Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Z2gLLZ_AQ3Z8a_riSHtsriNiGq8.roa
File: Z2gLLZ_AQ3Z8a_riSHtsriNiGq8.roa (raw, json)
Hash identifier: e3zTJ/D0dSgQ1tq1I288MNIreQ4Anwx3OTNTRFzRUOA=
Subject key identifier: 67:68:0B:2D:9F:C0:43:76:7C:6B:FA:E2:48:7B:6C:AE:23:62:1A:AF
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01856E141E009AD60171FE973324BF627C29
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Z2gLLZ_AQ3Z8a_riSHtsriNiGq8.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207134
IP address blocks: 2a00:8860:500::/40 maxlen: 64
2a00:8861:500::/40 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1e:00:9a:d6:01:71:fe:97:33:24:bf:62:7c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67680b2d9fc043767c6bfae2487b6cae23621aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:46:ab:e4:ad:10:f4:f4:80:5b:19:06:cf:97:
4c:32:cf:3d:2f:93:90:3f:de:8a:68:75:70:b1:91:
fb:ba:74:e4:07:64:37:a6:e3:e0:fc:64:86:0d:20:
cc:e6:3e:8e:e2:65:38:fe:ff:cf:10:de:8f:29:9c:
b7:96:d2:b4:c0:0c:97:7a:c2:8a:73:da:29:b2:c9:
7a:a5:a1:54:34:a9:08:06:ce:d9:7d:f8:eb:bd:b5:
1d:b5:76:32:4e:8b:a0:eb:b0:0c:6f:a6:0c:46:c7:
a5:ec:36:44:5e:7d:b6:8f:0c:48:6a:6a:b0:53:fd:
bb:9b:ed:e5:c0:d8:31:70:73:1b:4a:49:6a:4f:9c:
6a:e4:e8:2c:e6:34:74:b3:b2:4b:36:0f:4a:4d:e1:
71:1f:d7:ed:21:1c:ce:e8:e8:14:df:c4:53:92:ab:
8c:e7:96:73:f5:cf:d1:f1:79:85:35:7a:d2:d2:a8:
f3:cc:25:49:6d:1b:07:0d:60:49:97:3d:32:e1:a0:
d7:2a:0b:6a:85:20:12:34:0d:9b:fc:f4:d2:39:fd:
2c:f4:4c:15:c5:e8:fc:db:cd:52:f9:f4:c9:ea:61:
75:e5:64:59:53:91:0a:41:dd:27:62:a1:71:9a:84:
ef:b8:a6:ca:70:75:d4:d3:35:3f:bf:f1:80:e7:07:
b5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:68:0B:2D:9F:C0:43:76:7C:6B:FA:E2:48:7B:6C:AE:23:62:1A:AF
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Z2gLLZ_AQ3Z8a_riSHtsriNiGq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:500::/40
2a00:8861:500::/40
Signature Algorithm: sha256WithRSAEncryption
85:56:cc:72:77:a0:2e:46:d2:0a:92:11:23:51:94:79:07:3c:
d4:89:b2:bd:3c:77:f0:6f:a6:30:31:d8:03:6b:af:86:0e:91:
14:fd:36:16:8f:d3:69:97:c6:1f:7a:55:64:be:95:2f:a4:73:
37:53:7a:f4:b6:f8:3a:5e:a4:e5:4e:ce:cb:09:dc:bb:77:1f:
b2:73:a5:14:21:18:42:c0:d6:a8:ec:a5:69:f6:f3:15:74:a7:
75:dc:10:6f:f4:d5:a7:3c:79:e3:52:da:6f:cc:a6:72:ca:2a:
61:08:4f:4e:3d:e1:5e:4b:a4:7e:83:ed:b5:ae:d8:81:00:52:
38:f5:1e:0e:f1:54:20:a2:ae:40:47:82:9f:ec:76:d9:52:e6:
5f:56:57:cf:de:93:ac:1c:f1:5d:40:c3:9a:7f:11:ba:98:f4:
8f:4e:65:0c:ed:66:68:f7:f5:77:c5:0a:fd:37:a3:4d:d5:d6:
5b:c3:7e:8b:e5:be:c3:d1:ac:53:b3:5f:4a:12:eb:a4:e1:9b:
f4:7c:54:e7:b8:b0:06:28:27:31:e8:3c:ca:86:c5:4f:c3:e3:
2c:d5:bc:5c:42:90:7f:9c:c5:ad:a1:5a:87:49:94:3a:2f:99:
5e:af:a2:b1:74:c6:a1:71:9f:9e:5e:5b:4b:b4:06:b7:e7:5e:
0b:66:6a:03
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVuFB4AmtYBcf6XMyS/YnwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY4MGIyZDlmYzA0Mzc2N2M2YmZhZTI0ODdiNmNhZTIzNjIxYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkar5K0Q9PSAWxkGz5dMMs89L5OQ
P96KaHVwsZH7unTkB2Q3puPg/GSGDSDM5j6O4mU4/v/PEN6PKZy3ltK0wAyXesKK
c9opssl6paFUNKkIBs7ZffjrvbUdtXYyToug67AMb6YMRsel7DZEXn22jwxIamqw
U/27m+3lwNgxcHMbSklqT5xq5Ogs5jR0s7JLNg9KTeFxH9ftIRzO6OgU38RTkquM
55Zz9c/R8XmFNXrS0qjzzCVJbRsHDWBJlz0y4aDXKgtqhSASNA2b/PTSOf0s9EwV
xej8281S+fTJ6mF15WRZU5EKQd0nYqFxmoTvuKbKcHXU0zU/v/GA5we1nQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGdoCy2fwEN2fGv64kh7bK4jYhqvMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvWjJnTExaX0FRM1o4YV9yaVNIdHNyaU5pR3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAUD
BgAqAIhhBTANBgkqhkiG9w0BAQsFAAOCAQEAhVbMcnegLkbSCpIRI1GUeQc81Imy
vTx38G+mMDHYA2uvhg6RFP02Fo/TaZfGH3pVZL6VL6RzN1N69Lb4Ol6k5U7Oywnc
u3cfsnOlFCEYQsDWqOylafbzFXSnddwQb/TVpzx541Lab8ymcsoqYQhPTj3hXkuk
foPtta7YgQBSOPUeDvFUIKKuQEeCn+x22VLmX1ZXz96TrBzxXUDDmn8Rupj0j05l
DO1maPf1d8UK/TejTdXWW8N+i+W+w9GsU7NfShLrpOGb9HxU57iwBignMeg8yobF
T8PjLNW8XEKQf5zFraFah0mUOi+ZXq+isXTGoXGfnl5bS7QGt+deC2ZqAw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:43 2024 by rpki-client on console-fra.rpki-client.org