Route Origin Authorization
$ rpki-client -vvf rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f33392d3339203d3e20323135393738.roa
File: 326131333a646638373a623630303a3a2f33392d3339203d3e20323135393738.roa (raw, json)
Hash identifier: 1hahTvHHVe+m9AvVcrpA+vVHG+42b6T9L6igDdeS1A0=
Subject key identifier: 3E:10:C7:8A:E2:10:59:88:10:0A:77:E7:C5:77:55:E0:0B:64:75:C9
Certificate issuer: /CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Certificate serial: 04C62D39B3086CA2224849E07CE7EA9EAB2FCB67
Authority key identifier: 2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject info access: rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f33392d3339203d3e20323135393738.roa
Signing time: Sun 07 Jan 2024 17:36:33 +0000
ROA not before: Sun 07 Jan 2024 17:31:33 +0000
ROA not after: Sun 05 Jan 2025 17:36:33 +0000
asID: 215978
IP address blocks: 2a13:df87:b600::/39 maxlen: 39
Validation: Failed, certificate revoked on Sat 13 Jan 2024 20:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:c6:2d:39:b3:08:6c:a2:22:48:49:e0:7c:e7:ea:9e:ab:2f:cb:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Validity
Not Before: Jan 7 17:31:33 2024 GMT
Not After : Jan 5 17:36:33 2025 GMT
Subject: CN=3E10C78AE2105988100A77E7C57755E00B6475C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6a:a1:89:9f:1f:d3:db:45:d2:e5:d0:6b:9d:
c2:c9:7a:3d:2a:93:66:be:a4:95:b4:4a:48:30:d9:
f1:5c:55:d0:f2:7e:eb:d3:31:85:18:44:a3:9a:d1:
b6:7a:b3:7f:5a:30:31:3d:12:92:de:54:77:15:9b:
56:58:14:36:45:50:b0:60:c4:a2:88:59:66:73:53:
09:22:cb:ff:de:9b:e2:7c:d3:5f:d1:ad:be:5e:b6:
bf:8f:bf:12:71:5e:94:35:b8:a5:62:ce:06:90:24:
23:15:f4:1c:33:8a:19:df:bc:31:60:44:3d:8b:cf:
b6:4c:96:7c:5b:6b:0d:be:c5:21:53:e7:55:e3:d7:
e8:af:6c:2d:db:d6:2c:93:86:ae:76:e4:6c:8a:ba:
b0:95:5f:19:77:1d:1e:ce:38:16:20:a5:01:ad:7f:
0f:ad:8c:99:3a:97:3c:18:97:e5:f5:36:81:74:64:
eb:bc:e6:63:5c:ea:2a:2f:45:6e:87:5e:6b:74:9f:
bc:6f:8e:c8:c5:b9:cc:21:e7:38:01:bb:03:44:11:
82:29:e0:75:d5:81:43:48:5e:47:ab:d9:3c:50:0e:
2c:4a:9e:31:2a:02:39:16:df:28:f3:02:39:33:95:
70:97:03:0a:1e:d8:ef:ec:5a:5f:9c:f0:82:48:94:
20:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:C7:8A:E2:10:59:88:10:0A:77:E7:C5:77:55:E0:0B:64:75:C9
X509v3 Authority Key Identifier:
keyid:2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.netiface.net/repo/Apricot/1/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f33392d3339203d3e20323135393738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:b600::/39
Signature Algorithm: sha256WithRSAEncryption
17:ff:89:32:05:c7:5a:4c:ce:96:ae:b0:43:fa:e5:b2:e2:38:
46:cd:68:69:e3:7f:68:58:c7:1d:46:c1:b6:bf:d0:05:10:79:
43:94:7b:8b:d9:dc:72:4a:db:b2:77:8c:06:ce:ec:94:bd:3d:
98:77:e5:cd:df:5b:55:3b:07:94:1b:b1:95:bd:b3:49:d8:50:
ab:b0:92:b5:4f:a6:d0:10:ed:b5:d4:49:57:d5:49:24:3a:aa:
91:7f:40:96:17:6b:0a:7a:f3:4b:74:86:90:66:e0:49:7c:e7:
8a:a5:ef:27:43:2d:9a:5d:72:ff:46:a1:6e:f1:21:a0:9d:12:
a4:d2:37:1b:5d:23:a3:b0:8c:5e:e7:b3:4e:ce:90:b3:3d:90:
eb:4a:30:f2:e0:db:4a:a2:be:53:d7:b5:69:e2:d3:cf:81:97:
c6:eb:fd:d1:e2:12:9f:bb:4a:3b:c6:01:56:a9:16:7d:ff:61:
4e:0c:70:f0:86:ef:e8:55:0f:8e:54:7a:d0:d6:e9:a5:c8:87:
87:c9:e3:c5:2c:70:6f:81:67:58:64:1a:e2:66:38:05:66:10:
df:f3:2d:f7:8d:f9:3d:79:3d:60:47:df:ee:9c:14:87:4e:20:
4d:e0:10:54:8a:ed:94:03:41:20:b6:5b:7c:60:bd:fc:1e:5d:
3c:17:00:86
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUBMYtObMIbKIiSEngfOfqnqsvy2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFF
NzVEQkJCMzAeFw0yNDAxMDcxNzMxMzNaFw0yNTAxMDUxNzM2MzNaMDMxMTAvBgNV
BAMTKDNFMTBDNzhBRTIxMDU5ODgxMDBBNzdFN0M1Nzc1NUUwMEI2NDc1QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdaqGJnx/T20XS5dBrncLJej0q
k2a+pJW0Skgw2fFcVdDyfuvTMYUYRKOa0bZ6s39aMDE9EpLeVHcVm1ZYFDZFULBg
xKKIWWZzUwkiy//em+J801/Rrb5etr+PvxJxXpQ1uKVizgaQJCMV9BwzihnfvDFg
RD2Lz7ZMlnxbaw2+xSFT51Xj1+ivbC3b1iyThq525GyKurCVXxl3HR7OOBYgpQGt
fw+tjJk6lzwYl+X1NoF0ZOu85mNc6iovRW6HXmt0n7xvjsjFucwh5zgBuwNEEYIp
4HXVgUNIXker2TxQDixKnjEqAjkW3yjzAjkzlXCXAwoe2O/sWl+c8IJIlCDXAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUPhDHiuIQWYgQCnfnxXdV4AtkdckwHwYDVR0j
BBgwFoAUKhphctpMM5/Xh0Z+JvkqEeddu7MwDgYDVR0PAQH/BAQDAgeAMGYGA1Ud
HwRfMF0wW6BZoFeGVXJzeW5jOi8vcnBraS5uZXRpZmFjZS5uZXQvcmVwby9BcHJp
Y290LzEvMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFFNzVEQkJCMy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC8yQTFBNjE3MkRBNEMzMzlGRDc4NzQ2N0Uy
NkY5MkExMUU3NURCQkIzLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzAL
hm1yc3luYzovL3Jwa2kubmV0aWZhY2UubmV0L3JlcG8vQXByaWNvdC8xLzMyNjEz
MTMzM2E2NDY2MzgzNzNhNjIzNjMwMzAzYTNhMmYzMzM5MmQzMzM5MjAzZDNlMjAz
MjMxMzUzOTM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYB
BQUHAQcBAf8EEjAQMA4EAgACMAgDBgEqE9+HtjANBgkqhkiG9w0BAQsFAAOCAQEA
F/+JMgXHWkzOlq6wQ/rlsuI4Rs1oaeN/aFjHHUbBtr/QBRB5Q5R7i9ncckrbsneM
Bs7slL09mHflzd9bVTsHlBuxlb2zSdhQq7CStU+m0BDttdRJV9VJJDqqkX9Alhdr
CnrzS3SGkGbgSXzniqXvJ0Mtml1y/0ahbvEhoJ0SpNI3G10jo7CMXuezTs6Qsz2Q
60ow8uDbSqK+U9e1aeLTz4GXxuv90eISn7tKO8YBVqkWff9hTgxw8Ibv6FUPjlR6
0NbppciHh8njxSxwb4FnWGQa4mY4BWYQ3/Mt9435PXk9YEff7pwUh04gTeAQVIrt
lANBILZbfGC9/B5dPBcAhg==
-----END CERTIFICATE-----
Generated at Sat Jan 13 23:33:12 2024 by rpki-client on console-ams.rpki-client.org