Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZoyVzddjmP0nPr5CCEeGfTws1og.roa
File: ZoyVzddjmP0nPr5CCEeGfTws1og.roa (raw, json)
Hash identifier: MqaTqr/agxU0eeOcLxB6Gml9KfUycrg7KK10SsEl644=
Subject key identifier: 66:8C:95:CD:D7:63:98:FD:27:3E:BE:42:08:47:86:7D:3C:2C:D6:88
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018BC7ED455457F7AD2CA231CF881EBF5534
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZoyVzddjmP0nPr5CCEeGfTws1og.roa
Signing time: Mon 13 Nov 2023 09:04:57 +0000
ROA not before: Mon 13 Nov 2023 09:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Nov 2023 07:46:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:ed:45:54:57:f7:ad:2c:a2:31:cf:88:1e:bf:55:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 13 09:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=668c95cdd76398fd273ebe420847867d3c2cd688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:74:08:d1:14:4a:eb:b1:db:fe:e5:22:5c:23:
6d:14:b8:ae:7a:e9:1d:d1:47:7e:ba:4e:73:dd:92:
03:64:19:a7:38:83:87:7b:88:30:5c:5a:2f:b7:67:
f9:f9:3b:7b:06:23:21:fd:48:f7:0e:3b:72:86:33:
39:20:ca:85:ab:40:9c:40:e3:41:cf:44:76:f7:f1:
80:f8:f1:a6:8a:e4:da:53:a9:a5:eb:c6:05:23:d3:
6f:98:5a:60:c7:d4:58:7f:c2:71:d4:20:43:d6:71:
e3:71:6b:23:4b:65:4d:76:3e:ec:c0:9d:85:74:be:
b7:32:2a:64:e0:6a:79:73:07:bd:43:3f:d9:e2:3a:
75:59:5d:75:46:53:0f:16:df:29:04:d5:ca:17:0a:
49:0d:f0:52:1b:cb:15:29:55:36:ba:6e:c2:9e:ce:
06:fb:87:1a:c4:e7:f1:09:c9:a4:a2:c9:5d:ae:f7:
53:69:a0:25:0b:c0:46:7a:40:20:1f:5f:a3:3a:b3:
42:88:ec:b1:18:09:62:d4:12:07:d4:2b:b0:f5:9d:
55:15:c7:61:0e:40:ab:4a:2e:f2:10:76:51:29:90:
18:f1:16:d0:e4:63:7d:60:ba:7c:6d:aa:aa:4e:6e:
3e:7a:7f:a7:3d:27:e3:e0:e3:4e:f9:b7:40:0e:b4:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8C:95:CD:D7:63:98:FD:27:3E:BE:42:08:47:86:7D:3C:2C:D6:88
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZoyVzddjmP0nPr5CCEeGfTws1og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bf:8b:c1:b3:2a:e7:ba:05:67:8a:d1:5f:11:bb:14:53:79:4e:
a3:ed:d1:58:63:f2:af:19:15:58:71:4d:dd:d1:76:24:ba:ef:
07:fa:f7:da:8e:9f:a1:e9:e3:5f:a1:49:02:83:b6:53:bb:9d:
fd:f7:eb:9d:df:23:ec:05:19:1e:47:04:27:b5:81:01:03:2b:
9d:57:c3:f9:9a:8a:92:6d:80:d2:90:c2:d3:58:7b:ce:84:9c:
d4:1e:06:55:0d:af:15:00:f4:a2:5b:22:39:9d:c0:38:20:74:
cb:14:90:c6:45:ad:3b:54:e6:2d:b7:1d:b7:b0:00:6e:35:58:
c0:8b:85:34:ba:78:17:fc:01:e6:d6:29:0e:51:e3:92:34:d9:
ba:46:41:06:f6:a6:8c:fb:18:db:69:0f:5d:4a:a4:a1:d7:dc:
d5:0a:6b:c0:ea:a5:6d:e5:8b:61:35:95:a8:85:9c:87:0d:f9:
d9:9f:18:70:1d:72:46:df:fd:c9:de:d4:fb:72:03:56:a0:1c:
81:bc:20:31:5c:dd:46:f2:ef:f4:90:4a:82:2e:04:47:86:0f:
78:44:57:59:1d:dd:8e:3a:33:61:f0:25:34:1b:e3:a1:27:d2:
f3:f6:0c:30:2c:01:f2:b1:6d:e2:49:8f:27:4c:19:b3:bf:25:
f1:4e:6f:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvH7UVUV/etLKIxz4gev1U0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTEzMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhjOTVjZGQ3NjM5OGZkMjczZWJlNDIwODQ3ODY3ZDNjMmNkNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHQI0RRK67Hb/uUiXCNtFLiueukd
0Ud+uk5z3ZIDZBmnOIOHe4gwXFovt2f5+Tt7BiMh/Uj3DjtyhjM5IMqFq0CcQONB
z0R29/GA+PGmiuTaU6ml68YFI9NvmFpgx9RYf8Jx1CBD1nHjcWsjS2VNdj7swJ2F
dL63Mipk4Gp5cwe9Qz/Z4jp1WV11RlMPFt8pBNXKFwpJDfBSG8sVKVU2um7Cns4G
+4caxOfxCcmkosldrvdTaaAlC8BGekAgH1+jOrNCiOyxGAli1BIH1Cuw9Z1VFcdh
DkCrSi7yEHZRKZAY8RbQ5GN9YLp8baqqTm4+en+nPSfj4ONO+bdADrTo3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGaMlc3XY5j9Jz6+QghHhn08LNaIMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWm95VnpkZGptUDBuUHI1Q0NFZUdmVHdzMW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKg8nQDAO
AwUAKg/jgwMFASoP44QwDQYJKoZIhvcNAQELBQADggEBAL+LwbMq57oFZ4rRXxG7
FFN5TqPt0Vhj8q8ZFVhxTd3RdiS67wf699qOn6Hp41+hSQKDtlO7nf33653fI+wF
GR5HBCe1gQEDK51Xw/maipJtgNKQwtNYe86EnNQeBlUNrxUA9KJbIjmdwDggdMsU
kMZFrTtU5i23HbewAG41WMCLhTS6eBf8AebWKQ5R45I02bpGQQb2poz7GNtpD11K
pKHX3NUKa8DqpW3li2E1laiFnIcN+dmfGHAdckbf/cne1PtyA1agHIG8IDFc3Uby
7/SQSoIuBEeGD3hEV1kd3Y46M2HwJTQb46En0vP2DDAsAfKxbeJJjydMGbO/JfFO
bxE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org