Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa
File: ZaELYc3zzlz4f7ODF4hhYbdWROo.roa (raw, json)
Hash identifier: y72xGmQt03qK0I1rp7bcgsfyyMOXCOsH7m661dqXGbo=
Subject key identifier: 65:A1:0B:61:CD:F3:CE:5C:F8:7F:B3:83:17:88:61:61:B7:56:44:EA
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 0186C1C6BEAAA4C1BD6DD3AB5C8838A9F87A
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa
Signing time: Wed 08 Mar 2023 15:11:13 +0000
ROA not before: Wed 08 Mar 2023 15:11:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:ec01::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:c6:be:aa:a4:c1:bd:6d:d3:ab:5c:88:38:a9:f8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Mar 8 15:11:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65a10b61cdf3ce5cf87fb38317886161b75644ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:e7:c4:60:1a:c9:bb:8e:84:fe:a0:9b:ba:
4a:51:c2:d3:bb:7d:55:06:05:66:42:6a:f0:a3:07:
04:02:25:8d:24:80:34:a0:db:b6:00:6f:e4:4a:19:
cd:e9:9c:c4:c0:d7:a9:d1:6e:7c:1a:f6:a1:e2:22:
18:18:af:7e:26:e5:0c:a3:96:7d:ba:ac:35:85:ff:
9d:4a:86:5b:f2:48:5a:17:6c:b7:25:8c:1e:d1:29:
98:2f:a2:04:72:91:99:cf:c3:09:76:a3:47:ac:e4:
23:d6:35:8a:41:1d:4e:bc:c7:45:a1:0a:03:6e:30:
70:0a:5f:ee:dc:32:91:1c:9c:d4:2c:2c:0f:5b:6e:
6c:1e:8e:9e:04:4e:fc:d9:59:26:6e:01:1e:58:ba:
d4:19:76:96:0b:40:e2:fb:fc:92:91:4c:3f:75:7d:
24:1f:83:54:6a:d6:4d:f6:ee:ff:ab:d9:23:94:44:
f3:e8:92:1a:0c:5d:1a:26:59:d0:7f:61:c6:7b:83:
b2:dd:53:d2:53:f6:04:47:ce:68:55:30:36:9f:f1:
36:22:05:cc:6a:4c:12:c2:ab:6f:bb:86:8f:f0:0c:
6f:57:c4:b3:83:10:b1:02:e4:ff:01:2c:34:89:16:
da:ad:fd:99:df:d6:c3:6b:c7:d9:1a:48:a2:df:d7:
a2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A1:0B:61:CD:F3:CE:5C:F8:7F:B3:83:17:88:61:61:B7:56:44:EA
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/ZaELYc3zzlz4f7ODF4hhYbdWROo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:ec01::/32
Signature Algorithm: sha256WithRSAEncryption
65:41:03:c2:09:6b:34:c4:e2:08:fd:8e:d6:40:88:39:04:7b:
cc:3f:fa:a3:4c:11:3b:e0:14:c2:30:f7:c2:e9:13:16:07:d7:
06:cd:e2:3d:05:1c:06:de:ea:70:51:4e:ef:85:1f:d3:8e:7f:
c0:75:ec:28:84:9b:3b:60:26:16:8f:66:60:75:fb:24:67:01:
7a:8e:e5:7f:f1:9f:99:e9:1a:4d:50:9c:91:3e:d6:53:0f:23:
37:45:32:73:f9:a1:85:45:9a:a8:1e:fd:c5:05:6f:6c:2c:81:
9a:a2:4c:d1:97:4f:9f:24:9b:9f:08:74:ad:df:5c:5e:ad:40:
48:23:52:69:4a:ef:e5:3d:8a:dc:42:fa:41:a7:6d:d6:29:49:
d0:01:5c:35:23:40:fe:46:cf:51:5a:8d:bb:c9:da:e1:d3:1c:
66:13:a6:40:8a:e1:fa:fb:e4:c1:33:74:c6:16:c9:29:fa:e8:
f3:ba:35:42:b7:dc:b2:e8:9c:0e:03:6e:b0:03:c7:0f:36:7d:
c4:09:29:f8:af:21:9d:4f:46:d4:13:3e:27:f4:9b:75:5c:6f:
5f:a8:e2:1d:f2:bb:ab:5e:8f:23:d4:4d:dc:09:4f:ef:52:f8:
06:ea:2c:46:f1:0a:5f:2e:df:0f:c5:a5:16:17:00:51:f7:e6:
9f:81:db:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbBxr6qpMG9bdOrXIg4qfh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjMwMzA4MTUxMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWExMGI2MWNkZjNjZTVjZjg3ZmIzODMxNzg4NjE2MWI3NTY0NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiHnxGAaybuOhP6gm7pKUcLTu31V
BgVmQmrwowcEAiWNJIA0oNu2AG/kShnN6ZzEwNep0W58Gvah4iIYGK9+JuUMo5Z9
uqw1hf+dSoZb8khaF2y3JYwe0SmYL6IEcpGZz8MJdqNHrOQj1jWKQR1OvMdFoQoD
bjBwCl/u3DKRHJzULCwPW25sHo6eBE782VkmbgEeWLrUGXaWC0Di+/ySkUw/dX0k
H4NUatZN9u7/q9kjlETz6JIaDF0aJlnQf2HGe4Oy3VPSU/YER85oVTA2n/E2IgXM
akwSwqtvu4aP8AxvV8SzgxCxAuT/ASw0iRbarf2Z39bDa8fZGkii39ei6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGWhC2HN885c+H+zgxeIYWG3VkTqMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvWmFFTFljM3p6bHo0ZjdPREY0aGhZYmRXUk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7sATAN
BgkqhkiG9w0BAQsFAAOCAQEAZUEDwglrNMTiCP2O1kCIOQR7zD/6o0wRO+AUwjD3
wukTFgfXBs3iPQUcBt7qcFFO74Uf045/wHXsKISbO2AmFo9mYHX7JGcBeo7lf/Gf
mekaTVCckT7WUw8jN0Uyc/mhhUWaqB79xQVvbCyBmqJM0ZdPnySbnwh0rd9cXq1A
SCNSaUrv5T2K3EL6Qadt1ilJ0AFcNSNA/kbPUVqNu8na4dMcZhOmQIrh+vvkwTN0
xhbJKfro87o1QrfcsuicDgNusAPHDzZ9xAkp+K8hnU9G1BM+J/SbdVxvX6jiHfK7
q16PI9RN3AlP71L4BuosRvEKXy7fD8WlFhcAUffmn4Hb/Q==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:20 2024 by rpki-client on console-ams.rpki-client.org