Route Origin Authorization
$ rpki-client -vvf rpki.netiface.net/repo/Apricot/1/326131333a646638373a323030303a3a2f33362d3336203d3e20323135393738.roa
File: 326131333a646638373a323030303a3a2f33362d3336203d3e20323135393738.roa (raw, json)
Hash identifier: a6Lp1G3yib4VEVBUhfWGiykEK+SsTMELHcfK0vxPvzU=
Subject key identifier: 29:64:92:B8:4D:9B:A7:AC:7E:B9:66:A3:33:56:15:A5:DA:99:1B:31
Certificate issuer: /CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Certificate serial: 043C29B0EEF9D6F796D0A8A1F13125EFFF1C5D2B
Authority key identifier: 2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject info access: rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a323030303a3a2f33362d3336203d3e20323135393738.roa
Signing time: Sun 14 Jan 2024 09:05:03 +0000
ROA not before: Sun 14 Jan 2024 09:00:03 +0000
ROA not after: Sun 12 Jan 2025 09:05:03 +0000
asID: 215978
IP address blocks: 2a13:df87:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 17 Mar 2024 21:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:3c:29:b0:ee:f9:d6:f7:96:d0:a8:a1:f1:31:25:ef:ff:1c:5d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Validity
Not Before: Jan 14 09:00:03 2024 GMT
Not After : Jan 12 09:05:03 2025 GMT
Subject: CN=296492B84D9BA7AC7EB966A3335615A5DA991B31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0a:ad:17:58:39:3d:f5:3b:44:92:91:27:a6:
2a:cb:31:68:af:85:e8:60:8c:d9:ca:b0:1a:14:36:
cf:6d:c7:11:29:18:d3:a6:7e:72:0b:d6:aa:2d:ae:
61:f7:34:a8:e3:c9:79:fb:f2:18:e9:28:72:2e:17:
a3:cd:74:09:a5:96:48:18:14:02:fd:72:64:48:d8:
68:d1:36:09:16:18:97:07:18:fd:c9:c8:a8:f8:ae:
df:b7:c6:c8:ee:81:aa:cc:6b:99:ce:cb:9a:02:57:
11:cb:c9:b0:6f:2c:b5:14:24:2b:23:fc:e9:1e:9f:
7a:dd:b5:c6:68:d6:08:e7:af:07:e7:52:aa:28:4b:
ff:e8:df:6f:71:44:e6:bd:18:68:25:c5:4f:f1:a2:
a8:6e:5b:83:27:7b:dd:6b:99:4f:43:8e:36:95:b7:
4d:60:22:e1:6b:18:4c:35:31:3a:f3:20:19:e5:6b:
9a:9f:28:00:7c:67:e1:d8:79:0a:13:fe:3d:3f:f8:
05:3c:3f:13:dd:d2:7c:04:7a:d3:3d:f0:b8:a8:ae:
50:17:64:be:34:53:41:47:3e:1d:d7:16:26:cc:b4:
cf:65:a2:c9:58:31:ff:72:10:c7:0b:9d:28:02:7d:
eb:2c:2f:bd:57:d7:8d:8a:87:4b:c4:fa:64:fc:e5:
23:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:64:92:B8:4D:9B:A7:AC:7E:B9:66:A3:33:56:15:A5:DA:99:1B:31
X509v3 Authority Key Identifier:
keyid:2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.netiface.net/repo/Apricot/1/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a323030303a3a2f33362d3336203d3e20323135393738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:2000::/36
Signature Algorithm: sha256WithRSAEncryption
58:61:4c:fb:6c:ff:1d:61:9b:21:f7:93:28:62:73:c2:2c:f9:
97:df:d7:56:ad:12:21:5f:bf:3c:26:c6:69:fb:dc:40:a6:d1:
b2:17:6e:aa:ef:43:81:4d:3b:6f:2a:0b:b7:94:29:cf:f1:a5:
a6:02:74:04:b4:cd:ef:50:2f:1c:30:1d:e3:b3:c5:ff:5d:1f:
48:2c:02:fb:cb:fb:17:a4:40:f2:86:98:b0:0f:62:5e:3f:90:
06:69:00:2d:ce:a1:07:4c:3e:15:83:bd:b2:bb:89:41:cf:7d:
62:fc:3c:7a:78:0c:14:98:02:c6:a1:7c:5c:36:c2:a2:6e:a6:
b6:34:16:47:c5:5b:16:73:d1:ad:10:b1:23:58:2a:03:f8:d8:
4b:ea:55:dd:d7:3a:05:fb:33:f6:1b:38:fe:37:21:44:13:bb:
91:4b:2e:9c:4e:1f:d1:01:4c:00:db:0f:e1:54:74:1a:f3:51:
d5:83:90:a3:f5:c1:22:47:bc:54:db:8c:f3:44:94:f4:65:07:
36:3a:ba:1d:b1:b8:fd:aa:90:a4:67:b2:eb:a9:38:a6:cf:cf:
5a:a7:86:e9:ad:aa:bd:b8:04:f5:d9:cc:7b:20:70:4d:78:b7:
64:0e:8e:9f:68:e6:37:73:21:c9:3d:47:f9:d5:a0:fe:ae:90:
b6:eb:b4:64
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUBDwpsO751veW0Kih8TEl7/8cXSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFF
NzVEQkJCMzAeFw0yNDAxMTQwOTAwMDNaFw0yNTAxMTIwOTA1MDNaMDMxMTAvBgNV
BAMTKDI5NjQ5MkI4NEQ5QkE3QUM3RUI5NjZBMzMzNTYxNUE1REE5OTFCMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDACq0XWDk99TtEkpEnpirLMWiv
hehgjNnKsBoUNs9txxEpGNOmfnIL1qotrmH3NKjjyXn78hjpKHIuF6PNdAmllkgY
FAL9cmRI2GjRNgkWGJcHGP3JyKj4rt+3xsjugarMa5nOy5oCVxHLybBvLLUUJCsj
/Oken3rdtcZo1gjnrwfnUqooS//o329xROa9GGglxU/xoqhuW4Mne91rmU9DjjaV
t01gIuFrGEw1MTrzIBnla5qfKAB8Z+HYeQoT/j0/+AU8PxPd0nwEetM98LiorlAX
ZL40U0FHPh3XFibMtM9loslYMf9yEMcLnSgCfessL71X142Kh0vE+mT85SM1AgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUKWSSuE2bp6x+uWajM1YVpdqZGzEwHwYDVR0j
BBgwFoAUKhphctpMM5/Xh0Z+JvkqEeddu7MwDgYDVR0PAQH/BAQDAgeAMGYGA1Ud
HwRfMF0wW6BZoFeGVXJzeW5jOi8vcnBraS5uZXRpZmFjZS5uZXQvcmVwby9BcHJp
Y290LzEvMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFFNzVEQkJCMy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC8yQTFBNjE3MkRBNEMzMzlGRDc4NzQ2N0Uy
NkY5MkExMUU3NURCQkIzLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzAL
hm1yc3luYzovL3Jwa2kubmV0aWZhY2UubmV0L3JlcG8vQXByaWNvdC8xLzMyNjEz
MTMzM2E2NDY2MzgzNzNhMzIzMDMwMzAzYTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAz
MjMxMzUzOTM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYB
BQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqE9+HIDANBgkqhkiG9w0BAQsFAAOCAQEA
WGFM+2z/HWGbIfeTKGJzwiz5l9/XVq0SIV+/PCbGafvcQKbRshduqu9DgU07byoL
t5Qpz/GlpgJ0BLTN71AvHDAd47PF/10fSCwC+8v7F6RA8oaYsA9iXj+QBmkALc6h
B0w+FYO9sruJQc99Yvw8engMFJgCxqF8XDbCom6mtjQWR8VbFnPRrRCxI1gqA/jY
S+pV3dc6Bfsz9hs4/jchRBO7kUsunE4f0QFMANsP4VR0GvNR1YOQo/XBIke8VNuM
80SU9GUHNjq6HbG4/aqQpGey66k4ps/PWqeG6a2qvbgE9dnMeyBwTXi3ZA6On2jm
N3MhyT1H+dWg/q6Qtuu0ZA==
-----END CERTIFICATE-----
Generated at Mon Mar 18 05:38:34 2024 by rpki-client on console-ams.rpki-client.org