Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3zKZzE8N9ehwzclXx9yLArYJy58.roa
File: 3zKZzE8N9ehwzclXx9yLArYJy58.roa (raw, json)
Hash identifier: RO8YTwbjQ1pMhcvTc2BvY/3GBxIG1aiOW0se8rtQirQ=
Subject key identifier: DF:32:99:CC:4F:0D:F5:E8:70:CD:C9:57:C7:DC:8B:02:B6:09:CB:9F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018EAEBF9370B9556A88B8DEFD3D9B2B8D8E
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3zKZzE8N9ehwzclXx9yLArYJy58.roa
Signing time: Fri 05 Apr 2024 14:52:54 +0000
ROA not before: Fri 05 Apr 2024 14:52:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2a12:bec4:10b0::/44 maxlen: 44
Validation: Failed, certificate revoked on Sat 06 Apr 2024 09:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:bf:93:70:b9:55:6a:88:b8:de:fd:3d:9b:2b:8d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Apr 5 14:52:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df3299cc4f0df5e870cdc957c7dc8b02b609cb9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:9f:21:51:07:90:5f:3a:99:80:89:43:23:
c3:fa:bb:4f:76:f1:16:82:ff:e0:3b:a3:39:94:17:
7c:30:d4:18:a2:56:8b:c9:a7:78:5a:37:55:d9:5d:
b2:68:88:73:58:51:85:75:01:3f:f4:da:ee:96:d2:
cc:5a:29:4d:a5:fa:e3:bb:6d:af:c8:b3:56:e1:e3:
ee:61:13:2f:de:3a:a1:ce:e8:2b:76:4b:f0:f3:d1:
d0:fa:63:62:8a:b9:87:1e:02:38:de:d0:45:ec:50:
ba:6b:1f:2a:44:bf:06:5a:1a:69:b8:bb:13:dc:9b:
94:bc:7b:5e:2a:6d:49:0a:b0:8f:9f:03:d5:d0:60:
90:29:a5:88:32:13:46:0c:80:66:3e:b1:82:cd:74:
12:10:d5:cb:34:64:61:d2:ae:d8:41:00:0e:34:bd:
0d:b5:19:01:f4:19:25:7d:1f:57:a4:f3:a1:60:69:
f3:ad:b9:1c:a9:69:dc:19:2b:8b:80:16:47:29:aa:
b5:89:0a:e8:d6:2d:ab:f9:c5:ea:9e:2f:b3:c0:6f:
54:64:ef:69:9b:e0:f7:c7:18:26:31:d7:44:f6:f5:
ca:ca:80:f7:b4:d6:90:33:8f:7d:17:d8:7b:31:d8:
58:ba:8c:e4:f0:0f:65:b0:ad:02:2f:ee:3a:13:1e:
f0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:32:99:CC:4F:0D:F5:E8:70:CD:C9:57:C7:DC:8B:02:B6:09:CB:9F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3zKZzE8N9ehwzclXx9yLArYJy58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:10b0::/44
Signature Algorithm: sha256WithRSAEncryption
85:42:8b:29:97:c4:ac:31:42:d3:48:19:24:c3:58:58:77:63:
a5:56:93:1e:af:28:34:70:a6:be:6f:50:61:44:bd:2e:53:f2:
b8:63:e5:c7:c8:67:dd:ba:7c:a6:52:fd:77:cb:00:bf:a0:47:
fe:d1:70:d2:49:9c:50:49:e9:87:33:7a:07:98:07:fd:ae:01:
be:86:be:d4:22:96:e8:f0:45:34:cf:d7:84:b7:02:6d:17:45:
60:9d:60:64:73:b1:0a:09:f5:17:04:01:21:e1:4d:21:5a:f0:
e2:fb:90:3b:94:5c:69:ea:32:c8:09:ab:c7:f4:d6:b3:21:8a:
e7:08:d5:6f:9f:5d:be:de:47:92:83:2e:fd:ea:33:85:7f:a7:
02:4a:a6:7c:90:10:c1:1c:59:7a:ff:3b:49:26:e9:33:89:21:
af:29:20:76:07:60:2e:de:f4:d4:da:cb:e9:e5:16:80:f4:35:
62:41:ff:4e:9c:23:f9:9d:06:81:41:cd:92:a8:07:c5:32:68:
4b:26:f5:6e:a6:9f:29:d5:a0:a0:8e:bb:6f:f2:14:be:70:e3:
01:0f:54:d5:9c:52:b2:2c:4c:8f:9b:dc:3a:08:77:b8:03:34:
d4:1b:6d:13:fe:65:a2:31:5f:0f:4e:48:68:d2:4c:b4:2d:db:
f5:b6:55:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY6uv5NwuVVqiLje/T2bK42OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwNDA1MTQ1MjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMyOTljYzRmMGRmNWU4NzBjZGM5NTdjN2RjOGIwMmI2MDljYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg+fIVEHkF86mYCJQyPD+rtPdvEW
gv/gO6M5lBd8MNQYolaLyad4WjdV2V2yaIhzWFGFdQE/9NrultLMWilNpfrju22v
yLNW4ePuYRMv3jqhzugrdkvw89HQ+mNiirmHHgI43tBF7FC6ax8qRL8GWhppuLsT
3JuUvHteKm1JCrCPnwPV0GCQKaWIMhNGDIBmPrGCzXQSENXLNGRh0q7YQQAONL0N
tRkB9BklfR9XpPOhYGnzrbkcqWncGSuLgBZHKaq1iQro1i2r+cXqni+zwG9UZO9p
m+D3xxgmMddE9vXKyoD3tNaQM499F9h7MdhYuozk8A9lsK0CL+46Ex7wTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN8ymcxPDfXocM3JV8fciwK2CcufMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvM3pLWnpFOE45ZWh3emNsWHg5eUxBcllKeTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCFQospl8SsMULTSBkkw1hYd2OlVpMeryg0cKa+
b1BhRL0uU/K4Y+XHyGfdunymUv13ywC/oEf+0XDSSZxQSemHM3oHmAf9rgG+hr7U
Ipbo8EU0z9eEtwJtF0VgnWBkc7EKCfUXBAEh4U0hWvDi+5A7lFxp6jLICavH9Naz
IYrnCNVvn12+3keSgy796jOFf6cCSqZ8kBDBHFl6/ztJJukziSGvKSB2B2Au3vTU
2svp5RaA9DViQf9OnCP5nQaBQc2SqAfFMmhLJvVupp8p1aCgjrtv8hS+cOMBD1TV
nFKyLEyPm9w6CHe4AzTUG20T/mWiMV8PTkho0ky0Ldv1tlVv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org