Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/zZqjeQG9-YObVCFlFHm0UJaC2k8.roa
File: zZqjeQG9-YObVCFlFHm0UJaC2k8.roa (raw, json)
Hash identifier: OQoXDOzLzmClZ1XBV1oK02+HdKnwc9cSpJER0GhRpzQ=
Subject key identifier: CD:9A:A3:79:01:BD:F9:83:9B:54:21:65:14:79:B4:50:96:82:DA:4F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019066A899D9D43E4ED75B3C17348A6933DD
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/zZqjeQG9-YObVCFlFHm0UJaC2k8.roa
Signing time: Sun 30 Jun 2024 01:00:43 +0000
ROA not before: Sun 30 Jun 2024 01:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150787
IP address blocks: 2a12:bec4:13c0::/44 maxlen: 44
2a12:bec4:13c0::/48 maxlen: 48
2a12:bec4:13c1::/48 maxlen: 48
2a12:bec4:13c2::/48 maxlen: 48
2a12:bec4:13c3::/48 maxlen: 48
2a12:bec4:13c4::/48 maxlen: 48
2a12:bec4:13c5::/48 maxlen: 48
2a12:bec4:13c6::/48 maxlen: 48
2a12:bec4:13c7::/48 maxlen: 48
2a12:bec4:13c8::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Jun 2024 09:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:66:a8:99:d9:d4:3e:4e:d7:5b:3c:17:34:8a:69:33:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jun 30 01:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd9aa37901bdf9839b5421651479b4509682da4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:15:18:94:0e:80:f6:2a:0e:11:3a:58:ef:48:
39:73:8d:97:04:23:f9:65:96:d8:bc:0e:5f:a0:d0:
77:22:7e:87:95:66:46:ad:d0:4e:26:23:82:e2:b8:
86:0c:a2:1d:9f:d0:dc:41:8e:7e:1e:05:28:2c:0d:
20:f4:3d:92:50:c3:38:ae:17:4f:5f:d9:aa:ae:16:
4d:d4:07:2f:44:af:0c:f0:d9:23:84:02:e4:6b:dd:
2d:9e:35:e8:5a:07:13:85:29:0a:c2:55:22:da:fe:
40:34:25:f9:a4:f6:bc:a1:f5:a3:a3:41:a5:94:20:
95:ca:19:fc:25:cd:70:b9:66:8a:c6:29:66:55:f7:
9d:d8:fd:57:22:23:4a:50:74:2f:c1:09:2a:e1:0d:
1b:83:04:86:c4:2c:49:e6:e9:20:5b:0c:f3:5e:33:
2f:67:10:f9:6a:66:2b:cd:0c:9f:3c:83:84:fc:c4:
4b:11:27:c6:b5:f5:15:cf:28:77:c9:c6:e2:b7:b6:
f6:94:cd:21:a7:ba:e0:f9:db:a9:50:a1:e0:1a:28:
f7:5b:24:99:d4:89:c3:00:49:90:cb:76:e3:58:e4:
2c:23:a5:08:63:c2:b7:7c:d3:66:66:f8:ef:8e:90:
07:49:12:f4:4e:a4:8e:3c:a5:71:f3:13:44:a5:b0:
8b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9A:A3:79:01:BD:F9:83:9B:54:21:65:14:79:B4:50:96:82:DA:4F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/zZqjeQG9-YObVCFlFHm0UJaC2k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:13c0::/44
Signature Algorithm: sha256WithRSAEncryption
c5:18:73:83:9b:f9:26:e6:20:50:26:6d:ca:51:2b:f9:b9:5b:
11:36:dc:0e:f9:5f:a1:02:70:de:b1:a5:3c:d0:3d:72:75:2a:
49:6b:d6:1c:10:9a:85:04:c7:43:f7:72:5a:31:79:78:98:5e:
42:ab:b7:a6:69:15:73:fd:ce:06:48:ad:0b:55:d4:07:60:1f:
75:10:78:e9:66:87:59:d3:60:24:47:4d:68:b0:13:d3:12:f1:
3e:31:34:1d:c4:63:74:89:bf:6b:3b:38:24:68:2b:6c:55:78:
48:f8:97:08:7f:d2:43:89:bf:6f:75:83:4f:1b:cc:76:d5:5f:
47:d1:a5:49:3a:3d:25:b6:b3:46:34:e6:f0:4f:57:fc:93:7e:
b3:ff:90:6e:5e:86:f1:4c:60:9f:c5:a6:d6:48:66:9f:f6:43:
e2:25:8a:ff:52:ea:82:5f:28:d0:e0:5b:42:8d:17:8e:6d:40:
d4:69:4d:4e:eb:d1:0f:ad:31:1a:71:bf:78:0c:e8:b8:32:04:
2a:5d:a1:0f:af:b9:05:9e:7f:63:e3:48:4f:68:ff:93:cd:e2:
52:82:29:02:40:5c:9b:e4:5c:cb:c6:f3:e1:a9:f6:93:6b:0d:
75:c7:c5:7c:a8:8f:f3:bb:15:ca:11:ac:6b:2b:3c:14:53:3c:
37:35:e7:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZBmqJnZ1D5O11s8FzSKaTPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwNjMwMDEwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDlhYTM3OTAxYmRmOTgzOWI1NDIxNjUxNDc5YjQ1MDk2ODJkYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBUYlA6A9ioOETpY70g5c42XBCP5
ZZbYvA5foNB3In6HlWZGrdBOJiOC4riGDKIdn9DcQY5+HgUoLA0g9D2SUMM4rhdP
X9mqrhZN1AcvRK8M8NkjhALka90tnjXoWgcThSkKwlUi2v5ANCX5pPa8ofWjo0Gl
lCCVyhn8Jc1wuWaKxilmVfed2P1XIiNKUHQvwQkq4Q0bgwSGxCxJ5ukgWwzzXjMv
ZxD5amYrzQyfPIOE/MRLESfGtfUVzyh3ycbit7b2lM0hp7rg+dupUKHgGij3WySZ
1InDAEmQy3bjWOQsI6UIY8K3fNNmZvjvjpAHSRL0TqSOPKVx8xNEpbCLywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM2ao3kBvfmDm1QhZRR5tFCWgtpPMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvelpxamVRRzktWU9iVkNGbEZIbTBVSmFDMms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBPA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFGHODm/km5iBQJm3KUSv5uVsRNtwO+V+hAnDe
saU80D1ydSpJa9YcEJqFBMdD93JaMXl4mF5Cq7emaRVz/c4GSK0LVdQHYB91EHjp
ZodZ02AkR01osBPTEvE+MTQdxGN0ib9rOzgkaCtsVXhI+JcIf9JDib9vdYNPG8x2
1V9H0aVJOj0ltrNGNObwT1f8k36z/5BuXobxTGCfxabWSGaf9kPiJYr/UuqCXyjQ
4FtCjReObUDUaU1O69EPrTEacb94DOi4MgQqXaEPr7kFnn9j40hPaP+TzeJSgikC
QFyb5FzLxvPhqfaTaw11x8V8qI/zuxXKEaxrKzwUUzw3Nedn
-----END CERTIFICATE-----
Generated at Sun Jun 30 11:43:46 2024 by rpki-client on console-ams.rpki-client.org