Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZTJm1Kn85Dr6ne_iMkLUgmooGsc.roa
File: ZTJm1Kn85Dr6ne_iMkLUgmooGsc.roa (raw, json)
Hash identifier: nLHTX2eaGiA/WpF5lCxxoIboT8VGJjOL4F6ve6rfE00=
Subject key identifier: 65:32:66:D4:A9:FC:E4:3A:FA:9D:EF:E2:32:42:D4:82:6A:28:1A:C7
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018CB6B6210FFDCF06D34B7E8F697CF33C40
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZTJm1Kn85Dr6ne_iMkLUgmooGsc.roa
Signing time: Fri 29 Dec 2023 17:53:58 +0000
ROA not before: Fri 29 Dec 2023 17:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215799
IP address blocks: 2a12:bec0:620::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:b6:21:0f:fd:cf:06:d3:4b:7e:8f:69:7c:f3:3c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Dec 29 17:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=653266d4a9fce43afa9defe23242d4826a281ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1b:98:02:ec:02:95:bd:8f:e4:ff:10:42:83:
36:75:f7:2e:44:4e:86:b9:af:48:70:61:72:ce:0a:
e6:dd:e7:55:d6:0e:fd:5f:a6:09:4c:80:e0:2d:ec:
ce:b1:b4:79:1e:ae:c3:07:73:cc:8d:32:a7:cc:2f:
5c:35:87:5f:c0:e0:9d:48:9f:e8:e4:19:3b:4d:32:
b0:31:8a:f1:3c:96:ee:c2:8d:86:59:81:04:ef:8b:
fc:6a:00:e6:0b:6b:35:6b:35:4f:17:7c:3d:9f:51:
52:d0:f1:dd:34:ed:cc:49:2e:ec:fc:6e:b0:9e:1a:
37:80:96:42:dc:c9:fc:e7:05:10:e3:f6:19:62:a5:
b9:68:7b:1f:d2:be:2a:0a:ba:bb:af:06:21:98:84:
17:be:8b:84:89:02:7f:53:64:66:9e:2d:f7:51:29:
56:e9:6f:65:44:46:a3:62:6b:bc:d2:02:3c:e0:74:
3d:e2:e3:21:d4:92:86:16:5e:da:9f:93:87:1c:e1:
3d:ad:57:d4:94:6b:45:02:a5:d3:67:89:94:dc:b3:
8e:c3:e3:d2:a5:0f:d4:a0:a6:dc:4d:a6:7a:92:fe:
4a:80:11:80:eb:c5:38:3e:53:f5:8a:7a:85:d6:f0:
04:de:1a:b8:e3:75:3a:6c:12:5b:03:38:ce:5e:e1:
73:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:32:66:D4:A9:FC:E4:3A:FA:9D:EF:E2:32:42:D4:82:6A:28:1A:C7
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZTJm1Kn85Dr6ne_iMkLUgmooGsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:620::/44
Signature Algorithm: sha256WithRSAEncryption
89:ac:9d:85:18:8d:e1:80:26:9d:68:03:c4:7b:4d:ee:bb:2c:
7c:60:2d:46:24:a3:45:7e:3c:a8:db:2e:98:7c:86:10:46:8a:
88:7e:f3:fc:3c:cc:d5:8e:c9:ae:9a:74:72:ae:3e:f1:7b:8b:
d1:62:74:74:d7:ac:b7:4e:c4:1c:1d:c5:fe:95:a4:67:10:eb:
8f:b8:2a:c1:56:74:b4:5c:55:1b:ba:0a:05:e7:14:4e:47:e6:
3d:29:c7:50:14:77:53:da:75:22:e4:3f:0c:6f:2c:35:76:2f:
06:70:db:05:d4:0d:50:fd:f5:53:ca:7f:e5:0b:98:a5:ff:8f:
03:eb:b4:9d:10:ab:18:d2:64:5e:4a:92:2c:1a:02:c6:74:87:
1e:43:ec:47:05:4c:e2:6f:b3:66:26:f3:8a:e6:53:f6:07:d7:
cf:8e:b1:5d:9c:d3:c8:18:35:e2:4e:ed:07:e9:c4:48:64:5d:
35:97:6f:3c:1e:43:f5:31:20:9b:10:c3:e0:1b:5a:f2:74:19:
a6:c3:ff:fd:12:a3:7a:96:f4:e4:48:a2:cf:70:e9:5c:59:56:
3e:ef:01:cd:84:2c:4a:89:d1:d4:36:0e:55:6c:4d:1f:ec:a9:
53:6c:ac:ae:10:10:26:1e:eb:ab:ff:d5:4f:63:a5:5c:c7:c4:
36:7c:f7:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYy2tiEP/c8G00t+j2l88zxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMxMjI5MTc1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTMyNjZkNGE5ZmNlNDNhZmE5ZGVmZTIzMjQyZDQ4MjZhMjgxYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBuYAuwClb2P5P8QQoM2dfcuRE6G
ua9IcGFyzgrm3edV1g79X6YJTIDgLezOsbR5Hq7DB3PMjTKnzC9cNYdfwOCdSJ/o
5Bk7TTKwMYrxPJbuwo2GWYEE74v8agDmC2s1azVPF3w9n1FS0PHdNO3MSS7s/G6w
nho3gJZC3Mn85wUQ4/YZYqW5aHsf0r4qCrq7rwYhmIQXvouEiQJ/U2Rmni33USlW
6W9lREajYmu80gI84HQ94uMh1JKGFl7an5OHHOE9rVfUlGtFAqXTZ4mU3LOOw+PS
pQ/UoKbcTaZ6kv5KgBGA68U4PlP1inqF1vAE3hq443U6bBJbAzjOXuFzcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGUyZtSp/OQ6+p3v4jJC1IJqKBrHMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvWlRKbTFLbjg1RHI2bmVfaU1rTFVnbW9vR3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAYg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJrJ2FGI3hgCadaAPEe03uuyx8YC1GJKNFfjyo
2y6YfIYQRoqIfvP8PMzVjsmumnRyrj7xe4vRYnR016y3TsQcHcX+laRnEOuPuCrB
VnS0XFUbugoF5xROR+Y9KcdQFHdT2nUi5D8Mbyw1di8GcNsF1A1Q/fVTyn/lC5il
/48D67SdEKsY0mReSpIsGgLGdIceQ+xHBUzib7NmJvOK5lP2B9fPjrFdnNPIGDXi
Tu0H6cRIZF01l288HkP1MSCbEMPgG1rydBmmw//9EqN6lvTkSKLPcOlcWVY+7wHN
hCxKidHUNg5VbE0f7KlTbKyuEBAmHuur/9VPY6Vcx8Q2fPcr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org