Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/nbXPqkT_1Ot7Jj78fpd93IkSucA.roa
File: nbXPqkT_1Ot7Jj78fpd93IkSucA.roa (raw, json)
Hash identifier: 8iiePzUj0S7fcxmc6qyv8WbWSVa4mPdrL2hD2b/8T+k=
Subject key identifier: 9D:B5:CF:AA:44:FF:D4:EB:7B:26:3E:FC:7E:97:7D:DC:89:12:B9:C0
Certificate issuer: /CN=4367547d851e3cd776cd33290b2454acc0e851bb
Certificate serial: 01936A1A11D2554DE379FF11E7E5AFFFC9C3
Authority key identifier: 43:67:54:7D:85:1E:3C:D7:76:CD:33:29:0B:24:54:AC:C0:E8:51:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2dUfYUePNd2zTMpCyRUrMDoUbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/nbXPqkT_1Ot7Jj78fpd93IkSucA.roa
Signing time: Tue 26 Nov 2024 20:11:53 +0000
ROA not before: Tue 26 Nov 2024 20:11:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214844
IP address blocks: 2a14:56c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6a:1a:11:d2:55:4d:e3:79:ff:11:e7:e5:af:ff:c9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4367547d851e3cd776cd33290b2454acc0e851bb
Validity
Not Before: Nov 26 20:11:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9db5cfaa44ffd4eb7b263efc7e977ddc8912b9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2c:6d:de:36:de:cc:ee:74:31:84:be:ac:ec:
02:56:92:18:53:c3:40:6c:a3:f8:f7:9d:0e:e2:6e:
28:a5:9f:74:fa:0e:3d:d3:6a:62:d5:b8:7f:83:c4:
38:cf:e9:8c:45:b2:e6:06:b8:29:b8:3d:99:c8:5c:
b3:dc:fb:ff:8d:99:da:5f:52:e1:e5:b7:39:04:70:
43:1d:ad:ba:fb:79:ae:5a:e1:38:96:25:c8:3b:2b:
a4:a6:ba:0a:df:53:e0:ac:34:5d:f0:7e:0b:b1:25:
9b:f0:e7:08:8d:21:f1:29:15:0c:b0:14:7d:d8:33:
81:59:ef:a5:3b:59:e1:00:4c:f7:22:db:fe:cc:d8:
16:72:5d:9a:0f:35:8b:30:f5:3b:e6:df:9d:6c:53:
e8:d5:7e:d4:74:c5:d3:de:71:0d:49:4c:90:e2:b0:
70:14:82:5c:e0:04:ce:48:f1:41:a8:e3:43:67:bc:
09:18:37:4e:4b:78:16:f8:20:c3:8d:a5:9a:8b:71:
07:1d:fa:24:c9:6d:68:75:ad:4c:dc:02:4d:c0:9e:
af:32:d9:01:97:e6:b0:73:33:8f:b1:e3:5b:67:10:
fa:1e:ba:67:c0:a7:80:4c:78:d4:3b:a1:d6:cd:04:
11:88:59:3c:10:a3:cd:49:54:0e:0c:73:ab:b3:a1:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B5:CF:AA:44:FF:D4:EB:7B:26:3E:FC:7E:97:7D:DC:89:12:B9:C0
X509v3 Authority Key Identifier:
keyid:43:67:54:7D:85:1E:3C:D7:76:CD:33:29:0B:24:54:AC:C0:E8:51:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2dUfYUePNd2zTMpCyRUrMDoUbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/nbXPqkT_1Ot7Jj78fpd93IkSucA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:56c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:f4:fa:d9:ef:e4:f2:47:6c:cf:cf:9c:f9:cf:24:47:0b:12:
a3:9e:18:b9:db:31:73:fd:e6:df:26:ac:3b:58:d8:ad:c4:a4:
9b:42:8c:0b:69:af:1b:18:d8:8e:28:73:eb:b3:b7:e2:07:25:
57:7b:37:9c:f1:9c:ae:b2:8e:8c:18:38:8d:94:c7:b0:14:58:
00:bc:ca:75:9c:46:37:32:19:ec:a3:92:82:e8:95:84:3e:60:
4d:c6:fb:6e:24:71:f9:cd:51:71:d6:2e:1d:87:ce:da:da:5f:
34:6b:b1:bb:80:c2:4e:5f:cd:36:00:d0:fd:81:eb:7d:13:0c:
0d:e7:d5:c2:2b:fb:cc:16:06:f0:5c:43:74:f7:9d:62:f2:6a:
82:4f:5f:1a:2b:dd:64:b7:16:d2:94:5c:4e:c5:80:60:40:d0:
9e:e0:ef:b3:fd:0a:e4:3a:d5:07:4f:04:3c:b3:c6:7d:ac:3c:
50:ee:44:55:f5:5a:60:d5:1d:d3:ae:17:50:dc:41:eb:cf:a0:
5e:f6:f6:37:fc:57:a3:f4:10:80:db:6f:94:26:ea:e2:a0:f2:
62:49:24:24:a7:cf:da:6b:a7:d6:91:40:bf:db:b1:79:ac:53:
6f:63:80:f4:57:a5:fa:4a:fe:b8:54:f2:3c:43:99:ca:71:22:
dd:68:cf:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNqGhHSVU3jef8R5+Wv/8nDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjc1NDdkODUxZTNjZDc3NmNkMzMyOTBiMjQ1NGFjYzBl
ODUxYmIwHhcNMjQxMTI2MjAxMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI1Y2ZhYTQ0ZmZkNGViN2IyNjNlZmM3ZTk3N2RkYzg5MTJiOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yxt3jbezO50MYS+rOwCVpIYU8NA
bKP4950O4m4opZ90+g4902pi1bh/g8Q4z+mMRbLmBrgpuD2ZyFyz3Pv/jZnaX1Lh
5bc5BHBDHa26+3muWuE4liXIOyukproK31PgrDRd8H4LsSWb8OcIjSHxKRUMsBR9
2DOBWe+lO1nhAEz3Itv+zNgWcl2aDzWLMPU75t+dbFPo1X7UdMXT3nENSUyQ4rBw
FIJc4ATOSPFBqONDZ7wJGDdOS3gW+CDDjaWai3EHHfokyW1oda1M3AJNwJ6vMtkB
l+awczOPseNbZxD6HrpnwKeATHjUO6HWzQQRiFk8EKPNSVQODHOrs6H0MQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ21z6pE/9TreyY+/H6XfdyJErnAMB8GA1UdIwQY
MBaAFENnVH2FHjzXds0zKQskVKzA6FG7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJkVWZZVWVQTmQyelRNcEN5UlVyTURvVWJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzRjODUtOWU3ZC00YWNlLTk1OGYt
ZGFiN2YwYzhkMjQwLzEvbmJYUHFrVF8xT3Q3Smo3OGZwZDkzSWtTdWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84NzRjODUtOWU3ZC00YWNlLTk1OGYtZGFiN2YwYzhkMjQw
LzEvUTJkVWZZVWVQTmQyelRNcEN5UlVyTURvVWJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAjPT62e/k8kdsz8+c+c8kRwsSo54Yudsxc/3m3yas
O1jYrcSkm0KMC2mvGxjYjihz67O34gclV3s3nPGcrrKOjBg4jZTHsBRYALzKdZxG
NzIZ7KOSguiVhD5gTcb7biRx+c1RcdYuHYfO2tpfNGuxu4DCTl/NNgDQ/YHrfRMM
DefVwiv7zBYG8FxDdPedYvJqgk9fGivdZLcW0pRcTsWAYEDQnuDvs/0K5DrVB08E
PLPGfaw8UO5EVfVaYNUd064XUNxB68+gXvb2N/xXo/QQgNtvlCbq4qDyYkkkJKfP
2mun1pFAv9uxeaxTb2OA9Fel+kr+uFTyPEOZynEi3WjPYQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:23:26 2025 by rpki-client