Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/zpDqQKZIx_aKyk-HcqmMXrx2CKI.roa
File: zpDqQKZIx_aKyk-HcqmMXrx2CKI.roa (raw, json)
Hash identifier: D9JQ3J0LOuMw8r4rlecPh86B8ea/Br7renBc7l8a4pk=
Subject key identifier: CE:90:EA:40:A6:48:C7:F6:8A:CA:4F:87:72:A9:8C:5E:BC:76:08:A2
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 01856F024AA506AC79BB1E17A54B954B99E4
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/zpDqQKZIx_aKyk-HcqmMXrx2CKI.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14478
IP address blocks: 2a0c:2f07:72::/48 maxlen: 48
2a0c:2f07:73::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4a:a5:06:ac:79:bb:1e:17:a5:4b:95:4b:99:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce90ea40a648c7f68aca4f8772a98c5ebc7608a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0e:45:7e:80:04:21:20:16:23:22:dd:02:18:
6c:fb:c6:de:b3:8e:ad:3e:ee:b4:6c:0b:8a:d2:71:
d1:8f:dd:35:9e:41:64:03:81:61:71:ce:6a:fc:34:
a0:b0:43:ce:3f:83:cb:a7:e3:7c:55:c1:a0:1d:6d:
91:58:3d:01:57:c7:2e:8c:e6:f8:8d:7b:76:37:07:
fc:05:db:a0:4a:67:27:6b:41:9d:0b:7f:cf:92:4a:
a7:78:84:1f:e4:12:ac:31:14:59:38:2a:3f:8f:69:
aa:aa:88:a1:d1:a3:0e:b5:83:7a:f2:81:7e:02:8a:
eb:4e:30:cc:75:e2:77:7d:c8:ea:9a:41:42:04:d9:
d0:c6:02:e7:fd:a7:65:46:c4:7f:5e:7d:d9:76:f8:
b4:06:02:cb:0e:78:49:f6:af:68:5e:80:97:42:19:
25:39:3b:01:b3:f6:1d:90:40:45:92:63:dc:6f:8a:
d6:44:c6:36:98:3a:eb:69:3a:79:c2:91:f5:57:d9:
54:08:21:79:31:84:b3:5d:32:9c:27:58:00:60:86:
0d:86:85:02:5f:17:f3:13:42:91:da:70:c2:92:6e:
1e:94:e3:e5:8e:41:7e:3b:f5:d7:79:01:2f:7e:d6:
0e:b1:7e:04:fb:7e:32:c8:0d:71:15:d9:8b:74:a9:
a4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:90:EA:40:A6:48:C7:F6:8A:CA:4F:87:72:A9:8C:5E:BC:76:08:A2
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/zpDqQKZIx_aKyk-HcqmMXrx2CKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2f07:72::/47
Signature Algorithm: sha256WithRSAEncryption
ca:df:90:cf:c7:35:74:d5:ab:f7:fd:0f:ff:61:03:b3:3f:01:
cd:fc:8f:72:df:bc:cc:98:4a:c2:8a:ba:a4:32:aa:7e:36:ba:
05:5f:20:04:75:70:15:f9:40:f9:54:f7:97:62:bf:7f:67:74:
97:eb:d1:ef:de:cf:ad:8c:37:be:90:c3:ec:01:6d:a4:fb:d1:
5f:d4:af:d0:51:1b:15:40:bd:0a:9c:37:ff:bb:76:d5:d7:d9:
46:db:11:ed:ca:0b:6b:ea:7f:b9:c1:df:55:dc:40:9a:25:d2:
85:74:c1:ef:df:36:1b:ad:d5:b5:e0:ac:af:55:df:08:c9:12:
45:07:43:c9:15:c3:8f:ae:14:0c:1e:9e:b4:1a:f7:38:13:a9:
5c:0f:0f:de:0b:e8:36:2c:34:9a:3e:f2:24:5f:e8:38:5f:d0:
e4:f2:af:bd:e4:11:24:c8:22:d4:2b:26:c2:30:c7:29:25:cb:
a4:bd:1b:29:fd:39:b1:f7:20:38:ea:69:0c:f1:d5:46:87:50:
6c:d0:35:d9:fe:d1:62:cf:2d:0f:6a:ad:67:2b:d3:ee:c4:0f:
77:77:09:ed:6a:0d:03:fa:14:4f:79:eb:b1:f6:86:0c:91:fb:
f7:49:ef:ec:f8:29:fb:89:61:a2:11:67:28:e8:51:63:b6:2f:
9f:6c:c8:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvAkqlBqx5ux4XpUuVS5nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTkwZWE0MGE2NDhjN2Y2OGFjYTRmODc3MmE5OGM1ZWJjNzYwOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA5FfoAEISAWIyLdAhhs+8bes46t
Pu60bAuK0nHRj901nkFkA4Fhcc5q/DSgsEPOP4PLp+N8VcGgHW2RWD0BV8cujOb4
jXt2Nwf8BdugSmcna0GdC3/PkkqneIQf5BKsMRRZOCo/j2mqqoih0aMOtYN68oF+
AorrTjDMdeJ3fcjqmkFCBNnQxgLn/adlRsR/Xn3Zdvi0BgLLDnhJ9q9oXoCXQhkl
OTsBs/YdkEBFkmPcb4rWRMY2mDrraTp5wpH1V9lUCCF5MYSzXTKcJ1gAYIYNhoUC
XxfzE0KR2nDCkm4elOPljkF+O/XXeQEvftYOsX4E+34yyA1xFdmLdKmkNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM6Q6kCmSMf2ispPh3KpjF68dgiiMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvenBEcVFLWkl4X2FLeWstSGNxbU1YcngyQ0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgwvBwBy
MA0GCSqGSIb3DQEBCwUAA4IBAQDK35DPxzV01av3/Q//YQOzPwHN/I9y37zMmErC
irqkMqp+NroFXyAEdXAV+UD5VPeXYr9/Z3SX69Hv3s+tjDe+kMPsAW2k+9Ff1K/Q
URsVQL0KnDf/u3bV19lG2xHtygtr6n+5wd9V3ECaJdKFdMHv3zYbrdW14KyvVd8I
yRJFB0PJFcOPrhQMHp60Gvc4E6lcDw/eC+g2LDSaPvIkX+g4X9Dk8q+95BEkyCLU
KybCMMcpJcukvRsp/Tmx9yA46mkM8dVGh1Bs0DXZ/tFizy0Paq1nK9PuxA93dwnt
ag0D+hRPeeux9oYMkfv3Se/s+Cn7iWGiEWco6FFjti+fbMgg
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:54 2024 by rpki-client on console-ams.rpki-client.org