Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/nhbcybNoUnQfknspgvknAWkJ-_w.roa
File: nhbcybNoUnQfknspgvknAWkJ-_w.roa (raw, json)
Hash identifier: Ol1nPApqY+o3pXlTfQNWrQpGa725c1ZmymYdxgyfAzs=
Subject key identifier: 9E:16:DC:C9:B3:68:52:74:1F:92:7B:29:82:F9:27:01:69:09:FB:FC
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 01856F30114330C37E75EBEE5E68D14CA7F6
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/nhbcybNoUnQfknspgvknAWkJ-_w.roa
Signing time: Sun 01 Jan 2023 21:14:59 +0000
ROA not before: Sun 01 Jan 2023 21:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8519
IP address blocks: 2001:638:30d::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:11:43:30:c3:7e:75:eb:ee:5e:68:d1:4c:a7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Jan 1 21:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e16dcc9b36852741f927b2982f927016909fbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:86:df:61:6c:f2:5d:93:ef:12:89:c7:5c:a3:
5f:ad:d7:83:95:24:5d:16:cb:80:20:9a:a3:f3:3e:
02:14:f4:6e:2d:07:a6:9b:af:3e:e8:c0:2d:6e:6a:
63:11:49:86:62:ce:e7:13:d3:a6:4c:ac:2b:34:7e:
83:b6:7b:43:a5:24:d3:ad:b6:c9:28:7d:d6:e0:38:
47:8f:9b:4b:52:26:ea:28:a8:b8:3c:25:b1:94:22:
a8:52:15:65:01:54:11:1c:e3:5b:06:1d:29:b2:91:
23:33:cf:4e:74:bc:0a:4e:67:f3:09:0e:23:be:09:
f1:0d:e7:69:a3:d2:34:35:59:31:2a:88:eb:25:7c:
22:33:bb:06:8e:5c:b8:7b:0a:b7:dd:84:a2:06:7e:
8a:49:3e:73:32:9c:2d:0d:74:82:b6:23:cc:cd:1b:
8f:4c:9c:03:cf:4b:2d:0f:d8:82:11:42:f3:64:75:
00:2f:2f:06:f4:2e:b4:c4:74:d4:28:b2:46:eb:cb:
7f:2f:15:99:88:4b:89:90:98:7f:40:b6:fb:23:2a:
f1:dc:b9:45:a9:eb:4b:79:b6:c7:8f:50:c0:40:18:
6f:98:56:e0:1f:9f:07:51:3a:96:e4:f8:39:01:db:
50:42:01:a8:3a:ca:38:d2:3b:83:91:46:3c:43:30:
27:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:16:DC:C9:B3:68:52:74:1F:92:7B:29:82:F9:27:01:69:09:FB:FC
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/nhbcybNoUnQfknspgvknAWkJ-_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:638:30d::/48
Signature Algorithm: sha256WithRSAEncryption
75:cc:d1:7c:ec:94:5e:ff:8f:26:7a:b1:02:4d:74:ed:e1:f3:
91:33:6e:97:e2:c6:7a:8a:67:61:fa:d1:27:a0:be:c0:dc:dd:
f5:dc:7e:47:57:ee:ce:b1:9d:04:a2:73:65:09:fd:63:6d:ff:
7e:6c:db:00:9d:77:29:d0:e1:f9:e5:91:3d:dc:df:db:7b:1d:
7a:5d:5d:28:ab:8f:94:e5:d5:25:07:39:9b:9c:d2:58:11:cd:
8c:2f:b1:e3:ab:43:e2:ea:86:f1:61:f3:10:e4:f6:cd:69:75:
7f:23:b2:47:fa:65:db:6f:36:ef:c4:3b:55:85:46:13:9e:9f:
60:3e:8f:08:d9:fe:7a:3e:8f:0a:43:a3:aa:6a:24:71:5a:15:
c4:f3:ac:b8:ef:82:05:85:5f:12:d2:de:6e:1e:84:26:c2:b7:
e2:67:9f:8a:01:d3:d3:bf:f2:e3:a9:36:c6:e8:84:3c:0e:d3:
55:c9:e8:1b:f3:66:63:1d:e0:29:90:b1:13:f0:c0:8f:c0:cc:
cb:60:85:f2:40:c6:e0:05:b9:e9:4f:b8:0e:e6:39:17:cb:a2:
21:d3:b8:95:b8:d3:f5:4f:cf:10:ee:99:c4:d9:19:c7:4d:b1:
1b:8b:5a:2f:16:e6:b9:8c:be:fd:05:df:5a:a0:84:56:24:85:
59:74:fe:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMBFDMMN+devuXmjRTKf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjMwMTAxMjExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE2ZGNjOWIzNjg1Mjc0MWY5MjdiMjk4MmY5MjcwMTY5MDlmYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYbfYWzyXZPvEonHXKNfrdeDlSRd
FsuAIJqj8z4CFPRuLQemm68+6MAtbmpjEUmGYs7nE9OmTKwrNH6DtntDpSTTrbbJ
KH3W4DhHj5tLUibqKKi4PCWxlCKoUhVlAVQRHONbBh0pspEjM89OdLwKTmfzCQ4j
vgnxDedpo9I0NVkxKojrJXwiM7sGjly4ewq33YSiBn6KST5zMpwtDXSCtiPMzRuP
TJwDz0stD9iCEULzZHUALy8G9C60xHTUKLJG68t/LxWZiEuJkJh/QLb7Iyrx3LlF
qetLebbHj1DAQBhvmFbgH58HUTqW5Pg5AdtQQgGoOso40juDkUY8QzAnHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ4W3MmzaFJ0H5J7KYL5JwFpCfv8MB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvbmhiY3liTm9VblFma25zcGd2a25BV2tKLV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGOAMN
MA0GCSqGSIb3DQEBCwUAA4IBAQB1zNF87JRe/48merECTXTt4fORM26X4sZ6imdh
+tEnoL7A3N313H5HV+7OsZ0EonNlCf1jbf9+bNsAnXcp0OH55ZE93N/bex16XV0o
q4+U5dUlBzmbnNJYEc2ML7Hjq0Pi6obxYfMQ5PbNaXV/I7JH+mXbbzbvxDtVhUYT
np9gPo8I2f56Po8KQ6OqaiRxWhXE86y474IFhV8S0t5uHoQmwrfiZ5+KAdPTv/Lj
qTbG6IQ8DtNVyegb82ZjHeApkLET8MCPwMzLYIXyQMbgBbnpT7gO5jkXy6Ih07iV
uNP1T88Q7pnE2RnHTbEbi1ovFua5jL79Bd9aoIRWJIVZdP6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:55 2024 by rpki-client on console-fra.rpki-client.org