Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/ZBrUKSGrWNg6oT3caDDs7mh1wEA.roa
File: ZBrUKSGrWNg6oT3caDDs7mh1wEA.roa (raw, json)
Hash identifier: HXObu9QC3AFU/1Wf4BDLBKTE0qAKUYoTge0n1iU1jGY=
Subject key identifier: 64:1A:D4:29:21:AB:58:D8:3A:A1:3D:DC:68:30:EC:EE:68:75:C0:40
Certificate issuer: /CN=43fd9362e83b852f3fd3311b09096f6289a6a0f8
Certificate serial: 01857315D5B63F65095C2D9F76BE977059B4
Authority key identifier: 43:FD:93:62:E8:3B:85:2F:3F:D3:31:1B:09:09:6F:62:89:A6:A0:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_2TYug7hS8_0zEbCQlvYommoPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/ZBrUKSGrWNg6oT3caDDs7mh1wEA.roa
Signing time: Mon 02 Jan 2023 15:24:48 +0000
ROA not before: Mon 02 Jan 2023 15:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207576
IP address blocks: 2001:67c:2d38::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d5:b6:3f:65:09:5c:2d:9f:76:be:97:70:59:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fd9362e83b852f3fd3311b09096f6289a6a0f8
Validity
Not Before: Jan 2 15:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=641ad42921ab58d83aa13ddc6830ecee6875c040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c4:56:e4:ab:f8:d9:e9:a1:8e:c4:3f:6b:6f:
62:61:5c:70:ea:ac:e1:03:87:c5:cf:58:6e:46:29:
17:24:a0:82:88:10:b4:62:35:28:d1:11:32:c0:2a:
81:c7:f8:d1:71:0c:e9:55:e5:a2:55:ed:38:16:a1:
ed:0b:a5:80:80:10:8b:28:71:96:65:46:77:43:9b:
c6:6e:01:1f:d3:cd:48:ae:09:69:02:ad:5e:34:7f:
72:03:55:85:80:9b:0e:43:82:2f:a6:a6:39:4b:71:
54:83:f4:00:f0:38:84:4b:c9:08:22:f8:a8:94:8f:
3c:52:0b:2c:54:43:6e:5b:54:6c:ef:83:b3:4f:0b:
5b:db:d7:fc:61:4d:1e:31:ae:fc:07:47:a3:89:13:
dc:5d:ed:d7:54:ed:ac:8a:c9:57:c7:50:57:61:c7:
6b:ef:55:d6:50:4c:ce:a6:5f:fd:35:38:3c:5f:b0:
0c:f8:eb:31:6b:5f:38:eb:e3:b3:4d:f2:cf:ed:f8:
9d:13:b5:59:74:22:ae:d2:c5:2b:e3:ee:3c:aa:82:
71:77:4f:2b:4c:a8:42:05:ad:b0:56:15:e9:fb:ef:
cb:44:1c:82:6a:43:50:97:27:98:d2:d3:25:b5:e6:
fe:6d:84:2c:16:91:27:0a:5f:3f:b7:b8:67:5c:48:
d3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1A:D4:29:21:AB:58:D8:3A:A1:3D:DC:68:30:EC:EE:68:75:C0:40
X509v3 Authority Key Identifier:
keyid:43:FD:93:62:E8:3B:85:2F:3F:D3:31:1B:09:09:6F:62:89:A6:A0:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_2TYug7hS8_0zEbCQlvYommoPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/ZBrUKSGrWNg6oT3caDDs7mh1wEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d38::/48
Signature Algorithm: sha256WithRSAEncryption
0b:99:79:00:95:f7:29:8d:6d:96:f8:7a:6c:d2:88:04:3c:73:
7e:bb:e6:cd:ba:c1:ea:ab:f5:ec:42:9c:f5:1c:69:ed:aa:e7:
07:1b:f0:85:3f:c6:c1:f3:02:e5:94:a6:ff:3c:ec:42:68:01:
fa:ab:25:88:61:31:b4:e5:5a:98:eb:50:3c:e7:14:db:f5:18:
e2:82:3e:19:8a:c3:fe:f0:2f:26:b1:a0:ce:64:ae:35:a0:3b:
68:44:82:a2:94:94:5e:71:be:ce:4d:3e:33:55:bd:d0:df:92:
d3:47:b6:2b:da:18:a3:8a:b5:65:fe:0d:10:46:c6:48:ea:e7:
7d:05:be:bb:c1:f3:2e:d9:59:1e:95:67:7a:9b:e7:44:4b:b8:
9e:5e:6f:d7:33:79:aa:37:48:58:2e:e8:1c:da:26:59:d1:fe:
c6:b1:8e:83:45:a6:32:5a:1d:02:5d:61:9e:7a:d3:9b:ff:7a:
2a:5e:90:9a:04:25:4f:47:2c:18:03:5e:89:d8:74:56:26:66:
5a:a7:dc:66:3b:74:10:3f:2f:04:85:12:2c:50:26:fc:fc:6e:
e1:56:07:a7:e7:0a:1c:f0:b0:97:77:5d:b1:38:18:89:49:a8:
11:2a:67:17:ff:db:2d:69:b4:d9:6b:8f:a8:41:42:6f:2d:fe:
74:c5:9d:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzFdW2P2UJXC2fdr6XcFm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmQ5MzYyZTgzYjg1MmYzZmQzMzExYjA5MDk2ZjYyODlh
NmEwZjgwHhcNMjMwMTAyMTUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFhZDQyOTIxYWI1OGQ4M2FhMTNkZGM2ODMwZWNlZTY4NzVjMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MRW5Kv42emhjsQ/a29iYVxw6qzh
A4fFz1huRikXJKCCiBC0YjUo0REywCqBx/jRcQzpVeWiVe04FqHtC6WAgBCLKHGW
ZUZ3Q5vGbgEf081IrglpAq1eNH9yA1WFgJsOQ4IvpqY5S3FUg/QA8DiES8kIIvio
lI88UgssVENuW1Rs74OzTwtb29f8YU0eMa78B0ejiRPcXe3XVO2sislXx1BXYcdr
71XWUEzOpl/9NTg8X7AM+Osxa1846+OzTfLP7fidE7VZdCKu0sUr4+48qoJxd08r
TKhCBa2wVhXp++/LRByCakNQlyeY0tMlteb+bYQsFpEnCl8/t7hnXEjTZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGQa1Ckhq1jYOqE93Ggw7O5odcBAMB8GA1UdIwQY
MBaAFEP9k2LoO4UvP9MxGwkJb2KJpqD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV8yVFl1ZzdoUzhfMHpFYkNRbHZZb21tb1BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xZDNjMTUtMzQxNi00NGFkLTlhODkt
NjU0N2JiMWI4MGMyLzEvWkJyVUtTR3JXTmc2b1QzY2FERHM3bWgxd0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xZDNjMTUtMzQxNi00NGFkLTlhODktNjU0N2JiMWI4MGMy
LzEvUV8yVFl1ZzdoUzhfMHpFYkNRbHZZb21tb1BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC04
MA0GCSqGSIb3DQEBCwUAA4IBAQALmXkAlfcpjW2W+Hps0ogEPHN+u+bNusHqq/Xs
Qpz1HGntqucHG/CFP8bB8wLllKb/POxCaAH6qyWIYTG05VqY61A85xTb9Rjigj4Z
isP+8C8msaDOZK41oDtoRIKilJRecb7OTT4zVb3Q35LTR7Yr2hijirVl/g0QRsZI
6ud9Bb67wfMu2VkelWd6m+dES7ieXm/XM3mqN0hYLugc2iZZ0f7GsY6DRaYyWh0C
XWGeetOb/3oqXpCaBCVPRywYA16J2HRWJmZap9xmO3QQPy8EhRIsUCb8/G7hVgen
5woc8LCXd12xOBiJSagRKmcX/9stabTZa4+oQUJvLf50xZ1X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:30 2024 by rpki-client on console-ams.rpki-client.org