Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zgwfpvVpv4wH2MGtC0oxJwn9qjs.roa
File: zgwfpvVpv4wH2MGtC0oxJwn9qjs.roa (raw, json)
Hash identifier: z6mjetToj59E1Z0jXlVzotLR7opPR/upzs+/68/glOY=
Subject key identifier: CE:0C:1F:A6:F5:69:BF:8C:07:D8:C1:AD:0B:4A:31:27:09:FD:AA:3B
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0192892A6D9742D68D83CB745DFDA768655D
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zgwfpvVpv4wH2MGtC0oxJwn9qjs.roa
Signing time: Mon 14 Oct 2024 03:55:12 +0000
ROA not before: Mon 14 Oct 2024 03:55:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0e:4bc7::/32 maxlen: 32
2a0e:5901::/32 maxlen: 32
2a0e:8080::/32 maxlen: 32
2a0e:ccc5::/32 maxlen: 32
2a0f:c087::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:2a:6d:97:42:d6:8d:83:cb:74:5d:fd:a7:68:65:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Oct 14 03:55:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce0c1fa6f569bf8c07d8c1ad0b4a312709fdaa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fe:58:86:6a:21:8a:df:fd:5e:d3:7e:a2:44:
d2:a8:5d:85:4a:c2:39:7e:9b:af:e6:f7:99:ef:b3:
81:dd:cf:52:99:e7:ce:e2:82:3f:41:2d:4d:89:49:
60:0e:c0:b4:84:53:73:fc:96:ec:87:0b:bf:82:03:
eb:75:74:0f:57:9e:88:7c:1c:d1:73:0b:2c:85:7f:
01:8c:8e:6e:11:68:7c:0f:59:a9:e6:b6:c9:0a:14:
5f:ba:c7:40:f5:3f:68:bb:51:6d:1a:df:fd:46:46:
1d:11:82:c0:0a:50:df:6d:fd:e1:11:15:8b:73:61:
7b:be:4e:bd:9a:20:b7:03:25:30:c5:80:46:b7:0a:
24:54:1e:fa:21:68:38:e4:6c:4e:a5:99:92:19:6a:
49:c7:59:a5:a4:9c:a3:eb:ea:f5:fb:51:8c:94:f8:
e8:80:1c:55:a3:10:56:65:d7:2b:a0:bd:b1:9c:db:
b6:fa:e1:5c:85:cc:de:c4:9b:96:17:77:09:3d:4a:
4b:7f:a8:f4:9f:50:37:f9:50:95:c3:7e:d1:98:2b:
03:63:7a:b3:48:d4:aa:ce:2b:9c:40:20:9a:ce:e2:
00:6c:43:03:b7:74:ec:a9:4a:9f:d1:08:ea:a9:81:
ed:71:1f:4c:c1:51:04:87:fa:6e:9f:f8:c1:22:50:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0C:1F:A6:F5:69:BF:8C:07:D8:C1:AD:0B:4A:31:27:09:FD:AA:3B
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zgwfpvVpv4wH2MGtC0oxJwn9qjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc7::/32
2a0e:5901::/32
2a0e:8080::/32
2a0e:ccc5::/32
2a0f:c087::/32
Signature Algorithm: sha256WithRSAEncryption
3d:a7:8b:b8:ea:0f:52:ac:a2:62:a8:1f:60:9f:f6:49:d6:8c:
f2:ba:54:85:db:a2:3f:b9:9a:39:fd:8c:eb:24:dd:fe:66:7f:
32:bc:a1:1e:07:52:c9:46:58:de:05:36:6c:11:eb:7d:7f:cc:
59:fb:15:8f:ad:97:cf:48:ff:7f:30:e8:a5:91:7c:b9:16:66:
3b:d8:84:3f:d1:51:85:10:75:e9:dc:37:f1:a3:7d:7a:11:60:
05:b3:f1:c6:ba:77:ec:97:b2:16:11:33:50:30:be:78:90:6b:
20:e7:07:40:3c:74:7d:a7:50:43:8d:b7:58:cb:00:e7:93:9f:
db:68:00:11:39:fb:9e:bd:fb:f0:2e:f9:64:4c:99:f5:de:ab:
1d:08:7e:f5:5e:28:1b:54:a0:72:6c:28:f7:13:32:5b:da:ba:
1b:aa:8e:0d:6c:62:ae:1e:90:92:f9:62:67:35:3d:8f:bc:b3:
5a:de:52:99:9a:cb:e8:c4:78:34:34:9f:ea:52:49:9f:2a:47:
54:0d:26:32:5d:90:17:47:b8:8a:e7:b9:c6:b9:9c:5c:7d:01:
7b:9b:d6:0f:75:ba:9b:fc:b4:0e:74:6e:73:9e:d3:95:09:d0:
da:66:86:58:62:0e:6a:00:f6:d1:db:a0:e3:ba:03:98:90:44:
e2:0e:b7:02
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZKJKm2XQtaNg8t0Xf2naGVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDE0MDM1NTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBjMWZhNmY1NjliZjhjMDdkOGMxYWQwYjRhMzEyNzA5ZmRhYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf5Yhmohit/9XtN+okTSqF2FSsI5
fpuv5veZ77OB3c9SmefO4oI/QS1NiUlgDsC0hFNz/Jbshwu/ggPrdXQPV56IfBzR
cwsshX8BjI5uEWh8D1mp5rbJChRfusdA9T9ou1FtGt/9RkYdEYLAClDfbf3hERWL
c2F7vk69miC3AyUwxYBGtwokVB76IWg45GxOpZmSGWpJx1mlpJyj6+r1+1GMlPjo
gBxVoxBWZdcroL2xnNu2+uFchczexJuWF3cJPUpLf6j0n1A3+VCVw37RmCsDY3qz
SNSqziucQCCazuIAbEMDt3TsqUqf0QjqqYHtcR9MwVEEh/pun/jBIlAkIwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFM4MH6b1ab+MB9jBrQtKMScJ/ao7MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvemd3ZnB2VnB2NHdIMk1HdEMwb3hKd245cWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKg5LxwMF
ACoOWQEDBQAqDoCAAwUAKg7MxQMFACoPwIcwDQYJKoZIhvcNAQELBQADggEBAD2n
i7jqD1KsomKoH2Cf9knWjPK6VIXboj+5mjn9jOsk3f5mfzK8oR4HUslGWN4FNmwR
631/zFn7FY+tl89I/38w6KWRfLkWZjvYhD/RUYUQdencN/GjfXoRYAWz8ca6d+yX
shYRM1AwvniQayDnB0A8dH2nUEONt1jLAOeTn9toABE5+569+/Au+WRMmfXeqx0I
fvVeKBtUoHJsKPcTMlvauhuqjg1sYq4ekJL5Ymc1PY+8s1reUpmay+jEeDQ0n+pS
SZ8qR1QNJjJdkBdHuIrnuca5nFx9AXub1g91upv8tA50bnOe05UJ0NpmhlhiDmoA
9tHboOO6A5iQROIOtwI=
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org