Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/czphzxq4FQT9UusSzJ3888guH_E.roa
File: czphzxq4FQT9UusSzJ3888guH_E.roa (raw, json)
Hash identifier: pUBYGXKtU9pTTE7swO/n75FAzQYeWFlQgisQ3EpH+Rk=
Subject key identifier: 73:3A:61:CF:1A:B8:15:04:FD:52:EB:12:CC:9D:FC:F3:C8:2E:1F:F1
Certificate issuer: /CN=61ce2e57f6f862ca3056e5fd5b3e6eac35540401
Certificate serial: 01856F4B907DED754C6829BEC57F7C22599A
Authority key identifier: 61:CE:2E:57:F6:F8:62:CA:30:56:E5:FD:5B:3E:6E:AC:35:54:04:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yc4uV_b4YsowVuX9Wz5urDVUBAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/czphzxq4FQT9UusSzJ3888guH_E.roa
Signing time: Sun 01 Jan 2023 21:45:01 +0000
ROA not before: Sun 01 Jan 2023 21:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38938
IP address blocks: 2a04:8900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:90:7d:ed:75:4c:68:29:be:c5:7f:7c:22:59:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ce2e57f6f862ca3056e5fd5b3e6eac35540401
Validity
Not Before: Jan 1 21:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=733a61cf1ab81504fd52eb12cc9dfcf3c82e1ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:6a:33:13:b9:ed:7d:4b:bb:73:5d:19:ac:
04:65:02:53:bc:8b:a2:bc:06:41:6a:4b:43:cd:b4:
ad:1d:8b:56:51:e7:f2:2c:1c:24:3b:3c:76:a7:82:
17:fa:35:1f:f8:a8:b3:71:21:39:fb:88:40:8a:e8:
47:85:9c:15:bf:8a:ff:83:d0:e1:49:ca:9f:74:6f:
75:0d:d7:0b:82:f7:75:b0:2b:e0:db:8e:a7:e6:cc:
1f:96:6d:a8:7a:4c:68:b8:9c:6d:1c:2f:ff:e4:0a:
d0:e1:68:9b:11:f2:8a:22:a3:8e:f9:9d:f8:3d:58:
dd:67:bc:c2:58:56:e5:bb:f0:f8:15:8f:43:66:d4:
c9:1b:ce:45:3b:7f:45:2a:3c:bf:60:40:fe:47:91:
fe:19:09:3c:aa:4a:1f:a7:04:84:4e:3e:7c:3a:c3:
78:f5:cb:c1:9e:2c:fa:bb:c6:57:b8:92:35:6c:0b:
31:4f:e1:ab:2e:4e:ea:45:77:1e:a3:da:46:01:c3:
a9:fa:36:bf:0e:35:8e:3a:79:4d:c1:0d:d3:b4:ac:
a3:90:2f:30:c1:c8:a8:06:0d:9e:52:ec:e6:be:48:
3a:cc:e0:45:11:35:3a:fb:5e:35:a9:66:b0:0c:d5:
2f:4e:6f:9e:c2:02:c9:e3:5b:9a:60:74:88:cd:46:
64:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3A:61:CF:1A:B8:15:04:FD:52:EB:12:CC:9D:FC:F3:C8:2E:1F:F1
X509v3 Authority Key Identifier:
keyid:61:CE:2E:57:F6:F8:62:CA:30:56:E5:FD:5B:3E:6E:AC:35:54:04:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yc4uV_b4YsowVuX9Wz5urDVUBAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/czphzxq4FQT9UusSzJ3888guH_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/Yc4uV_b4YsowVuX9Wz5urDVUBAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:8900::/29
Signature Algorithm: sha256WithRSAEncryption
b4:ad:d2:4b:ee:d5:88:db:a7:69:0f:e9:54:1d:92:9e:b6:ce:
d4:59:40:a0:99:8e:d2:c9:c9:9b:1b:0b:d5:6c:e5:4d:07:d1:
4b:4b:bf:a6:f9:e9:9c:64:92:8c:70:1c:d4:05:4b:74:3c:a3:
8b:54:f1:6e:a4:03:f9:b4:4b:6c:93:c0:f1:ec:63:d5:25:d7:
aa:ec:9e:d9:08:24:e0:de:ed:cb:88:ec:61:94:7d:04:ce:5f:
29:37:fc:f4:19:c0:68:21:8a:a3:07:15:bb:d1:e6:d0:73:32:
82:29:b7:6e:9e:4a:68:a8:ee:ee:c4:42:c4:ee:89:12:ba:4f:
18:7f:35:6e:61:d3:55:af:7f:15:72:cd:1f:f0:b0:79:c1:d2:
78:cd:20:df:4f:94:03:b8:27:69:01:75:4e:80:40:0a:84:eb:
3d:54:0e:73:27:cd:4e:af:74:70:af:27:a7:32:dc:00:6b:eb:
38:41:ea:91:86:af:20:4a:12:38:a9:ca:ad:53:54:68:20:38:
46:58:f8:7d:22:39:32:df:27:a4:39:ec:48:d4:a8:03:9b:ca:
bf:50:db:06:9b:4e:41:ba:1a:47:11:c1:8f:75:68:5f:5e:e3:
41:b0:45:79:a6:13:3a:37:ca:82:80:0d:81:0f:3a:86:32:59:
5f:ab:50:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvS5B97XVMaCm+xX98IlmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxY2UyZTU3ZjZmODYyY2EzMDU2ZTVmZDViM2U2ZWFjMzU1
NDA0MDEwHhcNMjMwMTAxMjE0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNhNjFjZjFhYjgxNTA0ZmQ1MmViMTJjYzlkZmNmM2M4MmUxZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHhqMxO57X1Lu3NdGawEZQJTvIui
vAZBaktDzbStHYtWUefyLBwkOzx2p4IX+jUf+KizcSE5+4hAiuhHhZwVv4r/g9Dh
ScqfdG91DdcLgvd1sCvg246n5swflm2oekxouJxtHC//5ArQ4WibEfKKIqOO+Z34
PVjdZ7zCWFblu/D4FY9DZtTJG85FO39FKjy/YED+R5H+GQk8qkofpwSETj58OsN4
9cvBniz6u8ZXuJI1bAsxT+GrLk7qRXceo9pGAcOp+ja/DjWOOnlNwQ3TtKyjkC8w
wcioBg2eUuzmvkg6zOBFETU6+141qWawDNUvTm+ewgLJ41uaYHSIzUZkWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHM6Yc8auBUE/VLrEsyd/PPILh/xMB8GA1UdIwQY
MBaAFGHOLlf2+GLKMFbl/Vs+bqw1VAQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWM0dVZfYjRZc293VnVYOVd6NXVyRFZVQkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzYyMDMtZThmZC00NzJmLWFmYzIt
OTkwMzg1NTU5ZDFjLzEvY3pwaHp4cTRGUVQ5VXVzU3pKMzg4OGd1SF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzYyMDMtZThmZC00NzJmLWFmYzItOTkwMzg1NTU5ZDFj
LzEvWWM0dVZfYjRZc293VnVYOVd6NXVyRFZVQkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgSJADAN
BgkqhkiG9w0BAQsFAAOCAQEAtK3SS+7ViNunaQ/pVB2SnrbO1FlAoJmO0snJmxsL
1WzlTQfRS0u/pvnpnGSSjHAc1AVLdDyji1TxbqQD+bRLbJPA8exj1SXXquye2Qgk
4N7ty4jsYZR9BM5fKTf89BnAaCGKowcVu9Hm0HMygim3bp5KaKju7sRCxO6JErpP
GH81bmHTVa9/FXLNH/CwecHSeM0g30+UA7gnaQF1ToBACoTrPVQOcyfNTq90cK8n
pzLcAGvrOEHqkYavIEoSOKnKrVNUaCA4Rlj4fSI5Mt8npDnsSNSoA5vKv1DbBptO
QboaRxHBj3VoX17jQbBFeaYTOjfKgoANgQ86hjJZX6tQXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:47 2024 by rpki-client on console-ams.rpki-client.org