Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2zh3wDS21Sr9SZ0QXGcJsNCxHBw.roa
File: 2zh3wDS21Sr9SZ0QXGcJsNCxHBw.roa (raw, json)
Hash identifier: Ug43HqndwF539C8k9NNrYj12uR3/sm9CR3ifM4AyOXo=
Subject key identifier: DB:38:77:C0:34:B6:D5:2A:FD:49:9D:10:5C:67:09:B0:D0:B1:1C:1C
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 01856C415A33A83599AB1FFDD49BF80E9B71
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2zh3wDS21Sr9SZ0QXGcJsNCxHBw.roa
Signing time: Sun 01 Jan 2023 07:35:00 +0000
ROA not before: Sun 01 Jan 2023 07:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a05:1087::/32 maxlen: 48
2a0d:2585::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 May 2023 17:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:5a:33:a8:35:99:ab:1f:fd:d4:9b:f8:0e:9b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 07:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db3877c034b6d52afd499d105c6709b0d0b11c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d3:1c:97:ad:b3:ba:a4:42:fe:e1:cb:d4:b9:
c1:7f:90:d3:36:4b:64:e9:bb:4e:1f:43:42:67:37:
4e:75:b5:23:5e:12:61:7b:08:a6:e8:73:c6:3e:4c:
bf:56:95:a7:93:e0:d1:07:6a:54:be:b6:df:de:0e:
48:39:0d:90:86:5b:9e:33:b1:7c:fc:3d:eb:6f:9a:
fa:cd:84:92:f4:c2:fa:24:92:12:76:1b:48:39:b8:
9f:7a:7f:e7:ee:17:aa:75:43:89:6e:d2:6b:23:1e:
63:b4:78:d2:d4:f4:c8:26:2f:c4:24:bb:32:35:a5:
f5:1a:cf:94:c2:24:dc:55:58:f0:61:c2:1d:3e:88:
a0:ed:37:09:f3:6f:af:07:08:8c:8d:81:eb:f0:81:
10:32:d9:53:cf:65:30:03:bf:b0:80:28:54:8e:12:
f9:13:a9:6e:e1:2e:4e:a3:4f:ce:ea:88:2d:f1:cf:
a5:e2:2c:27:19:06:1f:3a:21:83:34:b9:17:62:4c:
b5:32:6c:67:ec:c9:77:a0:d0:23:ae:d9:09:ce:18:
1d:4d:34:11:13:c4:99:20:47:9c:60:b0:ed:a6:4e:
7d:c2:24:ef:0c:a9:cf:2e:c2:66:4d:6b:4e:4d:9e:
75:72:e4:28:80:28:4f:47:76:54:5e:8b:10:2d:04:
00:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:38:77:C0:34:B6:D5:2A:FD:49:9D:10:5C:67:09:B0:D0:B1:1C:1C
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2zh3wDS21Sr9SZ0QXGcJsNCxHBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1087::/32
2a0d:2585::/32
Signature Algorithm: sha256WithRSAEncryption
5d:2c:e7:83:87:02:cc:b8:af:2a:f2:f8:87:45:c3:6a:b7:6e:
c1:55:02:0f:ed:91:24:ab:bc:00:d3:2a:07:e7:9c:8b:90:11:
1d:1d:d0:0e:24:38:57:72:c6:80:75:62:e9:48:9b:56:24:d0:
de:2f:00:51:94:b8:8e:47:32:a9:72:f9:d2:16:e7:79:cc:f0:
58:4c:44:72:03:fb:1b:6a:15:61:f3:ea:91:21:3b:c2:ec:38:
98:18:3f:67:6b:79:54:97:60:ef:3b:a4:75:d8:0a:c5:cc:cb:
37:a6:5a:a4:e1:84:65:7c:06:3d:4f:53:d7:5c:f9:e3:8f:84:
4e:2a:45:78:0f:27:6d:f6:66:a1:67:e9:c5:b7:50:1e:97:08:
2f:f1:62:64:47:90:76:d8:46:92:14:89:b1:c5:75:48:31:7e:
5d:f2:81:f0:a0:c5:36:a6:1b:37:d0:3a:06:ab:1e:a5:6e:66:
e7:1b:f7:84:68:20:7e:bc:d0:e0:10:a4:53:43:7c:95:f5:40:
02:ad:75:2b:61:8f:d6:e4:1f:a8:33:2d:89:db:cc:3f:e7:5e:
c5:b5:bb:66:33:0d:eb:2c:04:2d:14:ef:eb:a6:88:98:91:cf:
e4:45:6d:0a:cd:9d:af:85:f0:dd:20:f3:91:16:b6:30:62:a0:
db:a4:02:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsQVozqDWZqx/91Jv4DptxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMwMTAxMDczNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM4NzdjMDM0YjZkNTJhZmQ0OTlkMTA1YzY3MDliMGQwYjExYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndMcl62zuqRC/uHL1LnBf5DTNktk
6btOH0NCZzdOdbUjXhJhewim6HPGPky/VpWnk+DRB2pUvrbf3g5IOQ2QhlueM7F8
/D3rb5r6zYSS9ML6JJISdhtIObifen/n7heqdUOJbtJrIx5jtHjS1PTIJi/EJLsy
NaX1Gs+UwiTcVVjwYcIdPoig7TcJ82+vBwiMjYHr8IEQMtlTz2UwA7+wgChUjhL5
E6lu4S5Oo0/O6ogt8c+l4iwnGQYfOiGDNLkXYky1Mmxn7Ml3oNAjrtkJzhgdTTQR
E8SZIEecYLDtpk59wiTvDKnPLsJmTWtOTZ51cuQogChPR3ZUXosQLQQA5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNs4d8A0ttUq/UmdEFxnCbDQsRwcMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvMnpoM3dEUzIxU3I5U1owUVhHY0pzTkN4SEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgUQhwMF
ACoNJYUwDQYJKoZIhvcNAQELBQADggEBAF0s54OHAsy4ryry+IdFw2q3bsFVAg/t
kSSrvADTKgfnnIuQER0d0A4kOFdyxoB1YulIm1Yk0N4vAFGUuI5HMqly+dIW53nM
8FhMRHID+xtqFWHz6pEhO8LsOJgYP2dreVSXYO87pHXYCsXMyzemWqThhGV8Bj1P
U9dc+eOPhE4qRXgPJ232ZqFn6cW3UB6XCC/xYmRHkHbYRpIUibHFdUgxfl3ygfCg
xTamGzfQOgarHqVuZucb94RoIH680OAQpFNDfJX1QAKtdSthj9bkH6gzLYnbzD/n
XsW1u2YzDessBC0U7+umiJiRz+RFbQrNna+F8N0g85EWtjBioNukAn0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:48 2024 by rpki-client on console-ams.rpki-client.org