Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NRLmib2xbDPlo3graY7AUpmCgJk.roa
File: NRLmib2xbDPlo3graY7AUpmCgJk.roa (raw, json)
Hash identifier: I2Xj3J5aYb9kD76Ry/ui2xhdyyO+WxUgOSA6cAt4ysk=
Subject key identifier: 35:12:E6:89:BD:B1:6C:33:E5:A3:78:2B:69:8E:C0:52:99:82:80:99
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C3A9075C0C42D857215BA746CF716F87C
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NRLmib2xbDPlo3graY7AUpmCgJk.roa
Signing time: Tue 05 Dec 2023 15:19:55 +0000
ROA not before: Tue 05 Dec 2023 15:19:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 2a0e:eb45::/32 maxlen: 32
2a0c:9e05::/32 maxlen: 32
2a0e:eb46::/32 maxlen: 32
2a0e:eb41::/32 maxlen: 32
2a0e:eb43::/32 maxlen: 32
2a0e:eb47::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:90:75:c0:c4:2d:85:72:15:ba:74:6c:f7:16:f8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 5 15:19:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3512e689bdb16c33e5a3782b698ec05299828099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5c:9e:0f:91:fa:f7:3c:29:c2:67:a9:08:ce:
15:52:74:b3:26:0f:41:cf:a7:f6:fa:0d:dc:e3:0c:
49:10:fe:a9:01:7c:f7:1c:d3:fd:b1:5d:a6:ce:3a:
28:ce:c2:60:a2:61:46:3e:6a:27:7e:93:73:cc:54:
07:cf:ee:a6:9a:dd:be:65:18:15:6a:73:56:70:7f:
b8:a6:1d:ad:43:39:b5:79:4b:96:af:23:49:9f:d5:
95:28:a7:c6:86:05:f9:59:f6:a7:73:6f:65:7c:40:
d4:fe:da:90:51:53:ca:62:29:f3:2d:24:53:c8:7e:
30:d5:62:a6:13:06:97:1a:45:8f:b2:0c:e0:b2:07:
c3:70:b8:1e:c7:8b:11:27:b9:68:16:f3:a5:7c:71:
cd:79:b4:4e:fc:97:b3:27:83:0a:08:fc:ea:ed:eb:
13:2e:12:86:88:bd:50:de:41:98:9c:a3:98:4c:d7:
31:57:86:28:4b:e5:42:2b:d6:c5:f6:9d:30:a4:37:
5c:96:85:cf:d8:5e:ec:78:e5:ea:f2:f0:34:22:90:
d7:a5:69:18:24:0c:59:bf:30:f3:35:f9:50:16:e5:
f8:30:5e:9b:46:27:f2:43:74:60:b8:5f:fe:22:eb:
01:b5:6b:5e:c9:06:d6:ae:97:76:d6:25:95:3f:5c:
b8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:12:E6:89:BD:B1:6C:33:E5:A3:78:2B:69:8E:C0:52:99:82:80:99
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NRLmib2xbDPlo3graY7AUpmCgJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9e05::/32
2a0e:eb41::/32
2a0e:eb43::/32
2a0e:eb45::-2a0e:eb47:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:2f:f6:e0:4f:82:f0:d6:82:60:80:85:03:a6:ed:c7:69:e3:
e7:3f:70:1e:07:b7:42:b8:6b:0b:b7:5b:eb:7b:38:0c:23:34:
c2:4e:33:9d:7f:78:c2:6d:94:64:e5:5d:7a:a9:b9:3d:16:b7:
0d:d2:1d:b9:60:78:a9:e0:76:7b:aa:a6:6c:ee:e9:18:84:c3:
16:0f:06:5c:1e:6b:14:f6:ed:72:dd:ef:44:1a:57:db:05:37:
71:73:7e:d0:99:f8:fc:e1:6d:75:b6:fb:cd:1b:9a:91:d2:d7:
1f:de:10:e9:a4:61:43:70:ee:de:23:1c:d7:2e:5c:b3:87:9a:
cc:f5:d8:da:0c:fd:57:04:17:bc:a1:37:9c:b7:cd:81:fc:75:
9f:a9:d5:d0:ba:69:37:a0:55:99:b9:0d:99:d6:9f:86:74:89:
10:4c:53:53:2c:5b:67:91:bc:e2:86:e8:9e:1e:4e:80:e7:c3:
59:f1:54:65:3c:fc:ae:dc:53:3b:7c:0e:90:ba:b6:c5:c3:99:
a9:13:c1:37:4f:c7:6e:8c:16:aa:e1:75:0b:b6:2a:08:d8:c3:
b6:fd:12:23:1e:f4:f6:05:50:e7:ed:2f:9c:93:79:5f:3c:0d:
dd:18:fc:44:c9:68:d9:4f:ff:a3:14:e5:23:7a:b0:5d:c5:37:
eb:fb:df:ee
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYw6kHXAxC2FchW6dGz3Fvh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjA1MTUxOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTEyZTY4OWJkYjE2YzMzZTVhMzc4MmI2OThlYzA1Mjk5ODI4MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFyeD5H69zwpwmepCM4VUnSzJg9B
z6f2+g3c4wxJEP6pAXz3HNP9sV2mzjoozsJgomFGPmonfpNzzFQHz+6mmt2+ZRgV
anNWcH+4ph2tQzm1eUuWryNJn9WVKKfGhgX5Wfanc29lfEDU/tqQUVPKYinzLSRT
yH4w1WKmEwaXGkWPsgzgsgfDcLgex4sRJ7loFvOlfHHNebRO/JezJ4MKCPzq7esT
LhKGiL1Q3kGYnKOYTNcxV4YoS+VCK9bF9p0wpDdcloXP2F7seOXq8vA0IpDXpWkY
JAxZvzDzNflQFuX4MF6bRifyQ3RguF/+IusBtWteyQbWrpd21iWVP1y4ZwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDUS5om9sWwz5aN4K2mOwFKZgoCZMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvTlJMbWliMnhiRFBsbzNncmFZN0FVcG1DZ0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKgyeBQMF
ACoO60EDBQAqDutDMA4DBQAqDutFAwUDKg7rQDANBgkqhkiG9w0BAQsFAAOCAQEA
gC/24E+C8NaCYICFA6btx2nj5z9wHge3QrhrC7db63s4DCM0wk4znX94wm2UZOVd
eqm5PRa3DdIduWB4qeB2e6qmbO7pGITDFg8GXB5rFPbtct3vRBpX2wU3cXN+0Jn4
/OFtdbb7zRuakdLXH94Q6aRhQ3Du3iMc1y5cs4eazPXY2gz9VwQXvKE3nLfNgfx1
n6nV0LppN6BVmbkNmdafhnSJEExTUyxbZ5G84obonh5OgOfDWfFUZTz8rtxTO3wO
kLq2xcOZqRPBN0/HbowWquF1C7YqCNjDtv0SIx709gVQ5+0vnJN5XzwN3Rj8RMlo
2U//oxTlI3qwXcU36/vf7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org