Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/0ZFbWD14dyzcz2_kOH_ACZlpA8U.roa
File: 0ZFbWD14dyzcz2_kOH_ACZlpA8U.roa (raw, json)
Hash identifier: uNmNdWrZtZCz1P+Lln0Z8oyx748ZHz4BN7NMKAWd7xs=
Subject key identifier: D1:91:5B:58:3D:78:77:2C:DC:CF:6F:E4:38:7F:C0:09:99:69:03:C5
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA3FB424C7F48D09388DAAE5259118
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/0ZFbWD14dyzcz2_kOH_ACZlpA8U.roa
Signing time: Mon 02 Jan 2023 13:44:46 +0000
ROA not before: Mon 02 Jan 2023 13:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8248
IP address blocks: 2001:648:3400::/40 maxlen: 40
2001:648:2300::/47 maxlen: 47
2001:648:2302::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:3f:b4:24:c7:f4:8d:09:38:8d:aa:e5:25:91:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1915b583d78772cdccf6fe4387fc009996903c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e8:99:1b:53:2f:be:90:73:8a:9f:93:41:1b:
1e:64:56:d5:70:47:43:9b:ef:b2:a4:6c:f3:29:ed:
9b:ee:fa:49:18:c2:02:fd:a4:9b:6b:cb:3d:01:35:
bb:db:3f:4b:b4:9e:d5:03:f6:50:42:bc:7a:fb:83:
2d:a1:75:f3:b8:96:4f:15:36:d4:89:ed:37:f1:6f:
f4:c8:8c:60:21:6f:5c:82:e8:ae:9f:84:b9:72:6d:
05:4d:79:01:ff:f2:cc:aa:12:d8:1d:7e:02:e0:73:
34:47:c4:08:8e:97:ef:b9:fa:48:a8:85:26:65:e2:
bf:16:ee:9b:57:54:97:91:dd:5a:87:fe:1a:05:5c:
bc:00:f9:6b:8e:9e:ab:b0:25:b5:a3:ca:7c:55:55:
52:40:06:7b:66:a7:ba:e9:a7:61:89:04:77:be:f2:
f6:f8:e1:d6:98:c0:a0:df:95:25:97:75:60:1e:07:
c5:55:06:aa:44:0d:e5:f1:13:1c:9e:26:9b:55:97:
45:91:2d:b9:89:ba:06:b9:be:5c:4c:44:19:54:19:
da:a6:b8:ee:16:fa:b4:e0:70:4e:d4:cb:81:01:76:
8e:bf:16:e4:ea:ed:98:05:ad:a8:95:eb:8d:71:7e:
02:99:7d:d3:ca:4f:a8:2a:2f:e1:53:f5:9d:db:14:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:91:5B:58:3D:78:77:2C:DC:CF:6F:E4:38:7F:C0:09:99:69:03:C5
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/0ZFbWD14dyzcz2_kOH_ACZlpA8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:648:2300::-2001:648:2302:ffff:ffff:ffff:ffff:ffff
2001:648:3400::/40
Signature Algorithm: sha256WithRSAEncryption
98:68:c4:4d:74:a3:1d:cf:ab:10:31:0c:d0:fa:8e:60:a1:8b:
2b:86:4a:d8:dc:70:be:84:a4:36:3d:ba:71:29:d4:ff:7e:51:
cc:f2:da:0d:78:39:9e:c6:0e:96:c1:8b:d1:0c:57:ed:23:7d:
41:99:8b:ee:87:2d:dd:8d:64:f5:5d:42:76:92:7e:86:8a:ce:
ba:b0:f1:08:a2:cc:9a:ee:ce:37:60:13:1d:aa:01:c6:57:74:
f4:fc:a7:9c:57:d4:57:b7:b2:08:fd:e5:92:bf:bd:84:c9:3b:
07:dc:a5:61:c2:87:60:38:ac:85:71:30:c1:a1:58:06:32:2d:
2b:fc:e7:29:24:7e:90:e2:3b:c8:67:b4:71:4b:a9:75:3d:c5:
33:71:1f:39:7f:af:da:17:14:75:aa:cd:06:99:99:2a:9e:fa:
98:cc:0a:2f:5e:01:d0:2b:b6:51:5b:cd:7d:dd:77:85:bf:9b:
01:74:2f:1e:fa:33:df:5c:be:d7:9e:18:3a:38:62:2b:01:61:
47:c5:17:62:68:c1:1b:e0:e4:5d:20:b7:92:38:58:3c:87:21:
61:34:d0:d9:ff:df:04:22:8b:c8:20:5a:d2:48:88:94:21:09:
84:32:ef:0b:51:00:01:cc:99:be:95:6b:cc:03:ed:5d:34:4a:
43:3f:06:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyuj+0JMf0jQk4jarlJZEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTkxNWI1ODNkNzg3NzJjZGNjZjZmZTQzODdmYzAwOTk5NjkwM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeiZG1MvvpBzip+TQRseZFbVcEdD
m++ypGzzKe2b7vpJGMIC/aSba8s9ATW72z9LtJ7VA/ZQQrx6+4MtoXXzuJZPFTbU
ie038W/0yIxgIW9cguiun4S5cm0FTXkB//LMqhLYHX4C4HM0R8QIjpfvufpIqIUm
ZeK/Fu6bV1SXkd1ah/4aBVy8APlrjp6rsCW1o8p8VVVSQAZ7Zqe66adhiQR3vvL2
+OHWmMCg35Ull3VgHgfFVQaqRA3l8RMcniabVZdFkS25iboGub5cTEQZVBnaprju
Fvq04HBO1MuBAXaOvxbk6u2YBa2oleuNcX4CmX3Tyk+oKi/hU/Wd2xTcEQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNGRW1g9eHcs3M9v5Dh/wAmZaQPFMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvMFpGYldEMTRkeXpjejJfa09IX0FDWmxwQThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBEDBgAgAQZI
IwMHACABBkgjAgMGACABBkg0MA0GCSqGSIb3DQEBCwUAA4IBAQCYaMRNdKMdz6sQ
MQzQ+o5goYsrhkrY3HC+hKQ2PbpxKdT/flHM8toNeDmexg6WwYvRDFftI31BmYvu
hy3djWT1XUJ2kn6Gis66sPEIosya7s43YBMdqgHGV3T0/KecV9RXt7II/eWSv72E
yTsH3KVhwodgOKyFcTDBoVgGMi0r/OcpJH6Q4jvIZ7RxS6l1PcUzcR85f6/aFxR1
qs0GmZkqnvqYzAovXgHQK7ZRW8193XeFv5sBdC8e+jPfXL7Xnhg6OGIrAWFHxRdi
aMEb4ORdILeSOFg8hyFhNNDZ/98EIovIIFrSSIiUIQmEMu8LUQABzJm+lWvMA+1d
NEpDPwYQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:49 2024 by rpki-client on console-ams.rpki-client.org