Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z20VipLTtlKKQF94bE7ckM14qpo.roa
File: z20VipLTtlKKQF94bE7ckM14qpo.roa (raw, json)
Hash identifier: U5Dh0kRLgIGa7iiRCoRRrFgR6EttP9zNx9Nvb2EbsRM=
Subject key identifier: CF:6D:15:8A:92:D3:B6:52:8A:40:5F:78:6C:4E:DC:90:CD:78:AA:9A
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FEBC9A36E9978934BB901355FAB6C
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z20VipLTtlKKQF94bE7ckM14qpo.roa
Signing time: Sun 01 Jan 2023 21:14:49 +0000
ROA not before: Sun 01 Jan 2023 21:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205298
IP address blocks: 2a0e:aa01:ab04::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:eb:c9:a3:6e:99:78:93:4b:b9:01:35:5f:ab:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf6d158a92d3b6528a405f786c4edc90cd78aa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8f:2d:ab:f6:99:56:e1:70:c6:96:22:3c:05:
20:2f:cd:9a:30:d9:c1:03:7f:4e:94:2e:7a:8d:d8:
2e:74:7b:69:4d:cb:d5:1d:bf:50:63:64:f5:ca:63:
b5:dd:0b:5e:ea:71:c1:e1:eb:cd:fb:b1:17:54:17:
17:39:09:6a:5d:90:7d:34:20:d7:d7:d9:e2:1b:64:
20:6f:4e:62:9e:64:0d:a1:72:3f:20:e2:de:3d:f8:
e3:7c:82:49:00:20:83:36:65:64:5d:25:08:fc:89:
8d:ce:24:b3:86:9f:2d:3b:ed:e9:93:2f:18:bf:40:
36:d3:40:94:03:ad:f8:f7:af:0a:af:f0:2a:a4:d7:
e5:1f:35:96:ae:b5:5b:18:b2:db:56:69:a3:04:20:
7f:3c:2b:1e:de:9e:16:a8:ae:c0:de:01:9b:a0:40:
d0:85:61:84:f5:41:5d:cf:c4:9d:7e:b0:32:75:b9:
f2:14:5d:c4:a3:9c:5c:9d:d5:86:26:17:fa:c4:0c:
25:b7:13:2d:25:62:a0:b9:7a:15:99:5b:5d:4a:21:
f8:63:f4:9d:82:84:f4:ae:ab:9f:28:7e:ed:a1:88:
7a:06:51:9d:b4:76:5a:7f:ed:bb:7e:a8:79:64:6d:
0d:c4:9e:2e:3c:c9:55:3b:40:d2:d2:ce:73:44:3e:
57:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6D:15:8A:92:D3:B6:52:8A:40:5F:78:6C:4E:DC:90:CD:78:AA:9A
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z20VipLTtlKKQF94bE7ckM14qpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01:ab04::/48
Signature Algorithm: sha256WithRSAEncryption
05:ac:42:5b:2c:3f:b3:df:df:f0:d9:34:3b:6b:31:85:b7:4f:
77:92:35:0a:02:24:13:f1:cf:c8:fb:a4:8f:f5:e7:db:0b:6b:
72:a7:80:f1:30:ee:de:0f:4c:62:7e:95:69:0c:96:e5:d9:26:
eb:09:c0:aa:8d:b1:71:a6:64:59:21:d4:df:61:23:13:93:c5:
21:4b:fe:68:e4:1d:e6:6a:a8:00:70:9e:54:1e:41:e4:02:5a:
93:68:c9:25:b1:fd:55:b3:bd:fd:c4:9a:c2:05:cf:4d:21:c9:
13:fd:ea:c0:c7:3d:e6:58:45:65:59:b9:f3:e2:49:8f:59:c8:
79:e7:8f:c4:f5:eb:d6:4a:59:65:15:23:f7:6f:8f:d4:d0:50:
fc:18:e5:fb:2f:f1:0e:c9:68:26:40:ee:15:83:95:80:09:90:
87:5a:69:50:72:d6:ed:16:9f:c5:34:30:22:c2:7b:65:8a:bb:
33:db:1f:e2:77:98:0e:fd:8e:32:d1:34:b8:79:06:2f:5c:cd:
a7:94:20:c9:db:7b:c2:8f:93:cf:66:ce:c3:20:d5:ea:c2:80:
ad:4c:f4:f8:60:3b:7b:be:69:22:d0:2a:6e:33:3d:54:c9:2b:
21:0d:d6:1c:e1:20:19:31:fc:d8:99:4b:b1:37:6c:eb:3f:4e:
f9:98:1f:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL+vJo26ZeJNLuQE1X6tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjZkMTU4YTkyZDNiNjUyOGE0MDVmNzg2YzRlZGM5MGNkNzhhYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl48tq/aZVuFwxpYiPAUgL82aMNnB
A39OlC56jdgudHtpTcvVHb9QY2T1ymO13Qte6nHB4evN+7EXVBcXOQlqXZB9NCDX
19niG2Qgb05inmQNoXI/IOLePfjjfIJJACCDNmVkXSUI/ImNziSzhp8tO+3pky8Y
v0A200CUA634968Kr/AqpNflHzWWrrVbGLLbVmmjBCB/PCse3p4WqK7A3gGboEDQ
hWGE9UFdz8SdfrAydbnyFF3Eo5xcndWGJhf6xAwltxMtJWKguXoVmVtdSiH4Y/Sd
goT0rqufKH7toYh6BlGdtHZaf+27fqh5ZG0NxJ4uPMlVO0DS0s5zRD5XUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM9tFYqS07ZSikBfeGxO3JDNeKqaMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvejIwVmlwTFR0bEtLUUY5NGJFN2NrTTE0cXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qAasE
MA0GCSqGSIb3DQEBCwUAA4IBAQAFrEJbLD+z39/w2TQ7azGFt093kjUKAiQT8c/I
+6SP9efbC2typ4DxMO7eD0xifpVpDJbl2SbrCcCqjbFxpmRZIdTfYSMTk8UhS/5o
5B3maqgAcJ5UHkHkAlqTaMklsf1Vs739xJrCBc9NIckT/erAxz3mWEVlWbnz4kmP
Wch554/E9evWSlllFSP3b4/U0FD8GOX7L/EOyWgmQO4Vg5WACZCHWmlQctbtFp/F
NDAiwntlirsz2x/id5gO/Y4y0TS4eQYvXM2nlCDJ23vCj5PPZs7DINXqwoCtTPT4
YDt7vmki0CpuMz1UySshDdYc4SAZMfzYmUuxN2zrP075mB9Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org