Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/ZFcnSEGB65BieU_eqB5V91Udp7U.roa
File: ZFcnSEGB65BieU_eqB5V91Udp7U.roa (raw, json)
Hash identifier: szhebW2m+zkuY6NnvceQM0bfYO0KX9ZDHY4+GcFwkbE=
Subject key identifier: 64:57:27:48:41:81:EB:90:62:79:4F:DE:A8:1E:55:F7:55:1D:A7:B5
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 01856D8AE94BFCEE84BEED9F882871F13968
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/ZFcnSEGB65BieU_eqB5V91Udp7U.roa
Signing time: Sun 01 Jan 2023 13:34:58 +0000
ROA not before: Sun 01 Jan 2023 13:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25156
IP address blocks: 2a00:65c0::/32 maxlen: 32
2a00:65c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Jun 2023 11:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:e9:4b:fc:ee:84:be:ed:9f:88:28:71:f1:39:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Jan 1 13:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645727484181eb9062794fdea81e55f7551da7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:65:e1:29:97:4f:df:9f:7c:9f:7f:7a:33:6a:
5f:d3:92:78:ab:9f:4d:05:63:35:15:59:a9:b9:bf:
a3:7f:58:46:cd:76:07:56:81:18:f6:8e:28:b0:b7:
2f:c8:bb:84:ae:b1:af:17:48:35:71:f2:91:36:92:
eb:64:8a:6b:f5:67:21:fe:2d:70:fa:68:4b:68:39:
b0:5b:40:98:f3:2f:52:b7:47:43:f3:c5:e3:a5:ad:
46:1d:d4:bc:7b:96:32:e2:22:3e:12:35:ff:17:d5:
b0:12:bd:af:12:97:b7:d9:f4:9e:98:f8:2c:6c:91:
51:44:4f:bf:25:52:84:41:cf:fb:bc:17:d9:2a:0b:
6c:fa:32:0e:72:d8:fa:bd:34:b0:d5:50:80:e8:48:
87:c0:e1:c3:11:ff:fd:75:92:e3:08:d8:e1:fc:76:
e6:37:dc:16:fb:c4:f5:c4:89:ef:2a:fa:dd:c9:3c:
39:98:3b:b4:0d:c2:cb:b8:e0:65:68:f7:5c:49:48:
0d:73:f1:97:04:5d:cb:ce:fa:45:ab:50:a7:04:b1:
6a:14:b0:b0:f3:6e:ef:2a:fc:e8:1f:ee:c6:a0:1d:
66:64:06:6c:c1:35:18:44:8c:b8:ce:91:16:23:fa:
e8:36:40:b4:3a:c8:13:54:79:25:f9:1e:51:30:86:
da:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:57:27:48:41:81:EB:90:62:79:4F:DE:A8:1E:55:F7:55:1D:A7:B5
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/ZFcnSEGB65BieU_eqB5V91Udp7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:9b:5f:e2:ec:a3:a2:16:c6:8a:aa:07:51:10:7b:94:76:33:
71:2e:8e:42:98:0c:00:82:58:00:15:a5:5c:0c:c4:48:8a:21:
f9:d0:89:3a:f0:e1:17:16:3a:10:50:05:02:1d:b1:3c:4a:bb:
0d:ad:52:27:11:d0:3e:71:c3:0d:b9:97:a1:00:cf:f1:c5:4b:
a3:92:7e:3a:17:88:1b:a1:a5:90:0c:d4:41:43:c4:b5:27:f2:
d9:7f:20:e3:7c:7c:e0:8e:82:ed:21:70:35:c2:b4:e7:25:bb:
e3:7d:88:57:41:4a:c9:2e:51:d8:ea:48:0b:4b:02:e3:14:22:
b4:35:e1:15:8d:44:c6:32:4c:1d:52:58:8e:8c:68:7a:bd:4f:
50:e4:16:98:90:df:f9:87:03:32:e4:d6:8a:cf:a8:ad:ed:b2:
e5:e3:cd:0a:0b:2a:e1:fa:02:86:72:95:9e:19:91:9d:08:79:
88:cb:91:05:82:e5:00:73:36:fb:0f:8c:09:34:34:9a:c8:38:
af:a8:f5:27:ad:cd:18:d3:64:21:4e:60:e7:e5:2b:0b:3f:fb:
7a:d5:78:64:4a:fd:7c:55:07:fe:97:72:b2:17:e3:bd:a1:9a:
be:29:13:56:37:c3:74:92:a3:3f:7f:81:2f:75:68:e9:2a:05:
12:e0:a0:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtiulL/O6Evu2fiChx8TloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi
MjMzNjMwHhcNMjMwMTAxMTMzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU3Mjc0ODQxODFlYjkwNjI3OTRmZGVhODFlNTVmNzU1MWRhN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2XhKZdP3598n396M2pf05J4q59N
BWM1FVmpub+jf1hGzXYHVoEY9o4osLcvyLuErrGvF0g1cfKRNpLrZIpr9Wch/i1w
+mhLaDmwW0CY8y9St0dD88Xjpa1GHdS8e5Yy4iI+EjX/F9WwEr2vEpe32fSemPgs
bJFRRE+/JVKEQc/7vBfZKgts+jIOctj6vTSw1VCA6EiHwOHDEf/9dZLjCNjh/Hbm
N9wW+8T1xInvKvrdyTw5mDu0DcLLuOBlaPdcSUgNc/GXBF3LzvpFq1CnBLFqFLCw
827vKvzoH+7GoB1mZAZswTUYRIy4zpEWI/roNkC0OsgTVHkl+R5RMIbavQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGRXJ0hBgeuQYnlP3qgeVfdVHae1MB8GA1UdIwQY
MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt
NTgxZGI4N2M4MjFlLzEvWkZjblNFR0I2NUJpZVVfZXFCNVY5MVVkcDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl
LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBlwDAN
BgkqhkiG9w0BAQsFAAOCAQEALJtf4uyjohbGiqoHURB7lHYzcS6OQpgMAIJYABWl
XAzESIoh+dCJOvDhFxY6EFAFAh2xPEq7Da1SJxHQPnHDDbmXoQDP8cVLo5J+OheI
G6GlkAzUQUPEtSfy2X8g43x84I6C7SFwNcK05yW7432IV0FKyS5R2OpIC0sC4xQi
tDXhFY1ExjJMHVJYjoxoer1PUOQWmJDf+YcDMuTWis+ore2y5ePNCgsq4foChnKV
nhmRnQh5iMuRBYLlAHM2+w+MCTQ0msg4r6j1J63NGNNkIU5g5+UrCz/7etV4ZEr9
fFUH/pdyshfjvaGavikTVjfDdJKjP3+BL3Vo6SoFEuCgFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:12 2024 by rpki-client on console-fra.rpki-client.org