Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/ZdOLaN18ux1u3hpTxy1mhctu_Pw.roa
File: ZdOLaN18ux1u3hpTxy1mhctu_Pw.roa (raw, json)
Hash identifier: rreNEfuuLIqPfMq0ViCWteAi+yb1P1/xwxohUMnuZjQ=
Subject key identifier: 65:D3:8B:68:DD:7C:BB:1D:6E:DE:1A:53:C7:2D:66:85:CB:6E:FC:FC
Certificate issuer: /CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Certificate serial: 01856EEFF023E71BD3F078DC4D663327CCBC
Authority key identifier: E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/ZdOLaN18ux1u3hpTxy1mhctu_Pw.roa
Signing time: Sun 01 Jan 2023 20:04:56 +0000
ROA not before: Sun 01 Jan 2023 20:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206583
IP address blocks: 2a04:71c4::/32 maxlen: 32
2a04:71c3::/32 maxlen: 32
2a04:71c7::/32 maxlen: 32
2a04:71c2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:f0:23:e7:1b:d3:f0:78:dc:4d:66:33:27:cc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Validity
Not Before: Jan 1 20:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d38b68dd7cbb1d6ede1a53c72d6685cb6efcfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:f6:ab:93:b1:95:97:ba:4a:23:7d:51:b0:
c4:00:e0:fd:70:ad:c8:9e:50:0d:b0:6f:5f:82:63:
aa:37:2b:33:ef:f4:f0:98:cf:59:62:42:8a:d2:37:
dd:e4:0e:94:3a:39:67:3a:96:56:52:af:64:30:97:
49:49:f4:51:2d:59:09:ea:db:bc:26:05:68:6f:01:
86:ba:03:85:9d:c6:3b:27:f1:2d:6e:7c:db:4a:8c:
09:d1:ea:5d:9a:61:e3:a6:b8:c3:01:7d:69:21:04:
e4:20:0e:86:23:72:74:09:b1:47:7e:93:40:c6:e2:
0d:52:c3:ba:ad:a1:c0:65:f9:8b:74:d0:2b:49:f7:
52:9f:3a:cd:dc:53:3f:47:7f:a0:a1:d5:73:0b:02:
4e:76:4c:41:0c:cd:01:7d:15:26:58:fb:32:db:27:
52:ee:05:87:26:73:9e:23:1b:73:ec:10:ac:90:c1:
77:70:0f:3b:8a:0c:07:57:22:65:63:35:69:3d:90:
16:8f:ca:1e:8f:32:97:08:4a:1c:4f:ea:f8:d6:6d:
ae:7a:ce:27:01:44:7f:84:82:d0:01:61:96:d8:c2:
a9:0e:3c:a7:94:81:0c:0a:4e:c3:7b:52:dc:7d:2b:
64:0e:90:30:30:bd:e6:a8:4c:ac:42:3b:15:8e:41:
7e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D3:8B:68:DD:7C:BB:1D:6E:DE:1A:53:C7:2D:66:85:CB:6E:FC:FC
X509v3 Authority Key Identifier:
keyid:E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/ZdOLaN18ux1u3hpTxy1mhctu_Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/45Dy7gpwvK7-AZWj2LN300KXqUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:71c2::-2a04:71c4:ffff:ffff:ffff:ffff:ffff:ffff
2a04:71c7::/32
Signature Algorithm: sha256WithRSAEncryption
16:55:15:77:8a:e9:08:7a:2c:b7:75:54:2c:9a:ba:eb:ab:eb:
a3:fa:2b:a5:10:7b:ff:7c:af:3f:6d:b4:1c:e4:59:44:a3:39:
12:9b:19:4d:28:40:48:39:53:2c:3a:6b:f5:d4:68:6d:1a:aa:
e0:08:27:04:50:cf:c0:5c:33:e6:fa:5c:8c:69:24:a3:8b:1d:
b4:54:8a:d0:3f:1a:38:a5:bb:ce:e2:90:61:a3:77:ea:e7:e5:
5c:9d:30:7e:ab:a8:23:59:23:cf:e1:08:ed:7a:84:85:22:e0:
c6:89:87:d7:cb:72:cf:6c:08:26:60:33:f3:4f:ac:f0:ef:95:
f1:c2:73:d0:76:10:cf:ce:18:17:42:f9:3f:9c:02:c8:1f:c2:
35:bb:42:e0:8b:b2:1e:8c:84:b7:41:25:07:8f:33:7f:ea:4a:
98:be:3a:95:5b:b6:d1:af:0a:ce:51:d0:21:25:88:1a:b7:08:
14:b7:30:32:23:f1:e0:7a:b7:16:82:d2:8c:25:17:dc:ca:af:
c7:0e:4e:0e:8f:51:6a:8a:05:d5:96:59:f2:49:5b:51:ab:57:
e8:ef:d0:6d:ad:9c:75:51:26:b4:d3:35:ee:04:2f:db:45:b4:
e7:d4:6d:a9:4a:b1:84:07:5c:e2:0f:1f:ee:a6:ed:c3:78:07:
4f:78:10:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu7/Aj5xvT8HjcTWYzJ8y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOTBmMmVlMGE3MGJjYWVmZTAxOTVhM2Q4YjM3N2QzNDI5
N2E5NDMwHhcNMjMwMTAxMjAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQzOGI2OGRkN2NiYjFkNmVkZTFhNTNjNzJkNjY4NWNiNmVmY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDv2q5OxlZe6SiN9UbDEAOD9cK3I
nlANsG9fgmOqNysz7/TwmM9ZYkKK0jfd5A6UOjlnOpZWUq9kMJdJSfRRLVkJ6tu8
JgVobwGGugOFncY7J/EtbnzbSowJ0epdmmHjprjDAX1pIQTkIA6GI3J0CbFHfpNA
xuINUsO6raHAZfmLdNArSfdSnzrN3FM/R3+godVzCwJOdkxBDM0BfRUmWPsy2ydS
7gWHJnOeIxtz7BCskMF3cA87igwHVyJlYzVpPZAWj8oejzKXCEocT+r41m2ues4n
AUR/hILQAWGW2MKpDjynlIEMCk7De1LcfStkDpAwML3mqEysQjsVjkF+rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGXTi2jdfLsdbt4aU8ctZoXLbvz8MB8GA1UdIwQY
MBaAFOOQ8u4KcLyu/gGVo9izd9NCl6lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmIt
M2ViOTEzNGVjNzlkLzEvWmRPTGFOMTh1eDF1M2hwVHh5MW1oY3R1X1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmItM2ViOTEzNGVjNzlk
LzEvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqBHHC
AwUAKgRxxAMFACoEcccwDQYJKoZIhvcNAQELBQADggEBABZVFXeK6Qh6LLd1VCya
uuur66P6K6UQe/98rz9ttBzkWUSjORKbGU0oQEg5Uyw6a/XUaG0aquAIJwRQz8Bc
M+b6XIxpJKOLHbRUitA/Gjilu87ikGGjd+rn5VydMH6rqCNZI8/hCO16hIUi4MaJ
h9fLcs9sCCZgM/NPrPDvlfHCc9B2EM/OGBdC+T+cAsgfwjW7QuCLsh6MhLdBJQeP
M3/qSpi+OpVbttGvCs5R0CEliBq3CBS3MDIj8eB6txaC0owlF9zKr8cOTg6PUWqK
BdWWWfJJW1GrV+jv0G2tnHVRJrTTNe4EL9tFtOfUbalKsYQHXOIPH+6m7cN4B094
EA4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:50 2024 by rpki-client on console-fra.rpki-client.org