Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Z2q6LvvdxaPxVDEUYPY4a2nT2XI.roa
File: Z2q6LvvdxaPxVDEUYPY4a2nT2XI.roa (raw, json)
Hash identifier: +7OZPPJrXzePnbAlPbEqBMspu65VePUBsdvVQVcqM+0=
Subject key identifier: 67:6A:BA:2E:FB:DD:C5:A3:F1:54:31:14:60:F6:38:6B:69:D3:D9:72
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01909E9EA12C24D3019EF9A91AF9F40A6625
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Z2q6LvvdxaPxVDEUYPY4a2nT2XI.roa
Signing time: Wed 10 Jul 2024 21:48:34 +0000
ROA not before: Wed 10 Jul 2024 21:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a09:8b80::/29 maxlen: 29
2a0a:bbc0::/29 maxlen: 29
2a0d:f640::/29 maxlen: 29
2a0e:6740::/29 maxlen: 29
2a0e:9180::/29 maxlen: 29
2a0e:c440::/29 maxlen: 29
2a12:1a40::/29 maxlen: 29
2a12:2e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:9e:a1:2c:24:d3:01:9e:f9:a9:1a:f9:f4:0a:66:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jul 10 21:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676aba2efbddc5a3f154311460f6386b69d3d972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c5:c0:b9:d7:f4:52:cf:90:b8:bd:db:4a:9e:
7e:21:e2:6d:04:c1:fb:08:a5:d5:ad:ae:be:d6:01:
75:da:8d:13:59:da:d8:f1:b5:44:4d:c4:50:3f:f9:
f0:b9:ed:e6:09:e7:ee:a6:35:62:c7:a2:8d:be:73:
f8:49:b7:2e:e0:76:04:77:46:d1:18:38:0f:75:ec:
7b:62:cd:80:d8:02:36:bb:c8:cf:21:1a:0b:af:de:
c9:1c:f3:b1:38:7c:f2:ea:d4:93:9f:01:43:6e:db:
64:25:18:36:49:d7:91:17:11:2b:f0:73:22:ff:37:
db:81:72:76:eb:72:12:2c:ca:3a:9a:3a:4e:77:00:
bb:9f:41:f1:49:9c:ee:a3:a4:09:bc:9a:43:c0:1b:
29:b5:a3:9b:24:b3:b3:4d:ce:5b:f7:a3:de:2f:81:
61:dc:fb:93:95:76:f0:e3:61:b2:d4:07:7c:f7:21:
d6:e0:1b:80:ca:0a:8b:e6:f5:12:96:4c:98:b5:59:
de:7d:0b:66:47:e0:18:ac:43:63:19:49:50:93:b4:
e4:1c:5b:35:88:14:ab:41:b7:a6:83:99:6c:f7:87:
b3:cc:98:b9:45:9c:35:e8:c2:b1:62:bd:0c:13:b8:
80:42:34:01:4a:34:c6:dc:b2:e1:3f:c5:d3:ee:04:
c3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6A:BA:2E:FB:DD:C5:A3:F1:54:31:14:60:F6:38:6B:69:D3:D9:72
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Z2q6LvvdxaPxVDEUYPY4a2nT2XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b80::/29
2a0a:bbc0::/29
2a0d:f640::/29
2a0e:6740::/29
2a0e:9180::/29
2a0e:c440::/29
2a12:1a40::/29
2a12:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
62:ff:06:ee:3a:3d:53:ac:10:b3:b7:c7:76:72:32:d0:a0:3d:
8e:ae:d3:3f:6d:85:22:3d:6d:49:51:f2:56:b6:1e:f6:22:15:
38:a6:fb:47:89:37:76:be:a4:ce:06:11:be:38:97:12:2e:1a:
b0:b8:e7:87:b6:63:bc:b3:57:7e:ac:79:3f:8c:f6:5c:86:b7:
62:c5:dc:a8:45:3f:63:7e:41:2d:df:6e:b7:7d:13:fe:f4:77:
eb:2d:6d:4b:d0:45:af:0d:84:58:c5:be:e0:45:30:b5:ea:eb:
4b:a8:8a:1d:73:91:04:ec:92:96:fc:36:4d:50:ff:e5:43:72:
93:96:da:13:ec:93:ab:8b:da:22:3a:8d:93:8b:7c:8c:70:65:
43:5c:62:6b:ff:47:31:c1:b0:46:13:c3:d5:b6:88:81:04:8c:
b2:48:80:83:8d:b9:ef:1b:d8:42:5a:9d:f5:45:62:f1:93:b0:
4a:f8:fb:18:5b:f0:a0:7d:ca:cf:56:82:9b:5d:ca:09:6f:cb:
69:40:19:50:b2:3d:86:43:02:85:10:fc:eb:49:6e:4f:d8:7b:
53:fd:15:5f:94:04:b3:fe:be:ba:28:26:90:8e:42:bc:84:2c:
c4:96:33:12:89:fb:2f:df:5b:d2:c7:a5:cc:3f:a1:a7:29:69:
4a:a8:92:e7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZCenqEsJNMBnvmpGvn0CmYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwNzEwMjE0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZhYmEyZWZiZGRjNWEzZjE1NDMxMTQ2MGY2Mzg2YjY5ZDNkOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMXAudf0Us+QuL3bSp5+IeJtBMH7
CKXVra6+1gF12o0TWdrY8bVETcRQP/nwue3mCefupjVix6KNvnP4Sbcu4HYEd0bR
GDgPdex7Ys2A2AI2u8jPIRoLr97JHPOxOHzy6tSTnwFDbttkJRg2SdeRFxEr8HMi
/zfbgXJ263ISLMo6mjpOdwC7n0HxSZzuo6QJvJpDwBsptaObJLOzTc5b96PeL4Fh
3PuTlXbw42Gy1Ad89yHW4BuAygqL5vUSlkyYtVnefQtmR+AYrENjGUlQk7TkHFs1
iBSrQbemg5ls94ezzJi5RZw16MKxYr0ME7iAQjQBSjTG3LLhP8XT7gTDLwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGdqui773cWj8VQxFGD2OGtp09lyMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvWjJxNkx2dmR4YVB4VkRFVVlQWTRhMm5UMlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgmLgAMF
AyoKu8ADBQMqDfZAAwUDKg5nQAMFAyoOkYADBQMqDsRAAwUDKhIaQAMFAyoSLkAw
DQYJKoZIhvcNAQELBQADggEBAGL/Bu46PVOsELO3x3ZyMtCgPY6u0z9thSI9bUlR
8la2HvYiFTim+0eJN3a+pM4GEb44lxIuGrC454e2Y7yzV36seT+M9lyGt2LF3KhF
P2N+QS3fbrd9E/70d+stbUvQRa8NhFjFvuBFMLXq60uoih1zkQTskpb8Nk1Q/+VD
cpOW2hPsk6uL2iI6jZOLfIxwZUNcYmv/RzHBsEYTw9W2iIEEjLJIgIONue8b2EJa
nfVFYvGTsEr4+xhb8KB9ys9Wgptdyglvy2lAGVCyPYZDAoUQ/OtJbk/Ye1P9FV+U
BLP+vrooJpCOQryELMSWMxKJ+y/fW9LHpcw/oacpaUqokuc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:13 2025 by rpki-client