Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zz3xKuDzdctZE0e4NKvG_v859Y8.roa
File: zz3xKuDzdctZE0e4NKvG_v859Y8.roa (raw, json)
Hash identifier: rok0dnCsFfNy0XGHh6RiKGm0b4sC5AA3oohFPw11scc=
Subject key identifier: CF:3D:F1:2A:E0:F3:75:CB:59:13:47:B8:34:AB:C6:FE:FF:39:F5:8F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192584D3925EBD6B413EB0F252F635B5EC3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zz3xKuDzdctZE0e4NKvG_v859Y8.roa
Signing time: Fri 04 Oct 2024 16:11:48 +0000
ROA not before: Fri 04 Oct 2024 16:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 2a0f:1587::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 14:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:4d:39:25:eb:d6:b4:13:eb:0f:25:2f:63:5b:5e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 4 16:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf3df12ae0f375cb591347b834abc6feff39f58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:16:ba:3d:27:fd:77:05:28:fb:c1:f9:47:ff:
92:86:11:7b:96:f0:38:c3:69:50:36:54:4c:b2:8a:
2d:93:a4:d0:d0:ad:71:9b:6c:19:30:fb:11:55:eb:
ff:0e:be:54:69:a4:82:d6:1c:64:50:7d:67:b1:99:
5d:ed:a4:7d:2a:6d:a3:d5:e8:89:0c:f6:73:52:e5:
e2:be:7d:0c:14:27:92:d9:13:94:e1:e3:ce:61:67:
1f:04:e0:a9:64:fc:aa:bc:c7:e0:39:b9:08:5c:ff:
ce:ae:77:3b:72:26:ec:da:12:b7:a5:13:5f:90:d9:
86:7c:91:d2:9f:d4:0f:4a:66:78:85:d1:0d:9e:33:
e7:a7:49:98:df:30:be:83:c6:9a:58:63:61:c0:34:
2f:8f:a5:8d:49:c6:6b:e9:46:8c:05:62:bf:41:e8:
5f:50:72:c1:0b:99:fb:59:50:c7:f7:57:a0:81:81:
15:61:a5:95:4b:33:5b:3b:73:10:a2:32:01:12:62:
f8:48:06:fa:37:ce:e3:e5:5a:17:3a:45:25:07:6f:
fa:9a:02:cc:07:f4:2a:73:4e:d8:6d:f8:f4:17:10:
bf:24:60:99:f5:26:1a:91:f4:a7:b2:c1:c5:81:5f:
39:3d:92:cb:bb:19:de:75:2e:9b:2c:a3:4e:93:54:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:F1:2A:E0:F3:75:CB:59:13:47:B8:34:AB:C6:FE:FF:39:F5:8F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zz3xKuDzdctZE0e4NKvG_v859Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1587::/32
Signature Algorithm: sha256WithRSAEncryption
11:a8:58:ef:ab:b0:76:59:fb:ca:de:95:40:f9:e9:5b:bb:94:
c7:3c:97:e4:3c:6b:b0:a3:2b:c3:68:8f:34:a9:7c:54:3e:10:
d2:ef:6f:76:ef:b6:40:cb:89:92:a4:62:e0:dd:2c:fc:11:6f:
1f:e5:1a:e2:8f:37:88:b4:b5:dd:7e:ef:cb:b6:9b:d1:07:13:
25:e3:bd:14:0a:a6:6b:fa:b2:01:e9:7f:c4:45:6d:2d:e2:27:
bd:95:d8:36:a6:a6:fe:bb:12:45:d2:68:31:b1:0d:b2:1c:82:
23:58:5e:01:ca:29:1a:5a:2b:6a:ef:06:04:7c:cd:d1:7b:31:
bc:8e:4e:12:7c:23:5a:6b:ee:19:9a:d4:31:d6:4c:6b:b0:67:
63:5e:49:75:1f:8b:11:38:87:0c:ab:1b:99:6a:17:7d:db:e8:
f5:99:d0:f2:de:86:a6:bf:a5:51:ff:95:be:89:2f:d2:1f:11:
10:0c:19:03:14:06:9c:1f:f5:3d:ad:7f:76:b5:1c:b9:3f:29:
c2:9c:b5:0e:66:b0:df:d0:de:6a:cc:40:7a:c2:d6:56:f1:45:
92:46:d9:65:7f:46:29:c7:e3:fc:8d:49:fb:18:6c:5e:44:11:
39:3a:38:f9:25:74:c9:66:38:7b:43:0a:2e:2b:3e:54:29:8b:
f0:15:47:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJYTTkl69a0E+sPJS9jW17DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDA0MTYxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNkZjEyYWUwZjM3NWNiNTkxMzQ3YjgzNGFiYzZmZWZmMzlmNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ra6PSf9dwUo+8H5R/+ShhF7lvA4
w2lQNlRMsootk6TQ0K1xm2wZMPsRVev/Dr5UaaSC1hxkUH1nsZld7aR9Km2j1eiJ
DPZzUuXivn0MFCeS2ROU4ePOYWcfBOCpZPyqvMfgObkIXP/Ornc7cibs2hK3pRNf
kNmGfJHSn9QPSmZ4hdENnjPnp0mY3zC+g8aaWGNhwDQvj6WNScZr6UaMBWK/Qehf
UHLBC5n7WVDH91eggYEVYaWVSzNbO3MQojIBEmL4SAb6N87j5VoXOkUlB2/6mgLM
B/Qqc07Ybfj0FxC/JGCZ9SYakfSnssHFgV85PZLLuxnedS6bLKNOk1QoDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM898Srg83XLWRNHuDSrxv7/OfWPMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvenozeEt1RHpkY3RaRTBlNE5Ldkdfdjg1OVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg8VhzAN
BgkqhkiG9w0BAQsFAAOCAQEAEahY76uwdln7yt6VQPnpW7uUxzyX5DxrsKMrw2iP
NKl8VD4Q0u9vdu+2QMuJkqRi4N0s/BFvH+Ua4o83iLS13X7vy7ab0QcTJeO9FAqm
a/qyAel/xEVtLeInvZXYNqam/rsSRdJoMbENshyCI1heAcopGlorau8GBHzN0Xsx
vI5OEnwjWmvuGZrUMdZMa7BnY15JdR+LETiHDKsbmWoXfdvo9ZnQ8t6Gpr+lUf+V
vokv0h8REAwZAxQGnB/1Pa1/drUcuT8pwpy1Dmaw39DeasxAesLWVvFFkkbZZX9G
Kcfj/I1J+xhsXkQROTo4+SV0yWY4e0MKLis+VCmL8BVH0A==
-----END CERTIFICATE-----
Generated at Fri May 9 02:50:03 2025 by rpki-client