Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/nsdYLqC36gLvF3J5vQBDw5x4JVQ.roa
File: nsdYLqC36gLvF3J5vQBDw5x4JVQ.roa (raw, json)
Hash identifier: 4y2ic5JHg7ln/2GnHRe9GHaSCuFHNjg9h4DsDkXcTjs=
Subject key identifier: 9E:C7:58:2E:A0:B7:EA:02:EF:17:72:79:BD:00:43:C3:9C:78:25:54
Certificate issuer: /CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Certificate serial: 018CC5DC4D7C3FBA9DA3467DACED9476758D
Authority key identifier: AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/nsdYLqC36gLvF3J5vQBDw5x4JVQ.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199471
IP address blocks: 2a13:fc80::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jan 2024 18:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4d:7c:3f:ba:9d:a3:46:7d:ac:ed:94:76:75:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ec7582ea0b7ea02ef177279bd0043c39c782554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:d5:68:fa:ef:cf:db:24:63:1e:a8:7d:a4:
39:4e:ee:6e:0b:1d:e1:78:fc:af:99:41:d2:40:32:
8e:a8:52:7d:23:17:ba:82:d5:df:d0:09:22:fa:9c:
2c:a0:18:42:44:1e:6c:ab:53:d9:a0:a6:5e:be:4b:
5f:ad:3e:e9:ef:1b:85:dd:04:be:2f:53:da:ae:88:
39:b4:06:61:67:89:81:b7:73:e1:4e:30:c5:42:8b:
43:59:50:16:a5:e4:79:42:b6:c6:3c:99:ae:79:c1:
11:bb:d5:e9:72:13:87:33:32:fe:11:67:60:c7:21:
59:41:60:34:f3:b7:4f:4a:67:cc:e2:bf:50:38:1e:
cb:af:9c:17:81:91:a3:54:82:10:8c:c0:41:9b:57:
bd:3b:a1:17:c1:f2:66:0b:63:8c:20:37:22:72:25:
43:b6:ec:df:ac:bd:cd:bd:0a:5e:66:62:17:fc:50:
25:07:77:34:b2:e0:43:93:cf:40:ea:ee:7e:51:5d:
30:8f:56:77:86:db:bb:18:fb:da:ca:b9:4b:02:f0:
09:85:46:36:f3:3d:9f:41:cf:99:18:a0:1d:e9:65:
d4:71:63:45:be:7f:98:f1:37:60:ae:f8:e9:e5:0e:
78:2a:df:7a:c8:06:d1:c9:cb:a6:28:4c:51:22:92:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C7:58:2E:A0:B7:EA:02:EF:17:72:79:BD:00:43:C3:9C:78:25:54
X509v3 Authority Key Identifier:
keyid:AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/nsdYLqC36gLvF3J5vQBDw5x4JVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
26:d2:ac:2f:43:24:ad:a5:d3:fd:1b:d8:cd:f8:7f:e7:69:67:
11:3a:ac:e6:13:e5:61:25:8d:01:d2:d3:1b:0a:19:f1:44:47:
48:53:29:be:a7:b6:30:e0:ee:45:9d:af:d5:b7:ca:3f:7e:81:
fb:8f:78:34:25:16:e5:89:28:38:8b:4a:71:01:32:07:21:45:
91:c5:8b:f7:be:a9:61:d2:9f:98:ca:33:9f:bd:ab:7d:b4:a9:
f1:cd:a7:42:18:02:33:cd:11:77:cf:78:8b:33:4f:06:0a:02:
96:ee:0f:2b:e9:3c:c2:3a:ca:e2:1a:97:cb:3f:26:fe:d8:fc:
ba:47:f8:29:5c:ac:b9:8f:a0:71:14:a1:12:00:41:ee:71:ff:
7d:ca:aa:3f:16:58:f6:ea:de:4a:03:bc:8a:81:d8:f4:d4:6b:
b8:d4:c3:09:95:f6:b3:ee:96:11:5c:48:9d:6e:7b:a5:6e:3f:
56:19:a5:fd:cc:33:a7:f5:d3:6c:8a:5c:5a:92:94:17:a9:51:
a6:4b:32:1d:7c:b3:96:2d:00:cb:4f:23:cb:c9:c6:99:45:91:
91:fc:32:c4:3c:60:4d:17:2b:a6:61:85:7d:cf:1d:56:1f:0d:
ad:d2:01:66:e1:7e:f7:e2:95:75:fc:81:ac:c4:69:eb:d0:de:
09:c5:04:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3E18P7qdo0Z9rO2UdnWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjdhYjNmMWE5M2U3MTRmMzA3NGEwNWQ4NmZjY2UyMjA2
MzA1YTgwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM3NTgyZWEwYjdlYTAyZWYxNzcyNzliZDAwNDNjMzljNzgyNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnenVaPrvz9skYx6ofaQ5Tu5uCx3h
ePyvmUHSQDKOqFJ9Ixe6gtXf0Aki+pwsoBhCRB5sq1PZoKZevktfrT7p7xuF3QS+
L1Parog5tAZhZ4mBt3PhTjDFQotDWVAWpeR5QrbGPJmuecERu9XpchOHMzL+EWdg
xyFZQWA087dPSmfM4r9QOB7Lr5wXgZGjVIIQjMBBm1e9O6EXwfJmC2OMIDciciVD
tuzfrL3NvQpeZmIX/FAlB3c0suBDk89A6u5+UV0wj1Z3htu7GPvayrlLAvAJhUY2
8z2fQc+ZGKAd6WXUcWNFvn+Y8Tdgrvjp5Q54Kt96yAbRycumKExRIpI6yQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ7HWC6gt+oC7xdyeb0AQ8OceCVUMB8GA1UdIwQY
MBaAFKz3qz8ak+cU8wdKBdhvzOIgYwWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMt
YWQ0M2NjZDdhYWU4LzEvbnNkWUxxQzM2Z0x2RjNKNXZRQkR3NXg0SlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMtYWQ0M2NjZDdhYWU4
LzEvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhP8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAJtKsL0MkraXT/RvYzfh/52lnETqs5hPlYSWNAdLT
GwoZ8URHSFMpvqe2MODuRZ2v1bfKP36B+494NCUW5YkoOItKcQEyByFFkcWL976p
YdKfmMozn72rfbSp8c2nQhgCM80Rd894izNPBgoClu4PK+k8wjrK4hqXyz8m/tj8
ukf4KVysuY+gcRShEgBB7nH/fcqqPxZY9ureSgO8ioHY9NRruNTDCZX2s+6WEVxI
nW57pW4/Vhml/cwzp/XTbIpcWpKUF6lRpksyHXyzli0Ay08jy8nGmUWRkfwyxDxg
TRcrpmGFfc8dVh8NrdIBZuF+9+KVdfyBrMRp69DeCcUE8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:13 2024 by rpki-client on console-ams.rpki-client.org