Route Origin Authorization
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/0/323030313a3637633a6438303a3a2f34382d3438203d3e20323034303132.roa
File: 323030313a3637633a6438303a3a2f34382d3438203d3e20323034303132.roa (raw, json)
Hash identifier: FjX0k+ecEZX7DOAJ3tlfHzPisEnV1T6Ox2UOvEwveUs=
Subject key identifier: 62:DB:B7:3B:B1:56:A7:5F:BA:9B:F4:70:84:AE:2C:50:D8:12:2F:FB
Certificate issuer: /CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Certificate serial: 62FEC0510992EF2E3C4EAF856CD235BC3380F91B
Authority key identifier: B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/0/323030313a3637633a6438303a3a2f34382d3438203d3e20323034303132.roa
Signing time: Sun 29 Dec 2024 08:38:10 +0000
ROA not before: Sun 29 Dec 2024 08:33:10 +0000
ROA not after: Sun 28 Dec 2025 08:38:10 +0000
asID: 204012
IP address blocks: 2001:67c:d80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Jan 2025 06:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:fe:c0:51:09:92:ef:2e:3c:4e:af:85:6c:d2:35:bc:33:80:f9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60561dffbfde255fec14d4d9f0e13f4375352e4
Validity
Not Before: Dec 29 08:33:10 2024 GMT
Not After : Dec 28 08:38:10 2025 GMT
Subject: CN=62DBB73BB156A75FBA9BF47084AE2C50D8122FFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ec:c6:2c:4e:63:7b:ed:5d:5b:3d:e9:8d:b7:
23:a7:bc:0a:da:09:b2:9f:02:62:7c:b7:3e:50:91:
6b:71:93:05:3e:da:c6:ec:e5:82:71:2c:3c:0d:b8:
77:a1:23:e3:60:86:f7:05:b0:d9:a7:ad:eb:12:57:
11:88:75:c0:8e:7f:8c:d2:b7:16:dc:73:fb:ca:74:
85:e9:49:3d:19:d8:c4:88:97:fa:5d:d2:1f:b6:87:
94:a0:16:90:cb:a3:79:ef:36:c3:ab:f8:74:20:15:
6d:0a:5c:ea:b1:71:ce:72:bd:01:5e:73:fb:1a:a8:
be:cf:fb:87:49:d2:64:58:29:ed:a1:7e:ec:d2:83:
d8:ad:ad:c4:e7:84:e5:20:8a:e7:10:11:c5:67:05:
53:1e:7f:c2:89:77:e1:53:28:e5:81:f9:92:65:df:
c6:3d:5f:1e:f8:ba:5b:7c:b8:d6:eb:e8:0a:50:90:
68:6b:60:66:01:c4:2c:2b:72:83:11:7b:aa:34:09:
e0:03:b9:6b:d7:b8:30:6a:9e:31:00:2e:c8:20:72:
f6:de:c9:3c:41:34:29:32:3c:2f:30:a9:50:d3:45:
ce:f5:b9:dd:b1:38:c0:31:3d:c7:0a:29:6d:0e:91:
a0:d7:57:89:9d:1b:17:37:f5:64:13:9c:71:88:ae:
6f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DB:B7:3B:B1:56:A7:5F:BA:9B:F4:70:84:AE:2C:50:D8:12:2F:FB
X509v3 Authority Key Identifier:
keyid:B6:05:61:DF:FB:FD:E2:55:FE:C1:4D:4D:9F:0E:13:F4:37:53:52:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/0/B60561DFFBFDE255FEC14D4D9F0E13F4375352E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgVh3_v94lX-wU1Nnw4T9DdTUuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/0/323030313a3637633a6438303a3a2f34382d3438203d3e20323034303132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d80::/48
Signature Algorithm: sha256WithRSAEncryption
77:a0:37:16:10:09:d0:b6:c8:2b:b0:7f:f9:e8:49:af:fb:7f:
43:b8:74:6b:2b:aa:09:04:45:44:be:4b:cf:d3:25:59:11:e3:
8f:3e:cc:3d:11:2f:b4:c0:66:ad:e5:eb:15:97:7b:df:fb:65:
39:d9:ce:52:9c:a1:1e:74:94:a0:22:42:ae:08:89:97:1c:7a:
80:a7:06:2b:56:20:cf:8c:f3:4f:8a:f4:2e:24:77:de:3d:7f:
fd:af:d7:fb:8a:0e:8a:cc:c6:f4:5e:7e:a0:41:6f:a0:d2:6c:
44:e1:1f:7b:7f:d5:f8:8a:9f:69:25:30:01:d5:dc:04:ae:c5:
c8:fa:0f:3a:fd:90:b1:a1:20:5c:c3:68:a9:21:7c:74:c2:c1:
c7:2b:3e:4a:00:ff:52:81:c4:05:2d:89:0d:f6:8e:6d:36:cf:
6b:e4:53:a6:aa:03:02:43:4c:61:21:db:be:b9:26:76:9c:fd:
f4:5f:1c:30:a5:60:1f:77:e7:02:76:26:74:42:79:94:2e:fc:
4b:bd:46:9a:23:77:76:33:8c:58:10:ac:6a:b3:fb:66:ee:be:
4a:f4:6e:00:1d:d4:d9:09:d0:8e:29:a0:84:05:98:1f:f5:a8:
27:9a:d0:8c:f6:38:09:85:57:ad:3d:d3:98:3a:15:f8:6a:1e:
44:99:ae:a1
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUYv7AUQmS7y48Tq+FbNI1vDOA+RswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjYwNTYxZGZmYmZkZTI1NWZlYzE0ZDRkOWYwZTEzZjQz
NzUzNTJlNDAeFw0yNDEyMjkwODMzMTBaFw0yNTEyMjgwODM4MTBaMDMxMTAvBgNV
BAMTKDYyREJCNzNCQjE1NkE3NUZCQTlCRjQ3MDg0QUUyQzUwRDgxMjJGRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR7MYsTmN77V1bPemNtyOnvAra
CbKfAmJ8tz5QkWtxkwU+2sbs5YJxLDwNuHehI+NghvcFsNmnresSVxGIdcCOf4zS
txbcc/vKdIXpST0Z2MSIl/pd0h+2h5SgFpDLo3nvNsOr+HQgFW0KXOqxcc5yvQFe
c/saqL7P+4dJ0mRYKe2hfuzSg9itrcTnhOUgiucQEcVnBVMef8KJd+FTKOWB+ZJl
38Y9Xx74ult8uNbr6ApQkGhrYGYBxCwrcoMRe6o0CeADuWvXuDBqnjEALsggcvbe
yTxBNCkyPC8wqVDTRc71ud2xOMAxPccKKW0OkaDXV4mdGxc39WQTnHGIrm+BAgMB
AAGjggHqMIIB5jAdBgNVHQ4EFgQUYtu3O7FWp1+6m/RwhK4sUNgSL/swHwYDVR0j
BBgwFoAUtgVh3/v94lX+wU1Nnw4T9DdTUuQwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8wL0I2MDU2MURGRkJGREUyNTVGRUMxNEQ0RDlGMEUxM0Y0Mzc1MzUyRTQu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90Z1ZoM192OTRsWC13VTFObnc0VDlE
ZFRVdVEuY2VyMIGGBggrBgEFBQcBCwR6MHgwdgYIKwYBBQUHMAuGanJzeW5jOi8v
cnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxsaWN1cy8wLzMyMzAzMDMxM2EzNjM3
NjMzYTY0MzgzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNDMwMzEzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABBnwNgDANBgkqhkiG9w0BAQsFAAOCAQEAd6A3FhAJ0LbIK7B/
+ehJr/t/Q7h0ayuqCQRFRL5Lz9MlWRHjjz7MPREvtMBmreXrFZd73/tlOdnOUpyh
HnSUoCJCrgiJlxx6gKcGK1Ygz4zzT4r0LiR33j1//a/X+4oOiszG9F5+oEFvoNJs
ROEfe3/V+IqfaSUwAdXcBK7FyPoPOv2QsaEgXMNoqSF8dMLBxys+SgD/UoHEBS2J
DfaObTbPa+RTpqoDAkNMYSHbvrkmdpz99F8cMKVgH3fnAnYmdEJ5lC78S71GmiN3
djOMWBCsarP7Zu6+SvRuAB3U2QnQjimghAWYH/WoJ5rQjPY4CYVXrT3TmDoV+Goe
RJmuoQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:19:51 2025 by rpki-client