Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NwfAOddIuAvQuzFUGzkd46yGNJA.roa
File: NwfAOddIuAvQuzFUGzkd46yGNJA.roa (raw, json)
Hash identifier: 93pcNMsG9/RJRKyDhwEtzj1fQw3wuQfFZlqKOywd3G0=
Subject key identifier: 37:07:C0:39:D7:48:B8:0B:D0:BB:31:54:1B:39:1D:E3:AC:86:34:90
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F42A85E7DEF1611274F9064FBBA263B
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NwfAOddIuAvQuzFUGzkd46yGNJA.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398103
IP address blocks: 2a01:488:bb11::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a8:5e:7d:ef:16:11:27:4f:90:64:fb:ba:26:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3707c039d748b80bd0bb31541b391de3ac863490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:2d:42:09:64:0a:38:9c:c7:b6:bd:53:c0:
a9:fd:3d:ea:0a:80:26:5e:fe:80:46:cc:54:5e:f8:
06:e1:40:f8:7e:44:c2:a8:a2:ec:34:98:17:d5:dd:
76:62:40:bf:16:a3:f6:48:2d:4b:58:d0:39:b3:a7:
70:d3:e4:33:f4:bb:17:7e:17:0f:ef:82:9c:66:c6:
2b:f2:37:2e:0b:eb:1b:13:88:d4:36:a7:55:01:80:
dc:95:21:2e:36:28:43:03:69:58:a8:f8:1c:24:67:
ee:8e:b3:6e:98:ec:f8:12:e5:15:31:39:02:17:15:
26:bb:84:d4:29:89:a0:2f:cd:6d:d4:bc:d9:20:5d:
56:06:f0:75:e7:d7:f5:fc:f8:58:50:50:8e:b2:9b:
35:b2:a0:02:5d:c1:5c:5c:a2:3c:f0:d4:b3:e7:c5:
bc:5c:f8:88:28:93:87:7b:2b:4c:24:57:3e:2e:78:
3b:70:05:a7:1d:40:c5:ae:79:0b:ea:32:05:01:e3:
e4:84:13:fa:d8:e9:36:0c:07:d2:ea:45:8e:28:be:
27:29:8d:a7:9e:d8:09:b3:34:6c:88:c7:a6:55:5d:
a5:dd:5d:de:1b:4e:d9:63:bf:ef:7e:75:60:1b:64:
c8:ee:22:bc:18:b3:8a:0a:ca:d6:01:a3:0f:93:a5:
7b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:07:C0:39:D7:48:B8:0B:D0:BB:31:54:1B:39:1D:E3:AC:86:34:90
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NwfAOddIuAvQuzFUGzkd46yGNJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb11::/48
Signature Algorithm: sha256WithRSAEncryption
a7:57:c0:48:38:4b:4b:42:77:47:2a:27:87:5d:2e:0c:04:1c:
37:08:5d:c7:92:94:0f:6a:ee:a3:d3:27:89:89:47:00:3b:a2:
f7:5e:4f:2a:b2:1d:84:9e:a7:c2:d9:5d:20:19:e9:6b:79:6f:
8f:6e:22:4a:45:7f:b0:d9:8c:f4:d8:de:eb:e6:a4:c1:62:5c:
69:f7:0a:52:8f:17:21:38:0a:bb:d1:ab:8b:9f:11:cf:b2:52:
ed:f6:88:e2:a6:9f:a7:47:c5:3c:ff:c5:eb:28:ad:5a:eb:2a:
22:2b:b2:1e:a6:f5:0f:d0:76:4e:13:b1:ba:14:22:ae:7b:e9:
e5:4e:14:4e:b8:07:b2:55:5e:79:9a:d0:c9:61:e6:d9:9b:05:
db:27:d8:a2:9c:7d:f9:28:f4:22:0c:42:d6:7b:bc:dc:72:75:
5f:90:43:5d:ef:0a:e2:48:fb:e9:b2:49:7c:6f:71:6e:d2:51:
0c:29:8b:c1:75:3d:4b:42:a5:b5:f9:89:8c:e9:af:33:79:a7:
53:c6:43:3c:16:6a:25:71:58:6a:1c:a3:d8:21:d4:ba:42:81:
76:e4:15:9a:a0:5b:59:84:40:ff:cd:96:15:ed:11:8c:57:9e:
0a:47:a4:05:93:7b:f9:a6:af:1c:25:cc:fd:57:78:05:f0:cc:
e8:47:23:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQqhefe8WESdPkGT7uiY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA3YzAzOWQ3NDhiODBiZDBiYjMxNTQxYjM5MWRlM2FjODYzNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2UtQglkCjicx7a9U8Cp/T3qCoAm
Xv6ARsxUXvgG4UD4fkTCqKLsNJgX1d12YkC/FqP2SC1LWNA5s6dw0+Qz9LsXfhcP
74KcZsYr8jcuC+sbE4jUNqdVAYDclSEuNihDA2lYqPgcJGfujrNumOz4EuUVMTkC
FxUmu4TUKYmgL81t1LzZIF1WBvB159f1/PhYUFCOsps1sqACXcFcXKI88NSz58W8
XPiIKJOHeytMJFc+Lng7cAWnHUDFrnkL6jIFAePkhBP62Ok2DAfS6kWOKL4nKY2n
ntgJszRsiMemVV2l3V3eG07ZY7/vfnVgG2TI7iK8GLOKCsrWAaMPk6V7CQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDcHwDnXSLgL0LsxVBs5HeOshjSQMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvTndmQU9kZEl1QXZRdXpGVUd6a2Q0NnlHTkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsR
MA0GCSqGSIb3DQEBCwUAA4IBAQCnV8BIOEtLQndHKieHXS4MBBw3CF3HkpQPau6j
0yeJiUcAO6L3Xk8qsh2EnqfC2V0gGelreW+PbiJKRX+w2Yz02N7r5qTBYlxp9wpS
jxchOAq70auLnxHPslLt9ojipp+nR8U8/8XrKK1a6yoiK7IepvUP0HZOE7G6FCKu
e+nlThROuAeyVV55mtDJYebZmwXbJ9iinH35KPQiDELWe7zccnVfkENd7wriSPvp
skl8b3Fu0lEMKYvBdT1LQqW1+YmM6a8zeadTxkM8FmolcVhqHKPYIdS6QoF25BWa
oFtZhED/zZYV7RGMV54KR6QFk3v5pq8cJcz9V3gF8MzoRyPe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org