Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/zsf5VGzaroYdBRdcwg41W3jgTiM.roa
File: zsf5VGzaroYdBRdcwg41W3jgTiM.roa (raw, json)
Hash identifier: Y5TerNSI5PwGMopFA+6JdFBd50kescFA20+yR5p7usY=
Subject key identifier: CE:C7:F9:54:6C:DA:AE:86:1D:05:17:5C:C2:0E:35:5B:78:E0:4E:23
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA8136F48393E9BCB2317B937C82C9
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/zsf5VGzaroYdBRdcwg41W3jgTiM.roa
Signing time: Mon 02 Jan 2023 13:45:03 +0000
ROA not before: Mon 02 Jan 2023 13:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210590
IP address blocks: 2a0f:5707:111::/48 maxlen: 48
2a0f:5707:1000::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:81:36:f4:83:93:e9:bc:b2:31:7b:93:7c:82:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec7f9546cdaae861d05175cc20e355b78e04e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:45:52:76:cd:89:ce:dc:54:51:f7:5d:c4:f5:
c0:d8:f2:e7:82:ee:27:72:c4:8b:4c:3f:eb:aa:61:
8f:2a:47:7c:2f:4f:a0:f0:66:51:8c:4f:ab:b5:ed:
85:27:12:d3:18:78:bc:e2:f5:15:96:31:f2:cf:2d:
8d:30:51:e6:52:60:df:b8:be:4f:d7:c9:db:a3:2f:
56:8e:e6:22:5d:25:93:e3:31:95:d7:9e:ff:e0:d7:
fd:e1:aa:d6:41:02:66:47:81:58:42:71:02:87:f0:
f6:03:8e:35:b2:a5:46:d5:a5:07:76:17:e4:b5:f1:
56:0b:ed:92:09:27:e3:af:8e:c2:70:9c:ea:94:03:
3f:b3:b1:d4:3b:7c:1f:9e:a2:1a:db:c5:f5:78:9d:
be:46:79:70:3a:50:9a:77:74:87:6d:78:fa:f3:05:
26:e6:3a:f6:99:a1:5f:50:86:a5:00:68:d4:f2:13:
2b:53:32:00:85:10:1e:5a:5c:4b:9b:a3:3c:fb:e8:
15:ee:84:8d:a2:50:de:25:cc:07:0f:d8:94:dd:0a:
e4:72:cb:c4:71:69:89:bf:f1:0a:7f:98:5b:85:16:
6a:e9:74:9b:b6:31:60:5a:a3:9e:86:5c:87:7e:a6:
3f:f1:62:34:b7:50:bd:44:1c:c0:4a:17:6e:bc:44:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C7:F9:54:6C:DA:AE:86:1D:05:17:5C:C2:0E:35:5B:78:E0:4E:23
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/zsf5VGzaroYdBRdcwg41W3jgTiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:111::/48
2a0f:5707:1000::/44
Signature Algorithm: sha256WithRSAEncryption
04:d7:46:94:5f:0c:89:d8:c7:ce:69:86:f2:ba:5b:ba:a1:d0:
fd:38:01:28:e9:7d:0c:5b:ec:54:b3:e4:29:19:7f:1f:b7:f1:
24:9e:9f:ee:b4:30:3a:9e:e9:c1:a3:b8:7d:55:d1:6a:71:0e:
dc:1e:db:87:71:95:1f:99:69:08:22:3f:2b:d1:7c:16:43:e5:
d6:25:e8:e3:67:61:ac:e0:0a:ac:0f:4d:04:4c:e6:31:a0:68:
38:39:fd:3d:72:c6:b8:01:03:2b:7d:60:64:2a:a8:f3:e0:04:
17:16:d1:73:f3:7c:7f:60:4c:de:75:8b:e7:de:dd:14:b1:e5:
1f:13:c7:9b:f9:95:fe:23:7b:aa:a6:36:30:4e:b5:bb:82:0b:
6d:a3:6b:41:f3:0a:68:5e:7a:88:89:8b:fa:67:11:a3:4d:bc:
1f:3a:6d:52:37:64:6c:d5:32:b4:74:1c:26:d8:d9:e4:6c:17:
54:c0:a7:8e:ca:af:98:0e:d1:b0:e8:fb:9e:d3:32:39:43:ae:
d3:37:66:f5:92:1c:8c:7f:58:55:09:54:7a:ea:23:e4:69:7d:
bb:28:45:92:3b:8c:b8:40:54:60:2c:eb:5c:ed:ce:73:6c:f7:
cf:2f:75:a9:28:74:62:ab:0d:d4:f2:d8:93:16:9b:93:9f:e4:
88:52:fb:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyuoE29IOT6byyMXuTfILJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWM3Zjk1NDZjZGFhZTg2MWQwNTE3NWNjMjBlMzU1Yjc4ZTA0ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkVSds2JztxUUfddxPXA2PLngu4n
csSLTD/rqmGPKkd8L0+g8GZRjE+rte2FJxLTGHi84vUVljHyzy2NMFHmUmDfuL5P
18nboy9WjuYiXSWT4zGV157/4Nf94arWQQJmR4FYQnECh/D2A441sqVG1aUHdhfk
tfFWC+2SCSfjr47CcJzqlAM/s7HUO3wfnqIa28X1eJ2+RnlwOlCad3SHbXj68wUm
5jr2maFfUIalAGjU8hMrUzIAhRAeWlxLm6M8++gV7oSNolDeJcwHD9iU3QrkcsvE
cWmJv/EKf5hbhRZq6XSbtjFgWqOehlyHfqY/8WI0t1C9RBzAShduvETTIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM7H+VRs2q6GHQUXXMIONVt44E4jMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvenNmNVZHemFyb1lkQlJkY3dnNDFXM2pnVGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9XBwER
AwcEKg9XBxAAMA0GCSqGSIb3DQEBCwUAA4IBAQAE10aUXwyJ2MfOaYbyulu6odD9
OAEo6X0MW+xUs+QpGX8ft/Eknp/utDA6nunBo7h9VdFqcQ7cHtuHcZUfmWkIIj8r
0XwWQ+XWJejjZ2Gs4AqsD00ETOYxoGg4Of09csa4AQMrfWBkKqjz4AQXFtFz83x/
YEzedYvn3t0UseUfE8eb+ZX+I3uqpjYwTrW7ggtto2tB8wpoXnqIiYv6ZxGjTbwf
Om1SN2Rs1TK0dBwm2NnkbBdUwKeOyq+YDtGw6Pue0zI5Q67TN2b1khyMf1hVCVR6
6iPkaX27KEWSO4y4QFRgLOtc7c5zbPfPL3WpKHRiqw3U8tiTFpuTn+SIUvvc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org