Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/zrDfV20eHP2IOSw58fsSqBJmQSw.roa
File: zrDfV20eHP2IOSw58fsSqBJmQSw.roa (raw, json)
Hash identifier: YF/QtCHehpYNmVN+s4VVbDSDbfMEQxwPuZhp8I9u9ew=
Subject key identifier: CE:B0:DF:57:6D:1E:1C:FD:88:39:2C:39:F1:FB:12:A8:12:66:41:2C
Certificate issuer: /CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Certificate serial: 01856D4ABEC8F4B7A9DC09566EA7FADAD492
Authority key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/zrDfV20eHP2IOSw58fsSqBJmQSw.roa
Signing time: Sun 01 Jan 2023 12:24:53 +0000
ROA not before: Sun 01 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61201
IP address blocks: 2a00:eb0:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:be:c8:f4:b7:a9:dc:09:56:6e:a7:fa:da:d4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Validity
Not Before: Jan 1 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceb0df576d1e1cfd88392c39f1fb12a81266412c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:cf:93:b8:a0:68:4f:db:a8:5b:a0:ac:16:4a:
62:f1:dd:d1:34:d8:ee:79:eb:0c:3f:34:ce:e9:fe:
cd:00:03:99:e4:c0:72:71:43:7c:79:54:e2:94:cc:
d2:d4:1a:38:79:6d:7e:01:77:ff:10:d6:64:2b:ed:
e1:7a:0a:f3:99:58:09:ec:ae:44:75:e2:6f:95:5f:
35:83:8c:c8:da:0b:9e:93:89:6c:9d:f3:cf:ae:43:
0a:2d:c0:27:97:1d:2b:45:12:1f:fa:c5:e8:70:38:
ac:61:f4:e3:30:12:23:ff:84:e5:b1:fd:96:a4:2b:
15:10:65:e8:95:3e:c7:2c:f6:ad:93:2d:63:70:4f:
d3:e1:1e:6f:d5:fb:64:6a:0b:a0:10:1f:57:b1:be:
f2:7a:6b:2e:b3:b4:21:bf:29:77:9d:47:e7:74:86:
cf:44:1a:3b:d2:79:cf:e2:59:a3:20:d8:a9:ad:7f:
90:48:6a:f2:cb:4b:ef:a7:0f:03:f2:8f:18:3f:ed:
89:f2:58:62:4d:61:98:a2:6c:27:35:24:ac:9b:6f:
04:a4:57:a5:31:ba:d1:f1:88:18:cf:ac:3f:41:ce:
8a:88:c1:e6:df:4a:bc:78:02:83:01:5c:86:59:0e:
41:56:43:42:19:4f:67:63:30:c2:b3:81:09:1b:da:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B0:DF:57:6D:1E:1C:FD:88:39:2C:39:F1:FB:12:A8:12:66:41:2C
X509v3 Authority Key Identifier:
keyid:C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/zrDfV20eHP2IOSw58fsSqBJmQSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:eb0:100::/48
Signature Algorithm: sha256WithRSAEncryption
67:e7:1b:28:85:d4:b4:c6:1e:e4:3e:ab:d4:93:83:ca:1d:11:
3c:8f:f8:18:02:45:65:98:c4:69:ad:dd:fa:77:d4:57:d4:06:
ac:3f:d0:7d:22:44:95:e2:cf:f8:aa:01:83:17:6e:65:df:3c:
53:29:39:ec:08:16:20:c5:f3:96:41:d4:ac:6a:d3:c2:b0:04:
ff:04:7d:4b:98:f8:70:8f:f2:9b:ba:5c:f5:77:0e:39:b7:22:
71:07:ba:37:57:f0:aa:fe:c5:f0:7f:a1:80:11:04:a9:ed:d5:
9c:58:49:94:38:07:62:c3:34:c0:1f:50:fb:ca:d7:f3:d5:ac:
4d:8a:3e:09:98:31:14:20:7a:bf:b9:bd:35:9b:1f:99:9b:ea:
9f:d1:8c:9c:0c:97:01:2d:11:21:3f:56:a3:72:60:0c:01:59:
bc:30:63:e5:3a:1c:b8:53:4d:b7:88:7d:54:ad:d1:4b:30:1f:
0f:5e:05:07:ae:fc:7d:a3:5f:ad:5d:c5:60:9d:0f:30:31:8f:
de:b2:2d:5b:6c:83:34:4f:70:4f:cc:3f:c6:42:52:54:f2:83:
f7:f8:c7:13:48:de:88:d0:41:81:00:4f:a9:1b:54:d6:ab:27:
4d:93:bd:bc:b4:f2:97:72:00:8b:87:0e:69:bd:3a:4c:aa:55:
f4:7e:e5:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtSr7I9Lep3AlWbqf62tSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDE3MzhiYWFiOTg4YjFkNjg2OTNiYjA1ZTI5YmZiYjRm
MGY2NzEwHhcNMjMwMTAxMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWIwZGY1NzZkMWUxY2ZkODgzOTJjMzlmMWZiMTJhODEyNjY0MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4c+TuKBoT9uoW6CsFkpi8d3RNNju
eesMPzTO6f7NAAOZ5MBycUN8eVTilMzS1Bo4eW1+AXf/ENZkK+3hegrzmVgJ7K5E
deJvlV81g4zI2guek4lsnfPPrkMKLcAnlx0rRRIf+sXocDisYfTjMBIj/4Tlsf2W
pCsVEGXolT7HLPatky1jcE/T4R5v1ftkagugEB9Xsb7yemsus7Qhvyl3nUfndIbP
RBo70nnP4lmjINiprX+QSGryy0vvpw8D8o8YP+2J8lhiTWGYomwnNSSsm28EpFel
MbrR8YgYz6w/Qc6KiMHm30q8eAKDAVyGWQ5BVkNCGU9nYzDCs4EJG9rGlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM6w31dtHhz9iDksOfH7EqgSZkEsMB8GA1UdIwQY
MBaAFMRBc4uquYix1oaTuwXim/u08PZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUt
NGM5OGQ5YTUxNDA1LzEvenJEZlYyMGVIUDJJT1N3NThmc1NxQkptUVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUtNGM5OGQ5YTUxNDA1
LzEveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAOsAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBn5xsohdS0xh7kPqvUk4PKHRE8j/gYAkVlmMRp
rd36d9RX1AasP9B9IkSV4s/4qgGDF25l3zxTKTnsCBYgxfOWQdSsatPCsAT/BH1L
mPhwj/Kbulz1dw45tyJxB7o3V/Cq/sXwf6GAEQSp7dWcWEmUOAdiwzTAH1D7ytfz
1axNij4JmDEUIHq/ub01mx+Zm+qf0YycDJcBLREhP1ajcmAMAVm8MGPlOhy4U023
iH1UrdFLMB8PXgUHrvx9o1+tXcVgnQ8wMY/esi1bbIM0T3BPzD/GQlJU8oP3+McT
SN6I0EGBAE+pG1TWqydNk728tPKXcgCLhw5pvTpMqlX0fuVN
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:04 2024 by rpki-client on console-ams.rpki-client.org