Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/kZSgmCzCT1dpnFN6SdXlRDfeSzQ.roa
File: kZSgmCzCT1dpnFN6SdXlRDfeSzQ.roa (raw, json)
Hash identifier: XHJwQDCNIocJcKnVUjWz3/Aen4/j+WpM+fcO1dS2OJ4=
Subject key identifier: 91:94:A0:98:2C:C2:4F:57:69:9C:53:7A:49:D5:E5:44:37:DE:4B:34
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 018572DF0107DB3EFA59D92F4CEE5E6AA948
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/kZSgmCzCT1dpnFN6SdXlRDfeSzQ.roa
Signing time: Mon 02 Jan 2023 14:24:55 +0000
ROA not before: Mon 02 Jan 2023 14:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1022
IP address blocks: 2a12:f3c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:01:07:db:3e:fa:59:d9:2f:4c:ee:5e:6a:a9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: Jan 2 14:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9194a0982cc24f57699c537a49d5e54437de4b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:42:12:08:7b:17:32:52:c6:2b:1f:31:ec:
fb:5d:5b:9a:25:47:f7:f7:c4:9f:80:8a:0d:1a:13:
9e:a1:c1:94:31:85:48:34:17:58:6e:e7:48:0e:25:
db:20:44:25:4d:36:3c:13:88:f1:60:af:5d:de:e1:
63:49:b1:d9:43:2c:6d:23:4a:c9:ed:81:2c:6c:9a:
30:e9:6a:e6:7e:b4:72:1e:85:90:c9:24:3c:19:ff:
2e:49:08:7d:fa:85:c5:27:39:e3:7e:24:74:68:44:
54:7a:ef:d6:91:5f:02:c1:e5:83:02:d2:6a:6f:d8:
33:cf:3b:eb:1d:ac:d8:33:c2:3f:bd:a2:e6:c8:4e:
c2:c6:97:78:2a:b2:35:31:d2:3a:b9:21:80:bc:35:
c3:d4:98:0c:25:15:cb:f1:aa:f6:d5:d1:34:9e:f9:
ed:a4:48:8f:02:d5:2e:d4:31:1b:59:39:2b:f3:61:
43:d6:66:d2:99:73:d1:ee:04:11:16:d1:75:72:f9:
73:ca:9d:9f:9a:26:32:ea:35:86:af:d8:fb:2e:e3:
6e:f5:57:7d:18:cd:8a:1f:b8:e9:8e:3e:94:a7:05:
9e:e1:84:d3:e0:d7:fc:e8:53:00:91:ac:c8:12:0e:
f7:a1:01:5d:24:70:f8:6f:4b:f7:46:56:3e:a1:63:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:94:A0:98:2C:C2:4F:57:69:9C:53:7A:49:D5:E5:44:37:DE:4B:34
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/kZSgmCzCT1dpnFN6SdXlRDfeSzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:32:f5:bf:e1:56:2d:33:34:5d:4a:fc:e3:f0:c0:57:62:0b:
d3:23:9d:64:6c:f0:cc:9f:9d:e5:fa:6d:5d:b0:26:73:6a:1d:
c9:f2:d6:c9:62:49:e8:80:b6:9e:b0:48:be:9b:b9:4f:d5:94:
21:2a:92:be:ed:9e:98:82:42:5b:f5:2f:54:ff:cd:c5:66:46:
52:aa:b6:d7:18:cb:e7:a7:b8:69:a4:c9:36:9e:3a:b9:26:d4:
d8:84:ec:77:dd:54:79:9e:c5:c9:0d:1c:a7:10:f1:eb:1d:27:
89:18:8a:6c:58:9e:67:bd:de:01:12:1d:7f:ba:82:0d:1c:ba:
68:5c:98:a3:4d:a7:4d:04:e3:80:b1:f3:35:a6:ab:31:f7:28:
00:c0:c4:74:b3:72:95:5d:d4:e2:5c:a2:61:41:09:84:d0:a5:
5c:65:21:b0:8e:e1:71:f9:9b:7b:76:32:fb:fd:fe:c5:a2:55:
3d:6b:5a:66:94:6e:47:d8:32:7f:66:c7:6b:d1:f7:8c:ac:be:
98:36:de:fd:bc:00:0f:08:04:ea:d3:9b:13:4f:b0:a0:2c:33:
49:fa:3a:ca:26:59:c6:f7:78:62:53:e7:d3:3e:ce:21:11:d0:
91:d9:d5:43:2d:67:97:3a:e1:9d:a9:61:23:dd:c8:0d:2d:1f:
21:0c:09:db
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy3wEH2z76WdkvTO5eaqlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4
ODRkMTgwHhcNMjMwMTAyMTQyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk0YTA5ODJjYzI0ZjU3Njk5YzUzN2E0OWQ1ZTU0NDM3ZGU0YjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraJCEgh7FzJSxisfMez7XVuaJUf3
98SfgIoNGhOeocGUMYVINBdYbudIDiXbIEQlTTY8E4jxYK9d3uFjSbHZQyxtI0rJ
7YEsbJow6WrmfrRyHoWQySQ8Gf8uSQh9+oXFJznjfiR0aERUeu/WkV8CweWDAtJq
b9gzzzvrHazYM8I/vaLmyE7Cxpd4KrI1MdI6uSGAvDXD1JgMJRXL8ar21dE0nvnt
pEiPAtUu1DEbWTkr82FD1mbSmXPR7gQRFtF1cvlzyp2fmiYy6jWGr9j7LuNu9Vd9
GM2KH7jpjj6UpwWe4YTT4Nf86FMAkazIEg73oQFdJHD4b0v3RlY+oWPhzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJGUoJgswk9XaZxTeknV5UQ33ks0MB8GA1UdIwQY
MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt
Mzg4ZDhhZDJhNWJiLzEva1pTZ21DekNUMWRwbkZONlNkWGxSRGZlU3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi
LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGjL1v+FWLTM0XUr84/DAV2IL0yOdZGzwzJ+d5fpt
XbAmc2odyfLWyWJJ6IC2nrBIvpu5T9WUISqSvu2emIJCW/UvVP/NxWZGUqq21xjL
56e4aaTJNp46uSbU2ITsd91UeZ7FyQ0cpxDx6x0niRiKbFieZ73eARIdf7qCDRy6
aFyYo02nTQTjgLHzNaarMfcoAMDEdLNylV3U4lyiYUEJhNClXGUhsI7hcfmbe3Yy
+/3+xaJVPWtaZpRuR9gyf2bHa9H3jKy+mDbe/bwADwgE6tObE0+woCwzSfo6yiZZ
xvd4YlPn0z7OIRHQkdnVQy1nlzrhnalhI93IDS0fIQwJ2w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:49 2023 by rpki-client on console-ams.rpki-client.org