Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/RZR7dezsGTvIO1qQ2xULc6na_40.roa
File: RZR7dezsGTvIO1qQ2xULc6na_40.roa (raw, json)
Hash identifier: OTKbtbsBoq3WtQqA71VsMdEoFJ0FcDm/yW0B9cnjFkk=
Subject key identifier: 45:94:7B:75:EC:EC:19:3B:C8:3B:5A:90:DB:15:0B:73:A9:DA:FF:8D
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C3165CA58E8F5C8510AAC20775855D
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/RZR7dezsGTvIO1qQ2xULc6na_40.roa
Signing time: Mon 02 Jan 2023 09:14:48 +0000
ROA not before: Mon 02 Jan 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35077
IP address blocks: 2a06:e881:9500::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Apr 2023 13:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:16:5c:a5:8e:8f:5c:85:10:aa:c2:07:75:85:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45947b75ecec193bc83b5a90db150b73a9daff8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c1:9f:ad:11:f7:b5:47:fe:d6:9c:f9:0f:02:
ba:c0:70:7e:16:73:69:50:7a:0a:9d:c5:50:02:93:
ae:11:7f:ed:7e:0c:d3:50:39:c7:b8:4a:ad:23:49:
84:40:4e:e5:3f:bc:f8:07:2f:76:a7:13:d6:98:a6:
ad:cc:6b:56:cc:38:34:fc:37:0f:e3:c2:e9:1d:da:
3f:e0:4b:c1:a1:3f:b7:1e:0f:93:06:7e:7e:49:71:
7c:49:d2:24:d6:a7:55:9a:1c:20:c2:52:af:26:37:
dc:d2:78:5d:26:09:86:bd:08:db:75:2d:6e:63:ec:
1a:53:c0:d0:b1:07:9c:ce:d8:ec:4e:ef:34:cd:39:
db:79:1e:83:93:fb:86:cc:8f:b3:a3:9b:5a:c5:79:
53:15:b9:36:74:51:5e:b1:96:58:c5:6f:59:e0:18:
8b:0e:97:13:62:82:8d:11:ff:c7:69:ee:08:5d:fa:
da:cc:78:6d:49:62:8f:32:a3:3e:0d:f0:a7:6d:11:
67:ca:22:85:a2:8b:67:fa:a0:d7:c1:2f:7c:f0:ca:
58:77:46:54:c6:5c:6d:b4:e6:07:a1:46:d5:da:f9:
72:db:17:71:42:b6:70:13:23:a6:1a:ed:20:8c:8c:
ea:a3:6d:3b:42:19:3d:7d:c4:33:1f:52:ad:11:20:
f0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:94:7B:75:EC:EC:19:3B:C8:3B:5A:90:DB:15:0B:73:A9:DA:FF:8D
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/RZR7dezsGTvIO1qQ2xULc6na_40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:9500::/48
Signature Algorithm: sha256WithRSAEncryption
7b:9e:b0:05:61:9d:ec:78:b0:a8:2a:f5:4c:ff:cb:c1:2c:e8:
85:e1:02:ef:10:a5:b5:a5:a2:3a:1f:7d:8d:6b:0b:82:d5:24:
0d:4e:1b:51:b1:26:5a:59:41:4f:fc:07:72:98:57:b6:3c:28:
b2:4d:50:a1:eb:ee:fa:ff:7a:bf:6a:56:61:6f:db:6b:85:fb:
79:79:b1:4d:b2:f0:ba:c8:81:91:84:be:97:b7:64:83:02:c5:
72:84:54:99:0b:e6:93:7a:4c:b6:04:23:05:25:28:d8:3e:a3:
24:0d:c1:42:e0:61:99:7b:39:70:9a:72:84:dc:37:79:cc:83:
9c:e0:33:39:6e:b1:f7:3a:92:cc:01:70:1c:fe:32:9c:17:6b:
24:cd:7d:c2:5e:87:62:1c:11:e2:2d:6d:ed:c8:1f:63:12:47:
b1:ff:20:af:8e:e2:e7:59:f7:f4:4e:c1:b7:84:da:d8:3f:44:
96:b6:05:d7:1c:d3:f6:18:30:d3:d6:a0:37:95:bd:59:9d:40:
9a:36:bb:3e:26:19:1b:ce:c8:82:50:38:6e:f4:91:8d:8b:71:
28:4b:b6:e0:10:5f:e5:90:ad:8f:73:80:87:37:83:59:ee:06:
62:d4:bf:f4:d6:5c:09:3f:95:e7:a2:d8:c7:4e:d7:36:9b:38:
c2:95:54:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwxZcpY6PXIUQqsIHdYVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk0N2I3NWVjZWMxOTNiYzgzYjVhOTBkYjE1MGI3M2E5ZGFmZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcGfrRH3tUf+1pz5DwK6wHB+FnNp
UHoKncVQApOuEX/tfgzTUDnHuEqtI0mEQE7lP7z4By92pxPWmKatzGtWzDg0/DcP
48LpHdo/4EvBoT+3Hg+TBn5+SXF8SdIk1qdVmhwgwlKvJjfc0nhdJgmGvQjbdS1u
Y+waU8DQsQecztjsTu80zTnbeR6Dk/uGzI+zo5taxXlTFbk2dFFesZZYxW9Z4BiL
DpcTYoKNEf/Hae4IXfrazHhtSWKPMqM+DfCnbRFnyiKFootn+qDXwS988MpYd0ZU
xlxttOYHoUbV2vly2xdxQrZwEyOmGu0gjIzqo207Qhk9fcQzH1KtESDwKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEWUe3Xs7Bk7yDtakNsVC3Op2v+NMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUlpSN2RlenNHVHZJTzFxUTJ4VUxjNm5hXzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogZUA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7nrAFYZ3seLCoKvVM/8vBLOiF4QLvEKW1paI6
H32NawuC1SQNThtRsSZaWUFP/AdymFe2PCiyTVCh6+76/3q/alZhb9trhft5ebFN
svC6yIGRhL6Xt2SDAsVyhFSZC+aTeky2BCMFJSjYPqMkDcFC4GGZezlwmnKE3Dd5
zIOc4DM5brH3OpLMAXAc/jKcF2skzX3CXodiHBHiLW3tyB9jEkex/yCvjuLnWff0
TsG3hNrYP0SWtgXXHNP2GDDT1qA3lb1ZnUCaNrs+JhkbzsiCUDhu9JGNi3EoS7bg
EF/lkK2Pc4CHN4NZ7gZi1L/01lwJP5XnotjHTtc2mzjClVS7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org