Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/z9oDt2SxXtTf1YsiXPMbiyv74ns.roa
File: z9oDt2SxXtTf1YsiXPMbiyv74ns.roa (raw, json)
Hash identifier: Ua4XcVcrTe1qEvcReraDdQ1MUEJuagFaeN5nTZlJR6I=
Subject key identifier: CF:DA:03:B7:64:B1:5E:D4:DF:D5:8B:22:5C:F3:1B:8B:2B:FB:E2:7B
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018B4A4FA6CF95D56B2D29EE173B6232FE61
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/z9oDt2SxXtTf1YsiXPMbiyv74ns.roa
Signing time: Thu 19 Oct 2023 23:40:15 +0000
ROA not before: Thu 19 Oct 2023 23:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62651
IP address blocks: 2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4a:4f:a6:cf:95:d5:6b:2d:29:ee:17:3b:62:32:fe:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Oct 19 23:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfda03b764b15ed4dfd58b225cf31b8b2bfbe27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:c3:ff:f0:7c:2c:3c:82:7b:d6:03:f3:e7:
b9:ed:8e:d9:ed:76:98:cc:13:d0:92:ac:38:ed:e5:
a2:86:9f:f9:91:78:2e:5d:ea:a6:f4:71:de:a1:c9:
cb:70:17:06:8f:13:2d:28:fc:1e:f4:a2:5c:56:f3:
c7:77:3c:6f:93:5e:88:5b:91:20:f9:e0:5e:75:8a:
e0:5d:c0:05:ba:2d:aa:77:79:a0:28:9b:d5:9f:4b:
71:54:45:aa:8f:88:27:97:e4:77:cd:78:83:d6:72:
fb:8a:7c:6a:74:0e:2e:b5:cb:b3:06:7a:87:8b:80:
b9:16:d4:fa:ad:ad:2c:3c:06:a7:b0:0f:20:89:b8:
08:0a:39:81:ef:71:9e:84:49:01:77:61:6a:48:16:
5e:9f:89:77:16:49:0e:37:10:47:70:c5:1d:d8:29:
60:f6:6e:56:6e:1a:c8:e7:02:b8:88:a6:1a:52:f4:
d9:a7:f8:ee:33:3c:60:de:fe:55:99:ac:ec:bc:19:
72:82:79:29:23:3a:c9:1f:8a:66:7a:68:b6:c7:d8:
dd:ae:78:d3:4c:bc:6d:ec:cb:48:12:8d:8b:eb:c5:
cf:8c:27:23:0e:a5:6c:d0:d4:e1:8a:20:17:2e:56:
a3:73:d6:4e:2c:cc:b0:a0:92:b3:aa:cb:24:97:4e:
73:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DA:03:B7:64:B1:5E:D4:DF:D5:8B:22:5C:F3:1B:8B:2B:FB:E2:7B
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/z9oDt2SxXtTf1YsiXPMbiyv74ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
Signature Algorithm: sha256WithRSAEncryption
29:1d:df:48:e5:5b:9d:5c:36:e6:dd:b5:ab:04:4e:a0:47:c7:
35:ff:99:60:85:6e:a3:2c:6a:f5:cb:8d:d3:3f:65:4c:4a:4c:
87:a7:61:f2:40:a7:b0:24:f7:9e:dd:e1:ee:05:db:ca:13:03:
44:b1:0c:88:ea:1c:64:ef:58:a9:37:8d:1f:3f:78:2b:1f:9e:
ad:70:52:fd:4d:f9:a9:48:4e:a4:6c:e7:0b:72:78:34:31:42:
9d:37:7f:f0:be:50:f1:0c:e2:bf:c0:84:51:15:2b:1d:86:51:
0e:e3:44:01:34:71:bb:96:61:04:db:4a:05:de:c0:4e:65:aa:
23:3d:db:da:98:03:e2:8a:0b:cb:bf:63:34:36:75:2e:35:2f:
98:22:d2:e3:a2:85:0b:44:98:85:a2:5b:cb:76:06:78:7f:7b:
55:1a:e7:57:3a:c3:80:ca:41:61:8d:e6:cd:71:e3:0e:b9:4a:
d3:1d:7e:2d:fc:b9:fe:cd:eb:2b:c6:92:02:67:2e:ec:b7:ae:
c1:d4:69:36:97:50:cf:ae:ae:e9:ae:c2:1e:0d:ed:9f:d3:e0:
70:d8:c5:f3:ef:2b:c2:29:7a:d2:90:6b:cc:33:b3:73:d7:a5:
84:19:a2:3f:f1:07:47:45:86:e5:2b:86:86:3c:3a:87:9f:74:
5f:72:83:b0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtKT6bPldVrLSnuFztiMv5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjMxMDE5MjM0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRhMDNiNzY0YjE1ZWQ0ZGZkNThiMjI1Y2YzMWI4YjJiZmJlMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5bD//B8LDyCe9YD8+e57Y7Z7XaY
zBPQkqw47eWihp/5kXguXeqm9HHeocnLcBcGjxMtKPwe9KJcVvPHdzxvk16IW5Eg
+eBedYrgXcAFui2qd3mgKJvVn0txVEWqj4gnl+R3zXiD1nL7inxqdA4utcuzBnqH
i4C5FtT6ra0sPAansA8gibgICjmB73GehEkBd2FqSBZen4l3FkkONxBHcMUd2Clg
9m5WbhrI5wK4iKYaUvTZp/juMzxg3v5VmazsvBlygnkpIzrJH4pmemi2x9jdrnjT
TLxt7MtIEo2L68XPjCcjDqVs0NThiiAXLlajc9ZOLMywoJKzqsskl05zJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM/aA7dksV7U39WLIlzzG4sr++J7MB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvejlvRHQyU3hYdFRmMVlzaVhQTWJpeXY3NG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwYAKgPvwBcD
BgAqA+/AIwMGACoD78AlAwYAKgPvwCcwDQYJKoZIhvcNAQELBQADggEBACkd30jl
W51cNubdtasETqBHxzX/mWCFbqMsavXLjdM/ZUxKTIenYfJAp7Ak957d4e4F28oT
A0SxDIjqHGTvWKk3jR8/eCsfnq1wUv1N+alITqRs5wtyeDQxQp03f/C+UPEM4r/A
hFEVKx2GUQ7jRAE0cbuWYQTbSgXewE5lqiM929qYA+KKC8u/YzQ2dS41L5gi0uOi
hQtEmIWiW8t2Bnh/e1Ua51c6w4DKQWGN5s1x4w65StMdfi38uf7N6yvGkgJnLuy3
rsHUaTaXUM+urumuwh4N7Z/T4HDYxfPvK8IpetKQa8wzs3PXpYQZoj/xB0dFhuUr
hoY8OoefdF9yg7A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org