Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/h2G_ZAAAzsotlKNs7IU2odGplHo.roa
File: h2G_ZAAAzsotlKNs7IU2odGplHo.roa (raw, json)
Hash identifier: tBfpULUvYxSeZdZ4QxWmrtt5Ww/Gf3xXz3oMUt66RVE=
Subject key identifier: 87:61:BF:64:00:00:CE:CA:2D:94:A3:6C:EC:85:36:A1:D1:A9:94:7A
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 018CC3B6931445C8FFCE9EFEDB81D0D6F5AE
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/h2G_ZAAAzsotlKNs7IU2odGplHo.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211444
IP address blocks: 2a0e:ec02::/32 maxlen: 48
2a0e:ec03::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Mar 2024 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:93:14:45:c8:ff:ce:9e:fe:db:81:d0:d6:f5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8761bf640000ceca2d94a36cec8536a1d1a9947a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e1:15:6c:46:af:8f:32:8f:f1:00:9d:a5:5f:
a1:a3:a7:69:45:73:d2:53:7a:f4:65:b6:03:ca:3a:
f2:74:8e:3e:82:6f:49:f1:27:48:08:b7:fb:a6:68:
c9:31:75:81:b8:90:be:de:7d:ca:b0:3a:f1:87:8a:
3c:f7:5f:8e:9a:3c:eb:e1:55:61:d5:62:a6:7f:8d:
10:53:e8:93:5d:df:94:10:9d:90:b4:22:6e:18:67:
68:e8:a8:91:51:54:05:04:20:e8:b0:ad:ad:b7:57:
b1:df:89:16:96:63:d7:be:f4:f8:4d:8c:bc:86:f2:
9c:51:ff:f7:4d:cf:9e:28:f3:17:1c:c0:3b:bb:d8:
a6:0f:49:2a:fd:b0:51:bb:ad:01:17:4c:48:13:65:
2e:c3:ae:6a:d1:43:90:c7:38:6b:86:6c:79:b6:32:
28:b0:4c:8d:78:92:9c:a6:79:9c:d2:45:6a:3e:71:
b5:52:ec:ea:90:e4:50:cf:9b:c7:a5:36:ec:02:5d:
c9:2d:21:28:52:9c:e8:d5:0d:6a:3f:2a:f8:62:28:
f3:b3:70:d5:9e:ff:8a:0a:cc:93:ac:87:85:5f:21:
74:5b:c2:2f:a2:38:cb:ec:a0:b5:48:01:df:40:83:
05:7a:10:16:1d:5a:3f:85:c2:fe:68:c4:94:84:d4:
3c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:61:BF:64:00:00:CE:CA:2D:94:A3:6C:EC:85:36:A1:D1:A9:94:7A
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/h2G_ZAAAzsotlKNs7IU2odGplHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:ec02::/31
Signature Algorithm: sha256WithRSAEncryption
38:bc:5f:8a:e6:98:63:a5:fa:67:c3:e2:3c:77:f6:8b:9a:df:
f9:de:ae:54:e8:29:ee:cc:7c:f8:92:81:62:3c:d0:ee:43:a0:
79:25:31:79:c7:15:85:79:89:41:76:00:3a:40:75:58:47:7c:
48:1e:8d:53:05:ea:d1:5d:54:80:12:de:ed:37:3e:94:06:c6:
82:c6:94:9f:ea:a6:34:6e:b0:0b:d8:0c:0e:2b:58:74:d4:ef:
93:88:30:39:a0:27:d1:08:c9:0c:ca:9c:85:fe:ef:98:bc:93:
ac:40:5e:37:67:7c:16:75:80:57:57:31:6c:84:b2:e3:49:71:
17:a6:0d:3d:d7:f7:aa:da:fd:3e:8b:48:d8:99:24:1d:a5:7b:
35:50:90:0f:ee:63:b6:27:5f:6e:0f:16:08:26:af:64:d8:87:
1f:83:3e:fd:71:f8:c7:d7:41:5f:86:fa:d7:5a:9e:1d:76:e2:
b6:a0:4a:af:30:b0:d9:1a:a9:c5:40:19:bf:85:43:b8:ce:c0:
b1:c8:07:d5:04:b9:c6:5a:02:2a:41:6c:63:78:c8:8b:99:ea:
53:80:7d:24:82:25:cc:1d:a6:8d:08:8e:64:d2:15:11:59:d0:
fc:65:3c:37:1d:18:2a:f1:0c:c1:fa:be:df:f3:11:a4:c8:29:
5c:56:c2:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtpMURcj/zp7+24HQ1vWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYxYmY2NDAwMDBjZWNhMmQ5NGEzNmNlYzg1MzZhMWQxYTk5NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOEVbEavjzKP8QCdpV+ho6dpRXPS
U3r0ZbYDyjrydI4+gm9J8SdICLf7pmjJMXWBuJC+3n3KsDrxh4o891+Omjzr4VVh
1WKmf40QU+iTXd+UEJ2QtCJuGGdo6KiRUVQFBCDosK2tt1ex34kWlmPXvvT4TYy8
hvKcUf/3Tc+eKPMXHMA7u9imD0kq/bBRu60BF0xIE2Uuw65q0UOQxzhrhmx5tjIo
sEyNeJKcpnmc0kVqPnG1UuzqkORQz5vHpTbsAl3JLSEoUpzo1Q1qPyr4Yijzs3DV
nv+KCsyTrIeFXyF0W8IvojjL7KC1SAHfQIMFehAWHVo/hcL+aMSUhNQ8FQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIdhv2QAAM7KLZSjbOyFNqHRqZR6MB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvaDJHX1pBQUF6c290bEtOczdJVTJvZEdwbEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKg7sAjAN
BgkqhkiG9w0BAQsFAAOCAQEAOLxfiuaYY6X6Z8PiPHf2i5rf+d6uVOgp7sx8+JKB
YjzQ7kOgeSUxeccVhXmJQXYAOkB1WEd8SB6NUwXq0V1UgBLe7Tc+lAbGgsaUn+qm
NG6wC9gMDitYdNTvk4gwOaAn0QjJDMqchf7vmLyTrEBeN2d8FnWAV1cxbISy40lx
F6YNPdf3qtr9PotI2JkkHaV7NVCQD+5jtidfbg8WCCavZNiHH4M+/XH4x9dBX4b6
11qeHXbitqBKrzCw2RqpxUAZv4VDuM7AscgH1QS5xloCKkFsY3jIi5nqU4B9JIIl
zB2mjQiOZNIVEVnQ/GU8Nx0YKvEMwfq+3/MRpMgpXFbCFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org