Route Origin Authorization
$ rpki-client -vvf rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f34342d3438203d3e20323135393738.roa
File: 326131333a646638373a623630303a3a2f34342d3438203d3e20323135393738.roa (raw, json)
Hash identifier: 0/3SaqCMtGB5e/KlFMCBLnGmAPakKhR1Fe7iOOi8kUo=
Subject key identifier: 39:68:DB:C1:29:7D:26:1F:CB:2D:0C:EF:3F:24:DB:03:77:3B:8C:A9
Certificate issuer: /CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Certificate serial: 723DC4ABDA76330320DE32A347B26DEE0F314B3E
Authority key identifier: 2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject info access: rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f34342d3438203d3e20323135393738.roa
Signing time: Sun 07 Jan 2024 17:47:11 +0000
ROA not before: Sun 07 Jan 2024 17:42:11 +0000
ROA not after: Sun 05 Jan 2025 17:47:11 +0000
asID: 215978
IP address blocks: 2a13:df87:b600::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jan 2024 20:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:3d:c4:ab:da:76:33:03:20:de:32:a3:47:b2:6d:ee:0f:31:4b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Validity
Not Before: Jan 7 17:42:11 2024 GMT
Not After : Jan 5 17:47:11 2025 GMT
Subject: CN=3968DBC1297D261FCB2D0CEF3F24DB03773B8CA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ec:96:02:cf:50:be:dd:56:9b:6e:d0:b7:4e:
06:07:dd:91:6e:54:f7:dc:7a:d7:6e:36:43:0d:ae:
ee:65:ae:1c:88:e1:6e:aa:e9:91:26:fc:bb:33:95:
90:08:68:25:d8:5c:52:35:2b:f9:4f:84:39:46:ae:
5e:2b:c7:ba:c6:4d:25:31:7f:c3:a2:71:4b:3c:eb:
15:4c:35:24:36:31:94:e4:d8:83:4c:cb:bd:bb:73:
b0:78:4d:d8:21:9c:05:f9:cd:4a:3e:cd:0d:35:ff:
b9:43:dc:14:b6:91:d1:9b:cb:70:1e:76:85:b7:0c:
db:66:43:dd:d4:c5:39:ce:74:49:f8:c9:48:3e:98:
b3:78:8e:d6:7b:1a:79:b2:b3:30:d7:31:93:b5:d0:
6d:c4:70:1a:12:c9:f6:5f:98:68:68:ae:a6:77:37:
9c:9c:0b:80:fb:47:4a:86:3d:5d:7e:cf:ee:fb:26:
82:8f:f3:fa:03:5a:fe:0a:f7:2f:36:f7:7b:4f:bd:
3f:a5:58:54:e8:4d:c5:e9:3a:31:9c:9f:01:c0:af:
ea:e3:77:79:e4:a9:71:ee:0f:da:32:51:05:49:58:
9f:a9:c0:d8:9c:27:20:2d:dd:2d:98:a0:07:c5:fb:
2d:9f:53:4a:7c:7e:a3:f2:b1:ff:30:61:19:02:d3:
20:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:68:DB:C1:29:7D:26:1F:CB:2D:0C:EF:3F:24:DB:03:77:3B:8C:A9
X509v3 Authority Key Identifier:
keyid:2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.netiface.net/repo/Apricot/1/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.netiface.net/repo/Apricot/1/326131333a646638373a623630303a3a2f34342d3438203d3e20323135393738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:b600::/44
Signature Algorithm: sha256WithRSAEncryption
8d:0d:28:00:ae:2f:f8:f2:6c:33:ca:5b:e1:d0:eb:24:74:8d:
7f:42:98:79:2a:f0:a4:94:9e:75:21:8f:ac:21:8d:17:8c:a2:
75:65:79:9a:c3:15:3e:84:75:8b:fe:69:b0:a0:d4:8d:c8:fb:
f0:44:d4:be:39:53:ee:cd:fa:c0:ac:07:17:04:e9:64:cc:59:
1c:a7:a6:91:e9:6f:06:77:9c:07:5e:1b:9c:21:fa:54:77:69:
37:73:f1:e8:e8:bc:93:85:e3:ab:d1:e7:9a:d1:d8:12:19:41:
71:72:0f:6c:1d:04:f2:72:4c:74:01:e1:46:64:29:5d:51:57:
b5:25:8c:0c:9b:75:2d:2d:41:3f:1a:38:8b:09:9f:51:3d:1d:
a1:fb:ca:dc:52:ca:c3:61:53:7c:7a:e1:39:17:7c:3d:3c:ac:
6d:19:f4:70:6e:5c:de:3c:ab:f8:eb:36:bf:bc:ad:66:c9:0a:
cf:a2:c2:11:89:f3:30:eb:22:81:bf:d1:fe:db:74:1c:f5:ee:
44:83:fd:76:6a:6e:be:4b:a1:80:b2:da:b3:90:1a:e6:95:c1:
43:a7:a2:47:6b:7b:15:91:f7:b7:b1:07:c1:b0:d7:b4:dc:60:
6c:30:a9:69:a5:29:f4:c8:cf:ae:b4:79:ae:85:25:93:d9:49:
bb:1a:a5:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUcj3Eq9p2MwMg3jKjR7Jt7g8xSz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFF
NzVEQkJCMzAeFw0yNDAxMDcxNzQyMTFaFw0yNTAxMDUxNzQ3MTFaMDMxMTAvBgNV
BAMTKDM5NjhEQkMxMjk3RDI2MUZDQjJEMENFRjNGMjREQjAzNzczQjhDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV7JYCz1C+3VabbtC3TgYH3ZFu
VPfcetduNkMNru5lrhyI4W6q6ZEm/LszlZAIaCXYXFI1K/lPhDlGrl4rx7rGTSUx
f8OicUs86xVMNSQ2MZTk2INMy727c7B4TdghnAX5zUo+zQ01/7lD3BS2kdGby3Ae
doW3DNtmQ93UxTnOdEn4yUg+mLN4jtZ7GnmyszDXMZO10G3EcBoSyfZfmGhorqZ3
N5ycC4D7R0qGPV1+z+77JoKP8/oDWv4K9y8293tPvT+lWFToTcXpOjGcnwHAr+rj
d3nkqXHuD9oyUQVJWJ+pwNicJyAt3S2YoAfF+y2fU0p8fqPysf8wYRkC0yBrAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUOWjbwSl9Jh/LLQzvPyTbA3c7jKkwHwYDVR0j
BBgwFoAUKhphctpMM5/Xh0Z+JvkqEeddu7MwDgYDVR0PAQH/BAQDAgeAMGYGA1Ud
HwRfMF0wW6BZoFeGVXJzeW5jOi8vcnBraS5uZXRpZmFjZS5uZXQvcmVwby9BcHJp
Y290LzEvMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFFNzVEQkJCMy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC8yQTFBNjE3MkRBNEMzMzlGRDc4NzQ2N0Uy
NkY5MkExMUU3NURCQkIzLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzAL
hm1yc3luYzovL3Jwa2kubmV0aWZhY2UubmV0L3JlcG8vQXByaWNvdC8xLzMyNjEz
MTMzM2E2NDY2MzgzNzNhNjIzNjMwMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAz
MjMxMzUzOTM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB
BQUHAQcBAf8EEzARMA8EAgACMAkDBwQqE9+HtgAwDQYJKoZIhvcNAQELBQADggEB
AI0NKACuL/jybDPKW+HQ6yR0jX9CmHkq8KSUnnUhj6whjReMonVleZrDFT6EdYv+
abCg1I3I+/BE1L45U+7N+sCsBxcE6WTMWRynppHpbwZ3nAdeG5wh+lR3aTdz8ejo
vJOF46vR55rR2BIZQXFyD2wdBPJyTHQB4UZkKV1RV7UljAybdS0tQT8aOIsJn1E9
HaH7ytxSysNhU3x64TkXfD08rG0Z9HBuXN48q/jrNr+8rWbJCs+iwhGJ8zDrIoG/
0f7bdBz17kSD/XZqbr5LoYCy2rOQGuaVwUOnokdrexWR97exB8Gw17TcYGwwqWml
KfTIz660ea6FJZPZSbsapXw=
-----END CERTIFICATE-----
Generated at Sat Jan 13 23:33:12 2024 by rpki-client on console-ams.rpki-client.org