Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Nt004adli4qzXiYxToWa_MXBBME.roa
File: Nt004adli4qzXiYxToWa_MXBBME.roa (raw, json)
Hash identifier: 3Q+MJZ2/7Z30N1Zvop+DzcrDhqEcch6WyAuVGDZ0bHA=
Subject key identifier: 36:DD:34:E1:A7:65:8B:8A:B3:5E:26:31:4E:85:9A:FC:C5:C1:04:C1
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018DE630B5D65FAFC2215A0D22E33EE3521E
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Nt004adli4qzXiYxToWa_MXBBME.roa
Signing time: Mon 26 Feb 2024 16:12:48 +0000
ROA not before: Mon 26 Feb 2024 16:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216435
IP address blocks: 2a12:28c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 15:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:30:b5:d6:5f:af:c2:21:5a:0d:22:e3:3e:e3:52:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 26 16:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36dd34e1a7658b8ab35e26314e859afcc5c104c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a6:2d:d2:65:4c:84:a1:3e:3d:a9:2d:48:2b:
e1:07:e5:c6:66:3b:e5:c2:e3:1a:0d:dc:01:a4:03:
84:47:61:e1:8d:5b:83:8f:3b:79:da:39:1c:81:7d:
c3:6b:cb:26:d2:d0:cf:02:4a:50:37:3f:18:90:6b:
e3:b8:ee:95:74:bf:0b:c7:5f:cf:d3:bf:5e:d5:04:
46:c2:33:be:8e:38:62:e0:d5:ac:67:98:5e:bd:5f:
71:70:00:03:22:25:3e:db:5b:6f:e1:a6:ae:f1:c6:
94:e1:ae:21:18:3c:f9:f9:32:0b:15:dd:42:61:cd:
a4:a3:98:9e:e4:39:41:84:ab:ac:85:9e:40:8f:e2:
c1:93:12:e6:07:63:05:21:ed:8a:b2:9d:08:4b:c6:
52:ae:6e:69:85:1e:dc:1e:f9:1a:3e:aa:c9:3f:67:
5c:35:f6:3c:28:2e:9d:bc:91:fc:dd:d9:ef:d7:02:
d7:50:41:f8:64:71:55:ee:96:a5:a9:d0:63:1f:30:
63:71:2d:dd:1b:c3:d6:2e:65:e4:06:4f:5e:6f:30:
f2:e0:09:76:a6:66:10:aa:e1:0b:14:0d:ee:11:70:
65:09:77:20:94:f8:73:5a:86:ee:3d:89:ff:26:a7:
ff:10:1a:b8:1a:3b:cc:1d:52:0d:cd:b2:20:bc:2e:
9f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:34:E1:A7:65:8B:8A:B3:5E:26:31:4E:85:9A:FC:C5:C1:04:C1
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Nt004adli4qzXiYxToWa_MXBBME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:55:6d:6e:c8:7d:97:d6:24:49:67:62:38:cc:6a:fb:aa:e5:
a5:d2:45:9f:79:65:ba:2f:dc:d8:4b:25:86:e1:8d:3c:70:aa:
d0:e3:44:5a:18:1f:42:f6:16:92:76:f0:67:9c:1b:35:2c:3a:
1c:ab:80:0b:af:1a:e5:08:0a:63:7e:e3:fa:29:2e:56:e1:84:
f7:d0:26:85:26:fb:0d:47:43:9e:49:54:d9:b4:7e:67:e7:9d:
b4:9a:38:cd:b6:f8:c7:20:98:5f:2a:98:07:72:65:33:f6:5d:
4d:00:8e:29:63:8a:48:93:e6:07:94:b5:f9:9a:ea:40:45:0a:
ca:b9:45:34:51:98:bc:e1:a2:16:4b:44:0f:52:e9:2e:65:42:
e0:d8:fe:51:b9:e5:37:d4:6e:ac:5b:25:b3:3a:02:e8:e5:a2:
3f:8f:56:4f:05:06:1e:e1:fc:d1:ab:e0:f5:93:59:12:bb:2c:
20:48:4e:a7:6a:e9:9d:eb:c1:9e:9b:ad:30:26:72:18:97:f3:
dd:b1:af:ff:21:53:0e:e8:7a:8c:c3:a3:0a:60:1f:79:da:2d:
d1:fd:7c:7c:c1:e2:4f:c3:72:8c:3a:64:5f:e8:fe:1b:1a:67:
b7:e4:02:68:84:25:99:61:eb:32:6c:6c:d6:c4:5c:81:c4:4e:
72:c9:50:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3mMLXWX6/CIVoNIuM+41IeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjI2MTYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRkMzRlMWE3NjU4YjhhYjM1ZTI2MzE0ZTg1OWFmY2M1YzEwNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KYt0mVMhKE+PaktSCvhB+XGZjvl
wuMaDdwBpAOER2HhjVuDjzt52jkcgX3Da8sm0tDPAkpQNz8YkGvjuO6VdL8Lx1/P
079e1QRGwjO+jjhi4NWsZ5hevV9xcAADIiU+21tv4aau8caU4a4hGDz5+TILFd1C
Yc2ko5ie5DlBhKushZ5Aj+LBkxLmB2MFIe2Ksp0IS8ZSrm5phR7cHvkaPqrJP2dc
NfY8KC6dvJH83dnv1wLXUEH4ZHFV7palqdBjHzBjcS3dG8PWLmXkBk9ebzDy4Al2
pmYQquELFA3uEXBlCXcglPhzWobuPYn/Jqf/EBq4GjvMHVINzbIgvC6fVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDbdNOGnZYuKs14mMU6FmvzFwQTBMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTnQwMDRhZGxpNHF6WGlZeFRvV2FfTVhCQk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIowDAN
BgkqhkiG9w0BAQsFAAOCAQEAClVtbsh9l9YkSWdiOMxq+6rlpdJFn3llui/c2Esl
huGNPHCq0ONEWhgfQvYWknbwZ5wbNSw6HKuAC68a5QgKY37j+ikuVuGE99AmhSb7
DUdDnklU2bR+Z+edtJo4zbb4xyCYXyqYB3JlM/ZdTQCOKWOKSJPmB5S1+ZrqQEUK
yrlFNFGYvOGiFktED1LpLmVC4Nj+UbnlN9RurFslszoC6OWiP49WTwUGHuH80avg
9ZNZErssIEhOp2rpnevBnputMCZyGJfz3bGv/yFTDuh6jMOjCmAfedot0f18fMHi
T8NyjDpkX+j+Gxpnt+QCaIQlmWHrMmxs1sRcgcROcslQCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org