Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/zKA8-E_U-En0diPmI87zq5wpnN8.roa
File: zKA8-E_U-En0diPmI87zq5wpnN8.roa (raw, json)
Hash identifier: eVyx7tbSmaP+qFfY4yjEc2QP7gT8T6zt0r44/TvWKzg=
Subject key identifier: CC:A0:3C:F8:4F:D4:F8:49:F4:76:23:E6:23:CE:F3:AB:9C:29:9C:DF
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 01856E020070C6087D3D76475548C1024937
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/zKA8-E_U-En0diPmI87zq5wpnN8.roa
Signing time: Sun 01 Jan 2023 15:45:02 +0000
ROA not before: Sun 01 Jan 2023 15:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209289
IP address blocks: 2a09:aac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:02:00:70:c6:08:7d:3d:76:47:55:48:c1:02:49:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Jan 1 15:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cca03cf84fd4f849f47623e623cef3ab9c299cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6e:94:41:28:79:59:e7:f5:f7:82:5e:80:c8:
f0:3e:07:b8:55:7c:2e:df:3a:42:1d:08:9e:f7:a1:
af:74:cd:e0:fd:71:f7:04:36:9f:f7:9e:39:c5:fa:
6d:a8:4f:76:8c:27:6e:75:c8:74:ee:b9:da:ba:e7:
e5:69:b4:80:83:82:1f:c4:cb:c2:e3:4e:02:02:d2:
38:e6:f1:8f:a2:72:e3:0c:6a:8a:f3:fd:a5:78:7d:
65:7a:3d:e2:ea:5f:cf:70:74:00:af:e3:a0:8c:d7:
13:6c:a4:d9:3d:11:29:ea:f8:0d:88:12:15:ca:77:
88:85:b4:ba:f7:d4:d4:0f:07:4d:87:c0:ab:67:95:
c4:04:a6:21:71:09:01:cc:ac:62:4a:ac:e9:7d:24:
df:fc:36:40:19:9a:83:b2:4a:b6:26:a2:e5:56:7c:
9d:cf:2d:54:cc:55:ff:76:cb:ee:2e:0f:a5:30:5c:
9a:2c:31:58:30:3a:df:bf:fe:bc:0a:78:64:67:05:
dc:01:ef:b9:13:27:6d:fa:91:e5:08:50:bd:62:a3:
e9:09:29:79:21:37:64:e3:6e:42:9f:96:21:f5:12:
eb:fe:65:b9:57:62:88:71:07:1e:06:28:e2:19:d5:
5f:bf:9d:b5:48:a4:d2:fe:3a:ea:de:bc:a3:36:53:
0f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A0:3C:F8:4F:D4:F8:49:F4:76:23:E6:23:CE:F3:AB:9C:29:9C:DF
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/zKA8-E_U-En0diPmI87zq5wpnN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:c3:e5:c9:bb:83:2f:75:d0:55:6d:d0:76:34:1c:90:be:79:
64:4f:d7:27:6e:01:f3:91:a1:2c:be:07:d3:37:94:1c:b2:17:
82:9e:4c:49:97:13:9d:0c:c2:2a:31:b9:4e:10:af:21:a1:3a:
23:b9:67:3c:3e:2c:68:7e:50:c3:46:7b:71:8c:aa:50:19:40:
61:ec:17:5a:70:fc:4b:30:0b:58:92:45:05:6a:28:2c:39:60:
97:00:f4:86:f8:5d:f7:3e:4a:09:69:ae:99:91:e6:a9:cc:fe:
4e:63:97:a8:0d:90:25:12:79:7a:89:8a:0c:4e:cd:42:e9:17:
34:59:bc:2c:c6:85:21:ef:ad:ae:54:de:6b:b3:cf:ed:09:d8:
24:8e:45:1d:21:99:0f:5a:7c:99:2a:f5:b9:05:bd:b3:54:9e:
6d:e7:3b:65:bf:26:3e:85:ba:1e:d0:e3:a2:39:d2:c2:c0:af:
81:91:4d:5e:41:92:71:79:57:5d:04:4e:84:b3:9b:6f:19:30:
97:02:d1:8b:b2:dd:16:6a:92:dd:15:1c:b5:6b:68:04:58:c7:
25:02:98:97:12:cc:3d:3e:d7:67:29:c6:37:41:f9:2b:92:c0:
c1:27:1d:dd:a6:cf:99:67:87:35:e9:b6:a9:14:ec:4d:9f:4c:
59:61:3b:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuAgBwxgh9PXZHVUjBAkk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NGJmODBlNzJmNTBmMDliZjU2MzQ5M2ViZGIxMWEzNGJi
YTMxMmQwHhcNMjMwMTAxMTU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2EwM2NmODRmZDRmODQ5ZjQ3NjIzZTYyM2NlZjNhYjljMjk5Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh26UQSh5Wef194JegMjwPge4VXwu
3zpCHQie96GvdM3g/XH3BDaf9545xfptqE92jCdudch07rnauuflabSAg4IfxMvC
404CAtI45vGPonLjDGqK8/2leH1lej3i6l/PcHQAr+OgjNcTbKTZPREp6vgNiBIV
yneIhbS699TUDwdNh8CrZ5XEBKYhcQkBzKxiSqzpfSTf/DZAGZqDskq2JqLlVnyd
zy1UzFX/dsvuLg+lMFyaLDFYMDrfv/68CnhkZwXcAe+5Eydt+pHlCFC9YqPpCSl5
ITdk425Cn5Yh9RLr/mW5V2KIcQceBijiGdVfv521SKTS/jrq3ryjNlMPEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMygPPhP1PhJ9HYj5iPO86ucKZzfMB8GA1UdIwQY
MBaAFIhL+A5y9Q8Jv1Y0k+vbEaNLujEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGIt
MzZmOTg0N2FjMzViLzEvektBOC1FX1UtRW4wZGlQbUk4N3pxNXdwbk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGItMzZmOTg0N2FjMzVi
LzEvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmqwDAN
BgkqhkiG9w0BAQsFAAOCAQEAssPlybuDL3XQVW3QdjQckL55ZE/XJ24B85GhLL4H
0zeUHLIXgp5MSZcTnQzCKjG5ThCvIaE6I7lnPD4saH5Qw0Z7cYyqUBlAYewXWnD8
SzALWJJFBWooLDlglwD0hvhd9z5KCWmumZHmqcz+TmOXqA2QJRJ5eomKDE7NQukX
NFm8LMaFIe+trlTea7PP7QnYJI5FHSGZD1p8mSr1uQW9s1Sebec7Zb8mPoW6HtDj
ojnSwsCvgZFNXkGScXlXXQROhLObbxkwlwLRi7LdFmqS3RUctWtoBFjHJQKYlxLM
PT7XZynGN0H5K5LAwScd3abPmWeHNem2qRTsTZ9MWWE7TQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org