Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/kZy-baGRuv6htyEsrwbfnLWrvbA.roa
File: kZy-baGRuv6htyEsrwbfnLWrvbA.roa (raw, json)
Hash identifier: Ljw1dqZizLormWJT392opwos+9IZYmXGbjR6E42+sFM=
Subject key identifier: 91:9C:BE:6D:A1:91:BA:FE:A1:B7:21:2C:AF:06:DF:9C:B5:AB:BD:B0
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 01856C6F227B65BB37DA28564FF8AAE0D3E9
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/kZy-baGRuv6htyEsrwbfnLWrvbA.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210542
IP address blocks: 2a0f:ca80:de0::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:22:7b:65:bb:37:da:28:56:4f:f8:aa:e0:d3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919cbe6da191bafea1b7212caf06df9cb5abbdb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d4:5a:a2:9c:7d:6b:dd:6c:d8:8e:27:03:b1:
a2:9c:f5:5e:18:2d:eb:a6:2a:7d:8a:54:78:aa:85:
40:02:60:e4:8d:ee:c4:07:c0:56:e2:9c:de:ca:a7:
5c:60:20:08:d0:69:f2:bc:ba:18:24:f0:45:0d:81:
c1:d9:c9:3d:db:b3:66:f9:97:87:99:19:7c:76:05:
f4:e9:95:60:1b:58:ec:94:76:15:9d:5b:d9:cd:1c:
6e:a3:2e:93:bf:5c:7e:0f:21:05:e9:bf:21:2f:0e:
5c:d5:73:c5:e5:2f:9c:3b:f6:1d:17:1a:23:e6:b0:
c1:9c:b1:e3:51:fb:e9:d1:94:9d:e3:e2:96:69:0f:
63:91:08:b5:d0:d1:76:99:49:17:a5:08:14:fd:e2:
ca:6c:35:65:fe:18:7b:8b:d0:ad:4a:44:c6:d0:3a:
3d:17:93:f0:7e:c7:3a:27:0d:f2:ce:05:52:21:49:
14:24:3f:4b:f0:b9:c2:42:14:d0:1b:87:af:11:c2:
0c:7d:87:38:fe:a0:95:70:0e:d6:3c:98:29:7f:6a:
9b:e0:a8:6b:3f:06:80:32:b8:25:d5:c7:0b:f0:e0:
43:04:00:80:f8:13:86:55:c3:95:4e:03:fd:e4:ac:
21:d0:db:d4:f8:01:ac:7c:cb:4b:86:0b:c9:ac:c2:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:BE:6D:A1:91:BA:FE:A1:B7:21:2C:AF:06:DF:9C:B5:AB:BD:B0
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/kZy-baGRuv6htyEsrwbfnLWrvbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca80:de0::/44
Signature Algorithm: sha256WithRSAEncryption
79:c8:56:44:c2:97:69:c9:91:1c:96:c6:a5:00:05:de:d4:59:
77:6c:6e:99:04:5c:64:2b:32:16:0c:72:2b:88:f1:8f:b8:0c:
da:7e:59:a5:10:04:39:8d:c4:d7:d6:f0:e2:5d:5b:aa:51:94:
47:b6:0c:d5:e5:da:60:97:29:d7:b8:7e:e8:ac:65:3c:28:63:
24:67:91:dd:fa:cb:a0:05:0a:0e:25:d5:14:e0:61:8d:80:54:
e2:82:cd:8e:34:43:68:fc:16:bb:1a:80:97:86:8a:ec:1a:1e:
96:cd:21:7a:90:94:c9:5a:2d:3d:97:26:c0:61:44:d1:29:76:
00:8a:f5:1c:b2:59:27:ba:a3:94:19:15:2f:d5:a4:ed:99:fd:
0a:21:a2:48:d8:4d:3c:0a:45:59:48:a7:a6:56:c1:75:42:29:
71:9b:04:82:9b:2c:8d:61:cc:20:6f:5d:39:12:ea:e5:d0:ee:
e7:f7:cd:96:8e:3f:13:81:c4:ec:bf:a6:eb:66:19:1d:fb:71:
6d:4a:fd:2b:74:73:f0:c8:83:58:93:60:93:f2:75:a8:10:52:
f5:0a:b6:c6:ef:7d:74:99:b7:03:65:1e:82:58:f7:64:db:47:
3f:a6:08:73:1d:c2:83:9c:b1:51:a4:06:35:75:fe:27:9c:aa:
b0:5c:4a:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbyJ7Zbs32ihWT/iq4NPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljYmU2ZGExOTFiYWZlYTFiNzIxMmNhZjA2ZGY5Y2I1YWJiZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdRaopx9a91s2I4nA7GinPVeGC3r
pip9ilR4qoVAAmDkje7EB8BW4pzeyqdcYCAI0GnyvLoYJPBFDYHB2ck927Nm+ZeH
mRl8dgX06ZVgG1jslHYVnVvZzRxuoy6Tv1x+DyEF6b8hLw5c1XPF5S+cO/YdFxoj
5rDBnLHjUfvp0ZSd4+KWaQ9jkQi10NF2mUkXpQgU/eLKbDVl/hh7i9CtSkTG0Do9
F5Pwfsc6Jw3yzgVSIUkUJD9L8LnCQhTQG4evEcIMfYc4/qCVcA7WPJgpf2qb4Khr
PwaAMrgl1ccL8OBDBACA+BOGVcOVTgP95Kwh0NvU+AGsfMtLhgvJrMIpDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJGcvm2hkbr+obchLK8G35y1q72wMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEva1p5LWJhR1J1djZodHlFc3J3YmZuTFdydmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg/KgA3g
MA0GCSqGSIb3DQEBCwUAA4IBAQB5yFZEwpdpyZEclsalAAXe1Fl3bG6ZBFxkKzIW
DHIriPGPuAzaflmlEAQ5jcTX1vDiXVuqUZRHtgzV5dpglynXuH7orGU8KGMkZ5Hd
+sugBQoOJdUU4GGNgFTigs2ONENo/Ba7GoCXhorsGh6WzSF6kJTJWi09lybAYUTR
KXYAivUcslknuqOUGRUv1aTtmf0KIaJI2E08CkVZSKemVsF1QilxmwSCmyyNYcwg
b105Eurl0O7n982Wjj8TgcTsv6brZhkd+3FtSv0rdHPwyINYk2CT8nWoEFL1CrbG
7310mbcDZR6CWPdk20c/pghzHcKDnLFRpAY1df4nnKqwXEry
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org