Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/zSgNtiw15vpybWyXB9sWIYgM3iI.roa
File: zSgNtiw15vpybWyXB9sWIYgM3iI.roa (raw, json)
Hash identifier: kNboRyFehryICKlVmoHxRhK1Mt/NqqPWk9nxcfpDmyA=
Subject key identifier: CD:28:0D:B6:2C:35:E6:FA:72:6D:6C:97:07:DB:16:21:88:0C:DE:22
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 0187E0AE29C5F93AC851F8097DDF89F99429
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/zSgNtiw15vpybWyXB9sWIYgM3iI.roa
Signing time: Wed 03 May 2023 08:15:22 +0000
ROA not before: Wed 03 May 2023 08:15:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a01:bb22:8000::/33 maxlen: 33
2a01:bb22::/33 maxlen: 33
2a01:bb20::/29 maxlen: 29
2a01:bb24::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:ae:29:c5:f9:3a:c8:51:f8:09:7d:df:89:f9:94:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: May 3 08:15:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd280db62c35e6fa726d6c9707db1621880cde22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:00:73:05:70:b0:91:cb:58:bf:98:4b:d9:
8d:34:b5:2d:05:03:04:86:eb:78:23:d8:b1:a7:1a:
8f:a7:e9:b7:b1:34:e4:99:99:83:dc:48:71:da:94:
e5:74:66:ea:58:ea:dc:4f:2f:3e:a2:a0:af:49:90:
44:5d:08:f6:51:bd:ee:e0:3e:e1:05:47:b9:4f:06:
47:f7:27:bb:9b:e1:42:87:60:70:fa:f0:1d:5f:db:
fa:e0:ad:01:b3:73:49:c4:fe:f8:d6:38:08:6a:9f:
c3:a8:39:04:3c:21:5e:4f:ff:cc:b7:8e:3f:c7:3c:
d0:00:39:83:e7:35:a2:62:3a:34:04:d8:6b:23:fe:
cb:25:1c:82:d6:32:24:59:15:ea:76:1c:9b:6f:46:
7b:f9:df:cb:c8:e7:de:8b:38:e4:1b:1b:6f:88:25:
9a:90:b7:dd:13:cd:68:0a:cf:c0:c4:1f:70:f0:2b:
b5:a9:bb:bf:64:19:74:0c:2e:bd:f1:5e:37:fe:ea:
c3:dc:fe:0f:99:f3:d9:7a:92:5b:57:7d:0a:35:c5:
a2:c8:47:4c:a6:ea:43:33:64:b7:bf:63:c4:09:ab:
b0:80:42:f2:aa:f7:7c:38:16:19:9e:46:e4:f6:fd:
d2:4b:f2:60:8f:53:44:95:10:f2:72:cb:86:11:5e:
8a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:28:0D:B6:2C:35:E6:FA:72:6D:6C:97:07:DB:16:21:88:0C:DE:22
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/zSgNtiw15vpybWyXB9sWIYgM3iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb20::/29
Signature Algorithm: sha256WithRSAEncryption
b7:d4:35:73:97:2d:50:6d:15:86:52:82:22:d3:4c:47:b4:6f:
a3:e0:86:af:85:19:e6:35:94:4f:88:4b:b4:79:4c:bc:12:e8:
04:e1:6b:7d:86:04:c9:02:04:75:da:05:7f:c1:bc:e4:61:ab:
b8:b9:82:0f:19:f2:c4:ed:0b:16:be:fd:50:d2:05:57:cd:34:
67:2e:20:d8:a8:3f:f6:f2:72:a9:72:a3:e5:76:6c:ef:31:51:
3d:78:b5:58:3a:e9:5b:6d:6e:6e:cb:52:8e:91:b9:56:d9:db:
1c:ac:57:2d:23:26:4f:d8:24:66:6c:43:b7:ba:5d:ac:67:fa:
29:6a:ee:68:bb:3e:cb:5c:63:a9:b8:e0:88:84:17:ea:9d:78:
65:83:29:a2:cc:79:9b:47:10:91:5d:2a:cd:f2:58:cc:cb:ad:
e6:90:86:dc:e0:fd:47:84:df:b4:c2:d8:e9:43:8b:55:16:47:
f3:a4:c3:fc:13:50:82:65:16:1e:89:5e:14:1c:0b:ee:58:d9:
c0:3f:62:2a:3f:75:b4:e6:6a:dc:4c:6d:f5:c6:16:49:e4:10:
e9:27:ac:4b:92:ab:ab:ea:91:0c:14:42:8b:3b:69:5b:d3:77:
82:d2:35:86:84:90:04:9e:0e:1c:75:b5:c4:dd:0c:06:75:36:
f3:9a:0b:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfgrinF+TrIUfgJfd+J+ZQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjMwNTAzMDgxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI4MGRiNjJjMzVlNmZhNzI2ZDZjOTcwN2RiMTYyMTg4MGNkZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxwAcwVwsJHLWL+YS9mNNLUtBQME
hut4I9ixpxqPp+m3sTTkmZmD3Ehx2pTldGbqWOrcTy8+oqCvSZBEXQj2Ub3u4D7h
BUe5TwZH9ye7m+FCh2Bw+vAdX9v64K0Bs3NJxP741jgIap/DqDkEPCFeT//Mt44/
xzzQADmD5zWiYjo0BNhrI/7LJRyC1jIkWRXqdhybb0Z7+d/LyOfeizjkGxtviCWa
kLfdE81oCs/AxB9w8Cu1qbu/ZBl0DC698V43/urD3P4PmfPZepJbV30KNcWiyEdM
pupDM2S3v2PECauwgELyqvd8OBYZnkbk9v3SS/Jgj1NElRDycsuGEV6KqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM0oDbYsNeb6cm1slwfbFiGIDN4iMB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvelNnTnRpdzE1dnB5Yld5WEI5c1dJWWdNM2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgG7IDAN
BgkqhkiG9w0BAQsFAAOCAQEAt9Q1c5ctUG0VhlKCItNMR7Rvo+CGr4UZ5jWUT4hL
tHlMvBLoBOFrfYYEyQIEddoFf8G85GGruLmCDxnyxO0LFr79UNIFV800Zy4g2Kg/
9vJyqXKj5XZs7zFRPXi1WDrpW21ubstSjpG5VtnbHKxXLSMmT9gkZmxDt7pdrGf6
KWruaLs+y1xjqbjgiIQX6p14ZYMposx5m0cQkV0qzfJYzMut5pCG3OD9R4TftMLY
6UOLVRZH86TD/BNQgmUWHoleFBwL7ljZwD9iKj91tOZq3Ext9cYWSeQQ6SesS5Kr
q+qRDBRCiztpW9N3gtI1hoSQBJ4OHHW1xN0MBnU285oLqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org