Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/z_883hIMQahSA-tl_vu1RKovmVo.roa
File: z_883hIMQahSA-tl_vu1RKovmVo.roa (raw, json)
Hash identifier: wKR9MoMDwD0w6kLMPlV6Dq8rIuQcwxQw6ru/J+0QL/k=
Subject key identifier: CF:FF:3C:DE:12:0C:41:A8:52:03:EB:65:FE:FB:B5:44:AA:2F:99:5A
Certificate issuer: /CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Certificate serial: 018570FB9C75D67F13C8F23FE558F2ABDC8A
Authority key identifier: 53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/z_883hIMQahSA-tl_vu1RKovmVo.roa
Signing time: Mon 02 Jan 2023 05:36:55 +0000
ROA not before: Mon 02 Jan 2023 05:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208658
IP address blocks: 2001:678:aac::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:9c:75:d6:7f:13:c8:f2:3f:e5:58:f2:ab:dc:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Validity
Not Before: Jan 2 05:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfff3cde120c41a85203eb65fefbb544aa2f995a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:43:0c:7a:52:b9:41:6a:30:08:28:3d:34:8b:
28:2b:5c:9b:9e:13:84:33:fe:c8:e1:a9:15:b1:aa:
1a:0e:62:41:d7:0b:86:af:ea:b9:be:b9:d9:c4:06:
8b:31:4a:04:4f:39:ae:e7:cc:f3:b4:95:f3:c5:40:
76:0e:56:38:02:e7:45:6b:5a:19:49:9a:eb:a6:a3:
87:0d:16:80:82:66:9e:c3:6b:0d:e2:73:67:3f:62:
19:06:b4:78:4d:57:b8:aa:53:18:8a:f0:11:2c:d0:
a2:9c:f8:9e:2a:12:14:fa:09:ac:79:a3:3e:ce:44:
55:51:7e:7e:c9:79:88:09:ab:af:0b:c6:c3:e2:0e:
fe:32:d7:ae:01:3a:0d:09:cb:be:a8:72:e8:6d:4a:
fb:31:f0:39:ca:43:19:f8:0f:25:01:8a:a5:c2:80:
da:75:c2:6a:55:bb:9f:88:7f:b8:63:cd:6e:e1:13:
ce:07:41:68:95:94:83:b4:79:ee:ad:3a:2b:3e:3a:
12:17:61:ab:e3:40:74:40:0e:f2:b7:0c:db:18:b8:
cd:dd:0a:bb:c1:75:95:59:36:19:8e:85:5b:b6:c9:
8f:98:d1:67:aa:4a:f9:ff:58:38:7e:b3:cb:6d:bc:
65:d7:c4:9b:9f:5a:8c:3e:a5:2e:f0:f3:86:44:0c:
a0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FF:3C:DE:12:0C:41:A8:52:03:EB:65:FE:FB:B5:44:AA:2F:99:5A
X509v3 Authority Key Identifier:
keyid:53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/z_883hIMQahSA-tl_vu1RKovmVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:aac::/48
Signature Algorithm: sha256WithRSAEncryption
52:08:af:84:f0:a5:98:74:2c:b9:88:24:4b:8d:fe:82:ea:c1:
ea:ce:fc:38:5d:26:b8:c2:eb:98:cb:2a:d4:a7:85:6c:69:77:
2b:6b:eb:ff:53:1d:00:7f:e9:0a:63:8d:2e:d5:00:2a:eb:d6:
ed:64:45:00:19:be:66:25:8e:54:b2:a6:7c:20:ea:7d:c8:5a:
bc:e7:5c:be:a7:23:d4:e3:ae:90:2c:f7:fe:e3:d7:c1:6d:d9:
98:38:8c:8a:51:19:13:fb:0f:a9:80:5c:e8:8c:30:32:56:64:
0e:5a:b7:f0:9a:6d:0c:b5:c3:75:d7:2b:40:d1:32:65:fd:65:
9d:0d:ef:63:28:bd:bd:5a:19:f0:65:2f:5f:40:fd:4c:8a:19:
55:cc:de:a3:7f:5a:e9:1e:48:c9:4c:e7:40:6c:48:cf:2a:a0:
3f:8b:ee:1c:04:35:76:8b:fd:f1:84:27:98:2e:60:1a:85:49:
e6:f2:41:77:69:af:cc:f0:ef:e2:84:81:db:64:3c:55:11:ba:
dd:d1:cc:de:80:bd:9f:69:78:93:c8:0a:1a:da:99:9a:a6:c7:
99:28:3d:9d:d1:9b:ab:00:1b:53:86:92:63:a9:18:a5:9b:ac:
66:77:c9:5c:63:37:85:34:a9:de:a4:ce:e9:fb:61:1d:73:26:
cd:a1:c8:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+5x11n8TyPI/5Vjyq9yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzM2I0NmUzYTlkZDViN2VhOGE4YmZkYTJmNmUzYmFkMTU1
MDkxMTMwHhcNMjMwMTAyMDUzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZmM2NkZTEyMGM0MWE4NTIwM2ViNjVmZWZiYjU0NGFhMmY5OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0MMelK5QWowCCg9NIsoK1ybnhOE
M/7I4akVsaoaDmJB1wuGr+q5vrnZxAaLMUoETzmu58zztJXzxUB2DlY4AudFa1oZ
SZrrpqOHDRaAgmaew2sN4nNnP2IZBrR4TVe4qlMYivARLNCinPieKhIU+gmseaM+
zkRVUX5+yXmICauvC8bD4g7+MteuAToNCcu+qHLobUr7MfA5ykMZ+A8lAYqlwoDa
dcJqVbufiH+4Y81u4RPOB0FolZSDtHnurTorPjoSF2Gr40B0QA7ytwzbGLjN3Qq7
wXWVWTYZjoVbtsmPmNFnqkr5/1g4frPLbbxl18Sbn1qMPqUu8POGRAygPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM//PN4SDEGoUgPrZf77tUSqL5laMB8GA1UdIwQY
MBaAFFM7RuOp3Vt+qKi/2i9uO60VUJETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzIt
ZTI2OTYwYmYzNGU1LzEvel84ODNoSU1RYWhTQS10bF92dTFSS292bVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzItZTI2OTYwYmYzNGU1
LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqs
MA0GCSqGSIb3DQEBCwUAA4IBAQBSCK+E8KWYdCy5iCRLjf6C6sHqzvw4XSa4wuuY
yyrUp4VsaXcra+v/Ux0Af+kKY40u1QAq69btZEUAGb5mJY5UsqZ8IOp9yFq851y+
pyPU466QLPf+49fBbdmYOIyKURkT+w+pgFzojDAyVmQOWrfwmm0MtcN11ytA0TJl
/WWdDe9jKL29WhnwZS9fQP1MihlVzN6jf1rpHkjJTOdAbEjPKqA/i+4cBDV2i/3x
hCeYLmAahUnm8kF3aa/M8O/ihIHbZDxVEbrd0czegL2faXiTyAoa2pmapseZKD2d
0ZurABtThpJjqRilm6xmd8lcYzeFNKnepM7p+2EdcybNocir
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:07 2024 by rpki-client on console-fra.rpki-client.org