Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/nkhSMVFKEvU52jVriqWZ19zoTf8.roa
File: nkhSMVFKEvU52jVriqWZ19zoTf8.roa (raw, json)
Hash identifier: TvVvOWIgMUb3PI69OiAN8fN8ZE2EPDPxHlHClEC2mwY=
Subject key identifier: 9E:48:52:31:51:4A:12:F5:39:DA:35:6B:8A:A5:99:D7:DC:E8:4D:FF
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018FB597E8C1AA62EEE3BB2B407754D74C05
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/nkhSMVFKEvU52jVriqWZ19zoTf8.roa
Signing time: Sun 26 May 2024 15:49:42 +0000
ROA not before: Sun 26 May 2024 15:49:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a06:cac0::/29 maxlen: 36
2a12:ec0::/29 maxlen: 36
2a12:6640::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 03 Jun 2024 06:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b5:97:e8:c1:aa:62:ee:e3:bb:2b:40:77:54:d7:4c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 26 15:49:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e485231514a12f539da356b8aa599d7dce84dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:64:52:29:fb:15:19:ef:dc:f3:e7:e9:8f:
06:3e:55:e5:86:fd:c6:85:78:1f:c7:6c:c3:e1:d1:
db:5b:ed:c3:31:42:1d:c4:c8:2d:8f:0a:df:74:b0:
7e:06:ad:30:5f:d1:24:26:47:95:11:90:69:8d:8a:
fe:9c:50:31:d0:56:0f:88:5a:41:4b:d5:74:3b:b2:
c9:15:7c:b1:fb:57:b1:72:e8:18:30:2e:cd:74:db:
3f:db:53:39:50:1e:27:4c:8d:38:6d:89:b9:39:bb:
21:65:14:6e:17:cd:39:ff:9d:fb:e8:84:77:27:6e:
1e:96:e5:fc:5e:a2:c3:11:57:d4:5a:4e:43:11:c7:
62:80:44:d7:a1:47:d1:87:50:15:9c:77:b2:94:10:
8c:9d:fd:0e:c5:d1:b5:ba:e0:10:a3:7c:7f:c2:f8:
81:d2:5f:9e:69:61:4b:bd:26:a4:2b:fc:6f:37:b4:
ec:93:4b:8b:2d:6b:29:ff:53:7c:d2:b4:9b:61:0f:
e2:84:e8:27:b4:f2:69:65:d6:d6:5c:9e:21:bf:e5:
58:0c:b7:d2:4c:14:1f:25:cc:23:82:49:b2:f4:31:
b1:f4:1f:04:9d:bb:49:73:f2:1c:3f:48:fd:9d:a9:
31:31:9e:94:17:49:e1:63:e9:b1:e8:c0:ae:dd:6a:
97:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:48:52:31:51:4A:12:F5:39:DA:35:6B:8A:A5:99:D7:DC:E8:4D:FF
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/nkhSMVFKEvU52jVriqWZ19zoTf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a12:ec0::/29
2a12:6640::/29
Signature Algorithm: sha256WithRSAEncryption
67:8d:7a:e1:89:f2:af:33:e4:97:eb:76:81:5d:70:a7:9f:f9:
5d:b4:82:93:c4:fc:f1:2e:cf:27:f7:89:e5:08:04:5e:9d:92:
e8:af:60:18:1d:0d:4f:41:ed:fe:5f:93:6d:c7:5b:4c:f2:0b:
4b:c7:65:49:bf:c8:4c:8c:f5:ea:fd:91:95:54:ca:2b:84:89:
9b:22:10:97:3b:f8:d4:27:8d:58:c5:48:2d:3e:42:e5:73:33:
41:5f:75:7b:24:77:8a:7c:68:2e:92:7d:cc:d0:f0:4a:30:2c:
13:4c:81:1a:16:e8:c2:53:5a:24:ea:0f:10:0b:05:dd:8f:d2:
53:a2:9c:06:f4:48:b0:70:39:2e:3c:e8:bc:c6:8f:c9:5a:cc:
f4:b0:fb:0d:b6:7e:62:58:5d:3a:76:42:1c:00:ec:26:23:2c:
e7:60:33:40:b1:77:eb:fe:fe:84:41:9b:35:5a:43:95:21:db:
7e:27:ba:f9:72:29:60:e5:82:d7:8b:bc:df:22:6e:bf:83:60:
a0:6d:71:cb:e3:1a:5a:66:1a:14:ba:25:73:8e:5b:9d:40:78:
68:5c:39:83:26:77:e6:23:4b:22:16:b8:c5:11:ce:81:38:33:
11:a4:70:cf:7b:00:d1:e1:f5:8b:73:ee:33:ac:a0:d6:2d:78:
ec:8d:c0:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+1l+jBqmLu47srQHdU10wFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNTI2MTU0OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ4NTIzMTUxNGExMmY1MzlkYTM1NmI4YWE1OTlkN2RjZTg0ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q5kUin7FRnv3PPn6Y8GPlXlhv3G
hXgfx2zD4dHbW+3DMUIdxMgtjwrfdLB+Bq0wX9EkJkeVEZBpjYr+nFAx0FYPiFpB
S9V0O7LJFXyx+1excugYMC7NdNs/21M5UB4nTI04bYm5ObshZRRuF805/5376IR3
J24eluX8XqLDEVfUWk5DEcdigETXoUfRh1AVnHeylBCMnf0OxdG1uuAQo3x/wviB
0l+eaWFLvSakK/xvN7Tsk0uLLWsp/1N80rSbYQ/ihOgntPJpZdbWXJ4hv+VYDLfS
TBQfJcwjgkmy9DGx9B8EnbtJc/IcP0j9nakxMZ6UF0nhY+mx6MCu3WqXywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ5IUjFRShL1Odo1a4qlmdfc6E3/MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvbmtoU01WRktFdlU1MmpWcmlxV1oxOXpvVGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgbKwAMF
AyoSDsADBQMqEmZAMA0GCSqGSIb3DQEBCwUAA4IBAQBnjXrhifKvM+SX63aBXXCn
n/ldtIKTxPzxLs8n94nlCARenZLor2AYHQ1PQe3+X5Ntx1tM8gtLx2VJv8hMjPXq
/ZGVVMorhImbIhCXO/jUJ41YxUgtPkLlczNBX3V7JHeKfGgukn3M0PBKMCwTTIEa
FujCU1ok6g8QCwXdj9JTopwG9EiwcDkuPOi8xo/JWsz0sPsNtn5iWF06dkIcAOwm
IyznYDNAsXfr/v6EQZs1WkOVIdt+J7r5cilg5YLXi7zfIm6/g2CgbXHL4xpaZhoU
uiVzjludQHhoXDmDJnfmI0siFrjFEc6BODMRpHDPewDR4fWLc+4zrKDWLXjsjcDs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org