMOyEv9Q57pLBbQTIh+E3lethok3/gOa8V5fOZkP
4U1D02HwXGJqxYV1v0bgcnGZrQgnWZcvgtV5kmVtGPc6npyh3sCJ+GN+RRDO1x/e
OMPGqGk1GO8b1B6IP323Xgulf3znhMZc3HBZX5MVHfOvIm63OUBBypwdKGuUdSxi
4I0X2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org