Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/zUx9FAZizZSbuoMNnciAEOE6X5s.roa
File: zUx9FAZizZSbuoMNnciAEOE6X5s.roa (raw, json)
Hash identifier: G1BNNHmSPCWAY6SndhyNku1v3TQnyhPZ+AS4ffpWlLw=
Subject key identifier: CD:4C:7D:14:06:62:CD:94:9B:BA:83:0D:9D:C8:80:10:E1:3A:5F:9B
Certificate issuer: /CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Certificate serial: 018CCAE647963E4460ED47AC73CE06AC8F77
Authority key identifier: E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/zUx9FAZizZSbuoMNnciAEOE6X5s.roa
Signing time: Tue 02 Jan 2024 15:58:58 +0000
ROA not before: Tue 02 Jan 2024 15:58:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28788
IP address blocks: 2a03:71e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Mar 2024 12:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:e6:47:96:3e:44:60:ed:47:ac:73:ce:06:ac:8f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Validity
Not Before: Jan 2 15:58:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd4c7d140662cd949bba830d9dc88010e13a5f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b8:cd:58:50:c7:4b:fe:e6:d6:25:bd:c5:fa:
8a:47:7a:fe:b0:aa:f8:25:0e:8c:dd:00:a4:f2:34:
43:dc:b8:11:17:2f:62:ef:6b:c2:6e:2d:d3:a8:9b:
d0:eb:54:e4:ff:65:b8:51:13:a3:2a:1b:43:55:8c:
2d:e3:d7:44:b2:2c:38:59:56:de:8c:d2:4d:70:17:
d1:72:c3:cc:7c:a0:8e:38:0c:eb:ce:cf:75:ff:dc:
41:15:4e:23:e6:96:5c:05:65:9b:29:b9:1b:98:e8:
3d:8b:9b:94:4b:f5:1b:7a:87:69:89:12:61:c7:55:
fa:a4:44:8d:8c:80:51:d6:ca:0a:ec:a4:ff:c3:fc:
23:7c:df:80:32:47:1c:41:97:1a:1b:02:24:1b:5f:
6d:73:22:1d:a1:f0:21:7a:f8:c1:0e:d6:a0:49:23:
8e:56:b4:6f:5a:fc:fa:06:41:3d:93:db:51:99:50:
48:d9:d2:0c:52:d9:97:5a:7e:ca:8d:5c:de:de:36:
85:a1:18:b4:0b:1d:dd:f0:59:cd:37:1e:74:c7:43:
e1:19:d1:f0:dc:fb:26:0b:c1:21:1b:7f:c5:05:4f:
f8:8d:ac:74:cd:e5:3b:3c:e0:b7:28:f4:45:9c:f9:
85:56:b7:3c:00:69:9c:4a:cf:a7:16:23:d2:77:4a:
16:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4C:7D:14:06:62:CD:94:9B:BA:83:0D:9D:C8:80:10:E1:3A:5F:9B
X509v3 Authority Key Identifier:
keyid:E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/zUx9FAZizZSbuoMNnciAEOE6X5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:71e0::/32
Signature Algorithm: sha256WithRSAEncryption
85:a5:d6:6b:54:49:b2:b1:ab:be:3a:9a:c7:8d:1b:fb:41:29:
54:55:81:aa:c1:80:72:75:b4:1d:c3:58:ff:5b:79:50:5a:2a:
5d:f1:5e:50:79:62:6c:9c:4c:3a:30:bc:3e:00:55:65:0d:d5:
38:9d:10:51:1d:34:5e:03:ba:36:96:5c:3c:fa:f1:72:66:ae:
2a:71:83:97:69:5f:6e:a1:da:13:0d:72:8d:67:7d:91:94:4f:
33:1f:10:25:0a:8e:fa:c2:07:f8:b5:bf:79:b1:69:55:b9:31:
57:90:71:9a:73:1c:3d:29:d8:b8:90:60:b5:84:f4:ad:7e:d8:
0c:cf:62:86:aa:18:65:bb:68:d4:71:a7:a5:27:e7:53:21:ba:
73:25:b9:c5:fe:1a:e0:b9:9a:21:20:1b:fe:9a:b6:7b:9d:f9:
e8:d8:d0:5c:96:13:2e:c7:8c:c0:fd:03:07:a4:65:5f:94:ac:
4f:de:d0:29:5a:7e:f2:f7:f3:6c:5a:84:4c:cc:e2:54:c7:56:
d5:88:ed:c7:48:83:8c:e1:c1:3d:93:a8:41:2d:f1:c6:4a:8a:
df:d5:16:ba:1e:59:3c:3b:65:3b:c0:61:7a:84:b3:71:ac:f4:
cd:21:d9:a2:78:aa:01:49:d8:af:c9:c1:d8:e5:1d:f3:52:a9:
86:c7:1e:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzK5keWPkRg7Uesc84GrI93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzFiMDgwZDRlYTZmZDA2MTZhNmU3MDFjN2M4MTVkNmZm
ODdjMDAwHhcNMjQwMTAyMTU1ODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDRjN2QxNDA2NjJjZDk0OWJiYTgzMGQ5ZGM4ODAxMGUxM2E1ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbjNWFDHS/7m1iW9xfqKR3r+sKr4
JQ6M3QCk8jRD3LgRFy9i72vCbi3TqJvQ61Tk/2W4UROjKhtDVYwt49dEsiw4WVbe
jNJNcBfRcsPMfKCOOAzrzs91/9xBFU4j5pZcBWWbKbkbmOg9i5uUS/UbeodpiRJh
x1X6pESNjIBR1soK7KT/w/wjfN+AMkccQZcaGwIkG19tcyIdofAhevjBDtagSSOO
VrRvWvz6BkE9k9tRmVBI2dIMUtmXWn7KjVze3jaFoRi0Cx3d8FnNNx50x0PhGdHw
3PsmC8EhG3/FBU/4jax0zeU7POC3KPRFnPmFVrc8AGmcSs+nFiPSd0oWiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM1MfRQGYs2Um7qDDZ3IgBDhOl+bMB8GA1UdIwQY
MBaAFOYxsIDU6m/QYWpucBx8gV1v+HwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWIt
OTNiM2EzNjk2ZDk2LzEvelV4OUZBWml6WlNidW9NTm5jaUFFT0U2WDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWItOTNiM2EzNjk2ZDk2
LzEvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNx4DAN
BgkqhkiG9w0BAQsFAAOCAQEAhaXWa1RJsrGrvjqax40b+0EpVFWBqsGAcnW0HcNY
/1t5UFoqXfFeUHlibJxMOjC8PgBVZQ3VOJ0QUR00XgO6NpZcPPrxcmauKnGDl2lf
bqHaEw1yjWd9kZRPMx8QJQqO+sIH+LW/ebFpVbkxV5BxmnMcPSnYuJBgtYT0rX7Y
DM9ihqoYZbto1HGnpSfnUyG6cyW5xf4a4LmaISAb/pq2e5356NjQXJYTLseMwP0D
B6RlX5SsT97QKVp+8vfzbFqETMziVMdW1Yjtx0iDjOHBPZOoQS3xxkqK39UWuh5Z
PDtlO8BheoSzcaz0zSHZoniqAUnYr8nB2OUd81KphscemA==
-----END CERTIFICATE-----
Generated at Fri Mar 8 17:09:51 2024 by rpki-client on console-ams.rpki-client.org