Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/na7YSIo9F-8mESL95KDuJg0opkQ.roa
File: na7YSIo9F-8mESL95KDuJg0opkQ.roa (raw, json)
Hash identifier: /w5puuaOg6TFh0cjkvA6LJxQcSFI99nzqbODw1UHG/Y=
Subject key identifier: 9D:AE:D8:48:8A:3D:17:EF:26:11:22:FD:E4:A0:EE:26:0D:28:A6:44
Certificate issuer: /CN=321ec4626ecde25335aff088b04c71395ae6bc24
Certificate serial: 018570DE70740E45930A1D241FFB963FB041
Authority key identifier: 32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/na7YSIo9F-8mESL95KDuJg0opkQ.roa
Signing time: Mon 02 Jan 2023 05:05:04 +0000
ROA not before: Mon 02 Jan 2023 05:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39535
IP address blocks: 2a01:6c60:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:70:74:0e:45:93:0a:1d:24:1f:fb:96:3f:b0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec4626ecde25335aff088b04c71395ae6bc24
Validity
Not Before: Jan 2 05:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9daed8488a3d17ef261122fde4a0ee260d28a644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:f2:80:a6:ad:c7:38:d2:15:6b:8b:d5:22:
6a:c1:ef:33:dd:2b:a8:97:84:b6:8a:57:bc:6b:f7:
25:f5:de:92:a8:97:42:d6:bd:1b:28:aa:93:23:36:
c4:5f:50:0c:cc:ec:32:4a:45:07:f0:07:39:b5:ed:
fe:28:1b:9f:3a:15:81:b0:30:d0:27:52:2d:f0:ac:
03:3e:7d:9a:e0:2d:f2:9d:a5:ef:bb:a3:74:b0:62:
9a:c3:33:f5:ff:9a:af:d7:0c:3f:66:68:63:50:9d:
75:bc:3a:4a:f5:fa:c0:43:fd:33:a2:90:f5:df:56:
94:7d:ef:bf:a3:b3:cc:99:15:0b:1c:fe:77:8a:dd:
bf:20:4b:f9:88:34:9f:d4:0a:01:03:99:be:9e:c9:
a2:8c:25:c5:42:02:cd:65:dd:9b:55:5a:01:ec:14:
70:e5:18:93:ee:09:ea:9d:e8:b0:00:da:a0:a3:49:
05:f4:54:17:2a:cd:42:2c:df:91:e2:5e:bc:1d:fb:
e2:3f:14:51:da:80:b9:64:d3:e2:93:5f:1f:2e:91:
10:2f:d4:8b:cc:be:7c:bd:23:7b:9b:73:08:c7:d6:
a2:d8:65:6c:3f:55:0f:2a:1e:f2:00:28:ba:81:72:
70:6f:27:44:f6:b7:91:a8:4c:20:c2:53:76:ab:b2:
e2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AE:D8:48:8A:3D:17:EF:26:11:22:FD:E4:A0:EE:26:0D:28:A6:44
X509v3 Authority Key Identifier:
keyid:32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/na7YSIo9F-8mESL95KDuJg0opkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6c60:3000::/36
Signature Algorithm: sha256WithRSAEncryption
16:3f:e0:37:87:cd:bd:df:2f:ec:98:27:62:04:8f:85:56:ac:
df:c1:ce:03:cf:04:92:f1:16:08:bb:11:20:e3:8e:1f:cd:de:
98:aa:e2:8c:a1:03:b5:58:2b:73:97:9d:a9:11:68:0d:ca:69:
c0:31:b2:14:b3:10:72:6a:d9:1b:88:fb:f2:35:f9:9a:e7:61:
39:d0:87:89:8f:39:cb:b4:7a:44:71:14:53:b2:37:20:fe:7e:
65:d3:5c:be:ea:8f:c5:2f:0a:2a:a4:a8:19:26:84:7d:8c:81:
89:ac:e2:14:66:33:6f:6f:1b:2a:b4:56:61:3e:cc:91:b7:f7:
a6:9a:c4:2f:19:e1:b4:b2:83:58:99:f7:04:bc:24:2c:3b:26:
4e:62:08:bd:a1:39:53:ab:6b:a8:84:e9:38:56:e3:c7:de:c5:
77:c3:23:d8:b4:96:aa:3a:ce:2b:4a:64:f2:f4:46:48:1f:55:
99:91:e4:d8:a2:e0:de:6d:77:40:63:89:cd:19:e8:87:63:95:
54:91:95:29:9d:32:db:0b:3e:76:79:cf:68:32:05:06:b4:b3:
2d:0c:11:6d:1e:7a:14:5c:68:74:de:43:14:ca:19:5a:26:44:
ba:23:4c:3f:fd:b7:7b:1b:73:ab:7a:5b:41:4e:f1:fb:9b:e1:
88:f0:7b:91
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVw3nB0DkWTCh0kH/uWP7BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWVjNDYyNmVjZGUyNTMzNWFmZjA4OGIwNGM3MTM5NWFl
NmJjMjQwHhcNMjMwMTAyMDUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFlZDg0ODhhM2QxN2VmMjYxMTIyZmRlNGEwZWUyNjBkMjhhNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbrygKatxzjSFWuL1SJqwe8z3Suo
l4S2ile8a/cl9d6SqJdC1r0bKKqTIzbEX1AMzOwySkUH8Ac5te3+KBufOhWBsDDQ
J1It8KwDPn2a4C3ynaXvu6N0sGKawzP1/5qv1ww/ZmhjUJ11vDpK9frAQ/0zopD1
31aUfe+/o7PMmRULHP53it2/IEv5iDSf1AoBA5m+nsmijCXFQgLNZd2bVVoB7BRw
5RiT7gnqneiwANqgo0kF9FQXKs1CLN+R4l68HfviPxRR2oC5ZNPik18fLpEQL9SL
zL58vSN7m3MIx9ai2GVsP1UPKh7yACi6gXJwbydE9reRqEwgwlN2q7Li2QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ2u2EiKPRfvJhEi/eSg7iYNKKZEMB8GA1UdIwQY
MBaAFDIexGJuzeJTNa/wiLBMcTla5rwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0Nzkt
YjA4NGM3Mzg2MWI4LzEvbmE3WVNJbzlGLThtRVNMOTVLRHVKZzBvcGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0NzktYjA4NGM3Mzg2MWI4
LzEvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgFsYDAw
DQYJKoZIhvcNAQELBQADggEBABY/4DeHzb3fL+yYJ2IEj4VWrN/BzgPPBJLxFgi7
ESDjjh/N3piq4oyhA7VYK3OXnakRaA3KacAxshSzEHJq2RuI+/I1+ZrnYTnQh4mP
Ocu0ekRxFFOyNyD+fmXTXL7qj8UvCiqkqBkmhH2MgYms4hRmM29vGyq0VmE+zJG3
96aaxC8Z4bSyg1iZ9wS8JCw7Jk5iCL2hOVOra6iE6ThW48fexXfDI9i0lqo6zitK
ZPL0RkgfVZmR5Nii4N5td0Bjic0Z6IdjlVSRlSmdMtsLPnZ5z2gyBQa0sy0MEW0e
ehRcaHTeQxTKGVomRLojTD/9t3sbc6t6W0FO8fub4Yjwe5E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:23 2024 by rpki-client on console-ams.rpki-client.org