Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c755cc-5f90-47f5-adec-905f24c258ee/1/ZZXfcU1fuv2RpoatIqCGRmlWLLg.roa
File: ZZXfcU1fuv2RpoatIqCGRmlWLLg.roa (raw, json)
Hash identifier: NggGRCKW6MOaWgNRW0DGIa4jKHggDmHDrHHUV4iGIRM=
Subject key identifier: 65:95:DF:71:4D:5F:BA:FD:91:A6:86:AD:22:A0:86:46:69:56:2C:B8
Certificate issuer: /CN=0ecbefe20e18866b8a490c95ee45992643bed69d
Certificate serial: 0187F25C42A1F0FE253888375D2176647331
Authority key identifier: 0E:CB:EF:E2:0E:18:86:6B:8A:49:0C:95:EE:45:99:26:43:BE:D6:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dsvv4g4YhmuKSQyV7kWZJkO-1p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c755cc-5f90-47f5-adec-905f24c258ee/1/ZZXfcU1fuv2RpoatIqCGRmlWLLg.roa
Signing time: Sat 06 May 2023 18:39:05 +0000
ROA not before: Sat 06 May 2023 18:39:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213268
IP address blocks: 2a09:3c00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f2:5c:42:a1:f0:fe:25:38:88:37:5d:21:76:64:73:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecbefe20e18866b8a490c95ee45992643bed69d
Validity
Not Before: May 6 18:39:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6595df714d5fbafd91a686ad22a0864669562cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:5c:00:01:8e:2b:57:13:84:d8:55:81:91:
b3:09:6e:e5:f2:a5:ef:b3:ca:30:6d:cd:7e:23:36:
8e:dc:e5:62:49:2c:4f:8d:99:38:41:4a:3b:51:61:
6c:11:13:98:0e:32:4d:ff:7b:ce:64:63:07:87:2a:
a1:53:d4:c9:25:34:c7:ca:fc:5e:f5:d6:44:a0:e4:
3e:79:3f:6c:cc:b7:59:f4:29:3f:75:59:4d:b3:b7:
71:cf:9c:5d:47:50:84:1c:cc:1d:61:e2:34:9b:11:
6d:9c:cf:1e:5f:3e:86:77:24:73:09:1c:ae:2f:ca:
89:6e:17:7d:a3:8b:28:a4:54:08:ad:67:c7:00:17:
37:c4:56:43:ce:cc:db:1e:09:8f:4e:ea:51:57:41:
bd:81:61:36:db:99:90:b7:e9:f3:8b:66:25:d2:26:
2d:c9:d2:7d:b3:df:84:3d:fe:7e:9a:fc:73:d9:af:
af:9e:bc:8a:d1:1a:6e:a6:3e:fc:88:dc:1f:74:25:
1e:6f:37:54:46:9b:cb:c1:01:c7:1b:42:17:0e:0e:
dd:32:c0:a5:99:bb:a5:45:fa:30:b9:eb:d8:a6:26:
e1:bb:71:a8:d9:d1:a9:99:a0:96:62:fe:46:19:79:
d6:f2:62:59:af:f7:c7:e4:38:3b:25:fc:ab:7f:34:
2b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:95:DF:71:4D:5F:BA:FD:91:A6:86:AD:22:A0:86:46:69:56:2C:B8
X509v3 Authority Key Identifier:
keyid:0E:CB:EF:E2:0E:18:86:6B:8A:49:0C:95:EE:45:99:26:43:BE:D6:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dsvv4g4YhmuKSQyV7kWZJkO-1p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c755cc-5f90-47f5-adec-905f24c258ee/1/ZZXfcU1fuv2RpoatIqCGRmlWLLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c755cc-5f90-47f5-adec-905f24c258ee/1/Dsvv4g4YhmuKSQyV7kWZJkO-1p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
6d:86:11:ab:30:e8:cd:77:07:f1:22:1d:ca:a0:01:95:93:9e:
59:29:2b:20:41:99:e9:a9:e7:ab:ed:0c:95:54:6e:f9:19:1d:
15:76:02:a2:ff:2f:aa:40:98:26:68:15:e5:ad:ed:3e:2f:90:
dc:e3:6e:26:96:85:61:7a:ad:ca:ec:62:87:d7:43:92:7f:41:
00:44:df:d9:70:c0:dc:2e:ee:c5:c4:60:ce:fa:00:ae:cc:31:
c1:98:91:be:3d:26:84:e4:5f:c6:01:17:53:8d:2e:84:ba:cd:
ba:8e:80:8a:2f:38:65:c4:f2:ae:d3:7e:85:ca:75:3f:5e:40:
09:b9:0e:ad:79:66:08:3f:28:26:22:43:08:e2:9a:a8:a1:f7:
eb:e6:42:d0:5c:95:7e:c1:be:de:f5:68:cd:e6:da:be:47:4a:
65:c2:93:0d:89:92:22:cd:80:dc:e2:ca:4f:79:86:9e:3f:00:
2c:72:c2:f8:c6:81:ff:bd:01:5c:40:74:81:84:d8:ce:78:39:
c5:0c:e9:a9:8f:04:41:f2:74:f6:3c:7f:76:4f:ea:7d:1c:05:
10:d7:34:fb:58:34:ed:ac:69:ca:2f:3a:f6:5d:85:b4:86:93:
48:04:79:c4:ef:48:04:83:f8:1c:f4:8d:a1:9c:b3:99:f6:57:
54:40:e5:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfyXEKh8P4lOIg3XSF2ZHMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlY2JlZmUyMGUxODg2NmI4YTQ5MGM5NWVlNDU5OTI2NDNi
ZWQ2OWQwHhcNMjMwNTA2MTgzOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTk1ZGY3MTRkNWZiYWZkOTFhNjg2YWQyMmEwODY0NjY5NTYyY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/5cAAGOK1cThNhVgZGzCW7l8qXv
s8owbc1+IzaO3OViSSxPjZk4QUo7UWFsEROYDjJN/3vOZGMHhyqhU9TJJTTHyvxe
9dZEoOQ+eT9szLdZ9Ck/dVlNs7dxz5xdR1CEHMwdYeI0mxFtnM8eXz6GdyRzCRyu
L8qJbhd9o4sopFQIrWfHABc3xFZDzszbHgmPTupRV0G9gWE225mQt+nzi2Yl0iYt
ydJ9s9+EPf5+mvxz2a+vnryK0Rpupj78iNwfdCUebzdURpvLwQHHG0IXDg7dMsCl
mbulRfowuevYpibhu3Go2dGpmaCWYv5GGXnW8mJZr/fH5Dg7JfyrfzQrFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGWV33FNX7r9kaaGrSKghkZpViy4MB8GA1UdIwQY
MBaAFA7L7+IOGIZrikkMle5FmSZDvtadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHN2djRnNFlobXVLU1F5VjdrV1pKa08tMXAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jNzU1Y2MtNWY5MC00N2Y1LWFkZWMt
OTA1ZjI0YzI1OGVlLzEvWlpYZmNVMWZ1djJScG9hdElxQ0dSbWxXTExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jNzU1Y2MtNWY5MC00N2Y1LWFkZWMtOTA1ZjI0YzI1OGVl
LzEvRHN2djRnNFlobXVLU1F5VjdrV1pKa08tMXAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgk8AAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBthhGrMOjNdwfxIh3KoAGVk55ZKSsgQZnpqeer
7QyVVG75GR0VdgKi/y+qQJgmaBXlre0+L5Dc424mloVheq3K7GKH10OSf0EARN/Z
cMDcLu7FxGDO+gCuzDHBmJG+PSaE5F/GARdTjS6Eus26joCKLzhlxPKu036FynU/
XkAJuQ6teWYIPygmIkMI4pqooffr5kLQXJV+wb7e9WjN5tq+R0plwpMNiZIizYDc
4spPeYaePwAscsL4xoH/vQFcQHSBhNjOeDnFDOmpjwRB8nT2PH92T+p9HAUQ1zT7
WDTtrGnKLzr2XYW0hpNIBHnE70gEg/gc9I2hnLOZ9ldUQOUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:37 2024 by rpki-client on console-ams.rpki-client.org