Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/zCFmY_055jmNsWO9e7J_6ktRNMg.roa
File: zCFmY_055jmNsWO9e7J_6ktRNMg.roa (raw, json)
Hash identifier: 0a+Z80XfpHW3ow4lk+/kheGa8R5PFLPb64bkz6h8C5U=
Subject key identifier: CC:21:66:63:FD:39:E6:39:8D:B1:63:BD:7B:B2:7F:EA:4B:51:34:C8
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 018573280E36CFD777437F3A97C500260C63
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/zCFmY_055jmNsWO9e7J_6ktRNMg.roa
Signing time: Mon 02 Jan 2023 15:44:42 +0000
ROA not before: Mon 02 Jan 2023 15:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212125
IP address blocks: 2a06:89c2:3003::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 28 Jan 2023 12:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:0e:36:cf:d7:77:43:7f:3a:97:c5:00:26:0c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Jan 2 15:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc216663fd39e6398db163bd7bb27fea4b5134c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:a9:c2:4c:23:98:20:fa:5e:14:ae:66:bd:
a6:53:a0:ec:d8:97:78:54:5c:df:a0:96:39:da:2b:
a9:3b:23:01:ad:40:50:65:a9:95:b2:51:8a:68:43:
7f:86:70:24:ca:c7:08:35:59:ea:a3:a9:8e:aa:57:
9d:58:a3:7f:b9:44:32:40:f7:a9:9c:71:4a:c6:c7:
11:89:df:ab:0c:b0:91:15:ac:f4:b8:69:11:41:6c:
6b:fd:1f:b1:13:e4:69:88:e7:fc:d3:c9:fa:98:23:
ba:d4:77:6c:17:a3:ee:d3:25:fa:ea:38:c5:24:aa:
94:65:ab:53:78:1e:13:ac:94:e8:36:5a:aa:6d:01:
9c:cd:3a:26:55:93:ea:28:12:f9:53:2b:49:18:21:
d8:f8:8c:ff:f9:e7:4a:16:b7:38:20:4e:98:7b:85:
d3:8b:52:62:f3:77:c2:af:3b:06:7b:85:37:1d:91:
95:16:c3:3e:5e:47:da:95:c6:90:65:f1:68:c6:84:
ce:7b:7a:75:d3:78:1b:ee:be:27:09:a1:49:24:20:
36:51:93:db:5d:6d:d3:6a:a3:0b:26:01:5c:a9:6d:
62:0d:4c:e6:73:82:bc:c3:d4:7a:b3:6f:6a:62:05:
86:e2:ac:97:e3:f3:f9:2f:45:a5:19:70:17:6b:42:
54:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:21:66:63:FD:39:E6:39:8D:B1:63:BD:7B:B2:7F:EA:4B:51:34:C8
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/zCFmY_055jmNsWO9e7J_6ktRNMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:89c2:3003::/48
Signature Algorithm: sha256WithRSAEncryption
4b:bf:29:94:50:ad:d6:d8:8f:ce:7e:a6:d0:e5:e1:b8:b9:e3:
fe:32:f0:59:d4:2c:c5:98:d9:52:20:96:d2:68:3b:f2:11:26:
73:02:d9:11:4b:c0:77:76:40:38:70:8d:34:a1:c2:55:96:c0:
2d:8c:da:d7:8a:d3:bd:bd:b1:82:2b:b0:a0:d2:0a:db:bd:6b:
85:a7:29:55:02:af:10:df:43:2c:02:5a:24:4a:23:74:be:13:
56:72:6c:42:70:fe:bb:7f:0e:6b:4c:2f:5f:99:ef:d4:bc:26:
52:98:aa:2d:8a:61:6b:3c:c4:c6:50:27:bd:d3:1c:1b:d1:46:
87:24:50:17:24:be:4a:37:9b:08:74:6a:ab:49:05:06:ad:7a:
98:2f:16:e5:e4:6e:80:0c:4a:03:a6:70:a7:37:c2:2b:f6:eb:
24:eb:a9:99:40:a9:f1:7c:2d:16:e0:5d:19:78:38:f7:64:23:
0a:26:b9:b8:98:04:44:bf:e2:5f:b6:78:50:f7:b4:4d:8b:65:
ba:0b:69:05:5f:e8:aa:af:30:42:95:32:96:ee:06:1b:75:9c:
c0:9b:76:11:c4:9c:1b:ed:2c:e5:41:8a:a8:f4:e5:a8:20:9e:
14:3b:aa:14:b7:1d:9a:80:ca:80:29:cf:f3:46:c7:db:7b:0a:
4d:de:62:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzKA42z9d3Q386l8UAJgxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwMTAyMTU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIxNjY2M2ZkMzllNjM5OGRiMTYzYmQ3YmIyN2ZlYTRiNTEzNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+pwkwjmCD6XhSuZr2mU6Ds2Jd4
VFzfoJY52iupOyMBrUBQZamVslGKaEN/hnAkyscINVnqo6mOqledWKN/uUQyQPep
nHFKxscRid+rDLCRFaz0uGkRQWxr/R+xE+RpiOf808n6mCO61HdsF6Pu0yX66jjF
JKqUZatTeB4TrJToNlqqbQGczTomVZPqKBL5UytJGCHY+Iz/+edKFrc4IE6Ye4XT
i1Ji83fCrzsGe4U3HZGVFsM+XkfalcaQZfFoxoTOe3p103gb7r4nCaFJJCA2UZPb
XW3TaqMLJgFcqW1iDUzmc4K8w9R6s29qYgWG4qyX4/P5L0WlGXAXa0JU3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMwhZmP9OeY5jbFjvXuyf+pLUTTIMB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvekNGbVlfMDU1am1Oc1dPOWU3Sl82a3RSTk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaJwjAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBLvymUUK3W2I/OfqbQ5eG4ueP+MvBZ1CzFmNlS
IJbSaDvyESZzAtkRS8B3dkA4cI00ocJVlsAtjNrXitO9vbGCK7Cg0grbvWuFpylV
Aq8Q30MsAlokSiN0vhNWcmxCcP67fw5rTC9fme/UvCZSmKotimFrPMTGUCe90xwb
0UaHJFAXJL5KN5sIdGqrSQUGrXqYLxbl5G6ADEoDpnCnN8Ir9usk66mZQKnxfC0W
4F0ZeDj3ZCMKJrm4mAREv+JftnhQ97RNi2W6C2kFX+iqrzBClTKW7gYbdZzAm3YR
xJwb7SzlQYqo9OWoIJ4UO6oUtx2agMqAKc/zRsfbewpN3mIH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org