Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ddac0d-3743-4cd2-a6a3-a1246c67d9de/1/ZMtDxRGS-jdloSHg8xG_Y6KrHZM.roa
File: ZMtDxRGS-jdloSHg8xG_Y6KrHZM.roa (raw, json)
Hash identifier: g8TCGZbChXrJyvrslD+O0LoGbU1XaJJCdZUw7aGH1gs=
Subject key identifier: 64:CB:43:C5:11:92:FA:37:65:A1:21:E0:F3:11:BF:63:A2:AB:1D:93
Certificate issuer: /CN=1b1b4b5c2daaa6fc35071f438f968af6ff6ca4da
Certificate serial: 018CC348FB6FEC7BA7DEA0620B7E6E273C1C
Authority key identifier: 1B:1B:4B:5C:2D:AA:A6:FC:35:07:1F:43:8F:96:8A:F6:FF:6C:A4:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxtLXC2qpvw1Bx9Dj5aK9v9spNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ddac0d-3743-4cd2-a6a3-a1246c67d9de/1/ZMtDxRGS-jdloSHg8xG_Y6KrHZM.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210577
IP address blocks: 2001:67c:13dc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fb:6f:ec:7b:a7:de:a0:62:0b:7e:6e:27:3c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1b4b5c2daaa6fc35071f438f968af6ff6ca4da
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64cb43c51192fa3765a121e0f311bf63a2ab1d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f4:1a:08:72:57:84:7d:8c:61:76:cf:6f:45:
32:8a:1a:7a:39:58:87:f9:d0:db:5d:c5:6a:a3:c9:
cd:4a:77:ff:1c:51:90:7f:7b:89:da:a7:ac:59:a4:
60:7d:b2:f0:62:4c:d1:05:4d:c3:7b:a8:e1:05:f8:
b0:e4:8c:c3:b3:07:f3:cd:72:11:a8:ca:7a:12:15:
00:27:47:4c:16:7f:9a:b4:f1:1a:c0:c1:9b:a3:83:
0d:23:b2:f1:98:aa:e0:b7:21:2d:43:e0:93:b4:bc:
f3:72:a4:9e:be:1b:22:66:54:f8:22:46:c3:39:3a:
48:0f:70:1b:e2:af:13:dc:80:48:60:ee:bc:c8:e4:
50:3a:43:d8:47:6a:40:a1:01:4a:ec:c2:69:06:d9:
f7:60:e8:84:bf:15:c5:37:2a:ed:44:40:79:c0:ff:
32:4e:d5:fb:c9:aa:6f:11:64:f2:23:68:c7:4c:ee:
04:20:a3:95:9f:21:ce:a2:be:60:7a:ce:be:53:fd:
75:10:b2:c4:79:86:bb:29:54:f9:eb:79:70:5f:cb:
d1:74:70:06:cf:da:87:68:49:7a:33:1f:26:74:92:
c1:88:1c:80:a6:0c:af:eb:7a:41:cf:6d:f9:85:8b:
ed:ca:12:72:4f:85:3f:60:61:a6:a3:11:6c:86:f4:
d2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CB:43:C5:11:92:FA:37:65:A1:21:E0:F3:11:BF:63:A2:AB:1D:93
X509v3 Authority Key Identifier:
keyid:1B:1B:4B:5C:2D:AA:A6:FC:35:07:1F:43:8F:96:8A:F6:FF:6C:A4:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxtLXC2qpvw1Bx9Dj5aK9v9spNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ddac0d-3743-4cd2-a6a3-a1246c67d9de/1/ZMtDxRGS-jdloSHg8xG_Y6KrHZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ddac0d-3743-4cd2-a6a3-a1246c67d9de/1/GxtLXC2qpvw1Bx9Dj5aK9v9spNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:13dc::/48
Signature Algorithm: sha256WithRSAEncryption
3d:48:0a:e4:b6:96:81:ce:00:d3:aa:48:53:0b:6a:f7:cb:c1:
86:ce:d7:89:50:bc:d7:8a:48:c2:6a:40:20:4e:68:fa:d6:f4:
15:89:5d:82:66:94:20:30:57:4f:ac:af:b1:d5:2e:fc:3c:45:
63:85:84:4d:5c:bc:5a:21:8b:f9:a5:6e:0d:20:86:a7:5d:aa:
4f:f2:15:65:d4:65:0c:c6:24:90:d3:07:1e:d0:ca:a2:b7:fa:
e0:41:68:1d:87:b7:af:43:b3:a7:54:d9:b0:e1:5d:04:b3:54:
50:f0:08:c2:2c:f0:41:24:33:28:9d:76:68:f9:64:30:ae:38:
fc:fd:d6:d5:df:7e:be:5b:08:0f:36:db:db:b5:8b:03:54:d4:
ba:0e:a0:c5:6c:89:05:36:3f:1b:1c:e3:03:c5:74:39:a4:d2:
48:e3:f9:20:5e:5d:c3:f5:f2:39:6f:9f:f4:b3:07:85:aa:af:
27:df:e4:07:cb:b7:bd:ec:cc:a8:f6:8d:78:65:82:cd:0f:8c:
58:e0:6b:ab:70:a2:1e:cf:b3:15:09:c6:8a:eb:ca:dc:a9:92:
bd:fb:59:e1:1d:cc:16:7e:5f:e7:b0:24:2f:4c:11:4e:6f:58:
d3:31:b1:eb:a6:62:87:76:01:ff:3e:b4:13:55:73:82:fa:9b:
c9:99:c0:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSPtv7Hun3qBiC35uJzwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMWI0YjVjMmRhYWE2ZmMzNTA3MWY0MzhmOTY4YWY2ZmY2
Y2E0ZGEwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGNiNDNjNTExOTJmYTM3NjVhMTIxZTBmMzExYmY2M2EyYWIxZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPQaCHJXhH2MYXbPb0Uyihp6OViH
+dDbXcVqo8nNSnf/HFGQf3uJ2qesWaRgfbLwYkzRBU3De6jhBfiw5IzDswfzzXIR
qMp6EhUAJ0dMFn+atPEawMGbo4MNI7LxmKrgtyEtQ+CTtLzzcqSevhsiZlT4IkbD
OTpID3Ab4q8T3IBIYO68yORQOkPYR2pAoQFK7MJpBtn3YOiEvxXFNyrtREB5wP8y
TtX7yapvEWTyI2jHTO4EIKOVnyHOor5ges6+U/11ELLEeYa7KVT563lwX8vRdHAG
z9qHaEl6Mx8mdJLBiByApgyv63pBz235hYvtyhJyT4U/YGGmoxFshvTS9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGTLQ8URkvo3ZaEh4PMRv2Oiqx2TMB8GA1UdIwQY
MBaAFBsbS1wtqqb8NQcfQ4+Wivb/bKTaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3h0TFhDMnFwdncxQng5RGo1YUs5djlzcE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9kZGFjMGQtMzc0My00Y2QyLWE2YTMt
YTEyNDZjNjdkOWRlLzEvWk10RHhSR1MtamRsb1NIZzh4R19ZNktySFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9kZGFjMGQtMzc0My00Y2QyLWE2YTMtYTEyNDZjNjdkOWRl
LzEvR3h0TFhDMnFwdncxQng5RGo1YUs5djlzcE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBPc
MA0GCSqGSIb3DQEBCwUAA4IBAQA9SArktpaBzgDTqkhTC2r3y8GGzteJULzXikjC
akAgTmj61vQViV2CZpQgMFdPrK+x1S78PEVjhYRNXLxaIYv5pW4NIIanXapP8hVl
1GUMxiSQ0wce0Mqit/rgQWgdh7evQ7OnVNmw4V0Es1RQ8AjCLPBBJDMonXZo+WQw
rjj8/dbV336+WwgPNtvbtYsDVNS6DqDFbIkFNj8bHOMDxXQ5pNJI4/kgXl3D9fI5
b5/0sweFqq8n3+QHy7e97Myo9o14ZYLND4xY4GurcKIez7MVCcaK68rcqZK9+1nh
HcwWfl/nsCQvTBFOb1jTMbHrpmKHdgH/PrQTVXOC+pvJmcAV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:50 2025 by rpki-client