Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/zRTsqcjYZOk7iieJXeL64TbHclo.roa
File: zRTsqcjYZOk7iieJXeL64TbHclo.roa (raw, json)
Hash identifier: WL2tWfNc6p0qy7UIESnKriT5YmKfEEjeptakWZHzwo8=
Subject key identifier: CD:14:EC:A9:C8:D8:64:E9:3B:8A:27:89:5D:E2:FA:E1:36:C7:72:5A
Certificate issuer: /CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
Certificate serial: 018E9F11C3850163E38CD3D7E81CFAEF5D13
Authority key identifier: BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/zRTsqcjYZOk7iieJXeL64TbHclo.roa
Signing time: Tue 02 Apr 2024 13:48:45 +0000
ROA not before: Tue 02 Apr 2024 13:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8758
IP address blocks: 2001:67c:470::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 14:55:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:11:c3:85:01:63:e3:8c:d3:d7:e8:1c:fa:ef:5d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
Validity
Not Before: Apr 2 13:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd14eca9c8d864e93b8a27895de2fae136c7725a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:93:96:28:9f:d4:78:9e:68:4b:70:e5:22:d9:
71:86:6f:85:0e:7d:af:0b:66:af:95:b4:76:ae:07:
13:de:33:67:40:df:c6:1b:c1:e3:ca:6b:d2:56:e2:
1f:f4:f4:ad:43:a4:0f:0d:c4:ce:e3:a8:bf:7b:f9:
0c:c4:dd:55:a1:4b:12:28:b7:07:84:fd:5d:ed:62:
15:7a:21:6d:81:d7:fb:aa:82:2a:6d:41:82:df:b9:
07:ce:d6:f5:22:b3:96:53:51:cc:83:b2:dc:06:ec:
69:d6:4e:a9:1d:b3:9b:67:df:cc:c8:b1:71:7b:43:
66:18:c8:40:d6:10:bf:38:24:d4:87:6b:4d:13:4d:
6d:40:1e:76:a9:d7:08:e4:f8:22:a8:97:8b:30:36:
ef:d2:4e:e6:24:96:e0:07:83:8e:2e:e1:54:e4:20:
e4:ae:29:3a:fc:d3:f8:68:a9:20:31:7a:c5:50:2e:
c6:c0:c2:48:e1:b0:b6:bd:ff:7f:94:64:54:f5:40:
2d:79:b2:ff:43:b3:a7:af:09:b8:4f:c8:e3:ee:6f:
57:3d:e1:f6:14:0c:77:5c:cc:ec:e7:36:e9:37:92:
09:b9:5a:fc:c9:27:60:9f:66:14:10:2f:7f:42:50:
47:a6:65:df:aa:55:d1:14:11:ee:5a:dd:43:7d:ba:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:14:EC:A9:C8:D8:64:E9:3B:8A:27:89:5D:E2:FA:E1:36:C7:72:5A
X509v3 Authority Key Identifier:
keyid:BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/zRTsqcjYZOk7iieJXeL64TbHclo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:470::/48
Signature Algorithm: sha256WithRSAEncryption
33:dd:ef:69:96:89:a0:c0:c7:8b:74:44:a7:f0:4e:24:8c:a7:
34:91:5c:b2:cf:4a:a1:49:a2:3b:8b:b4:c8:4d:c2:78:26:f3:
af:48:e8:d1:ac:e4:96:2e:62:e1:b0:5c:ed:ed:18:35:7c:da:
84:95:ce:aa:5b:35:f2:29:c6:21:5b:d5:e7:36:5c:60:92:fa:
15:ba:66:58:a8:0e:09:37:d0:c9:d2:88:f2:f6:06:65:5a:e2:
08:30:17:3f:ed:46:10:aa:18:ef:bf:47:04:05:02:fa:c1:83:
54:f8:57:60:c1:86:36:78:df:80:bd:cc:ce:fa:99:23:2a:f9:
22:d1:e8:c1:d5:d8:3b:6a:d5:00:88:87:94:09:60:87:81:09:
a3:62:c4:39:85:6f:47:e0:56:ae:96:3b:a5:b1:cb:d8:71:03:
cb:3c:ac:c2:a9:66:28:48:ce:4b:41:27:ff:23:bd:4b:ca:f4:
af:54:41:66:24:4f:de:05:35:3a:92:00:77:f7:88:51:c6:d8:
f5:d7:7d:ee:d8:6d:ac:c1:b5:ee:41:10:84:31:c2:73:d1:99:
eb:74:7f:75:46:7e:b8:9f:f1:5f:69:02:01:8a:be:3a:c0:01:
65:5d:ad:a6:0b:55:3e:8e:b7:3b:da:22:ff:e5:c1:27:21:18:
0a:6c:67:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY6fEcOFAWPjjNPX6Bz6710TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTU5OWMyNjc1NWY0YTRkNGY1NDBlMmZmZDdiNzRhMzkw
NTNkYTMwHhcNMjQwNDAyMTM0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDE0ZWNhOWM4ZDg2NGU5M2I4YTI3ODk1ZGUyZmFlMTM2Yzc3MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJOWKJ/UeJ5oS3DlItlxhm+FDn2v
C2avlbR2rgcT3jNnQN/GG8HjymvSVuIf9PStQ6QPDcTO46i/e/kMxN1VoUsSKLcH
hP1d7WIVeiFtgdf7qoIqbUGC37kHztb1IrOWU1HMg7LcBuxp1k6pHbObZ9/MyLFx
e0NmGMhA1hC/OCTUh2tNE01tQB52qdcI5PgiqJeLMDbv0k7mJJbgB4OOLuFU5CDk
rik6/NP4aKkgMXrFUC7GwMJI4bC2vf9/lGRU9UAtebL/Q7Onrwm4T8jj7m9XPeH2
FAx3XMzs5zbpN5IJuVr8ySdgn2YUEC9/QlBHpmXfqlXRFBHuWt1DfbrNzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM0U7KnI2GTpO4oniV3i+uE2x3JaMB8GA1UdIwQY
MBaAFL9VmcJnVfSk1PVA4v/Xt0o5BT2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2Mt
M2UxYjg0MzJmYzcwLzEvelJUc3FjallaT2s3aWllSlhlTDY0VGJIY2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2MtM2UxYjg0MzJmYzcw
LzEvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfARw
MA0GCSqGSIb3DQEBCwUAA4IBAQAz3e9plomgwMeLdESn8E4kjKc0kVyyz0qhSaI7
i7TITcJ4JvOvSOjRrOSWLmLhsFzt7Rg1fNqElc6qWzXyKcYhW9XnNlxgkvoVumZY
qA4JN9DJ0ojy9gZlWuIIMBc/7UYQqhjvv0cEBQL6wYNU+FdgwYY2eN+AvczO+pkj
Kvki0ejB1dg7atUAiIeUCWCHgQmjYsQ5hW9H4FauljulscvYcQPLPKzCqWYoSM5L
QSf/I71LyvSvVEFmJE/eBTU6kgB394hRxtj1133u2G2swbXuQRCEMcJz0ZnrdH91
Rn64n/FfaQIBir46wAFlXa2mC1U+jrc72iL/5cEnIRgKbGcH
-----END CERTIFICATE-----
Generated at Tue Apr 2 21:11:35 2024 by rpki-client on console.sobornost.net