Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/np3_W65ao92ETL4pM_5dem4bU9c.roa
File: np3_W65ao92ETL4pM_5dem4bU9c.roa (raw, json)
Hash identifier: VUzsSyxY6PUCCJwRhTCz2iqt4XXpAXcLyUzyHB4L52Q=
Subject key identifier: 9E:9D:FF:5B:AE:5A:A3:DD:84:4C:BE:29:33:FE:5D:7A:6E:1B:53:D7
Certificate issuer: /CN=67c25a41f1c5228e10ea941ce7078f43cd909b63
Certificate serial: 01856EAFE0DBBEBA9C745077F5B3721ECCDB
Authority key identifier: 67:C2:5A:41:F1:C5:22:8E:10:EA:94:1C:E7:07:8F:43:CD:90:9B:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/np3_W65ao92ETL4pM_5dem4bU9c.roa
Signing time: Sun 01 Jan 2023 18:54:58 +0000
ROA not before: Sun 01 Jan 2023 18:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 217.68.224.0/20 maxlen: 20
2a01:9320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:e0:db:be:ba:9c:74:50:77:f5:b3:72:1e:cc:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67c25a41f1c5228e10ea941ce7078f43cd909b63
Validity
Not Before: Jan 1 18:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e9dff5bae5aa3dd844cbe2933fe5d7a6e1b53d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:e4:58:0c:11:6b:32:d9:0f:54:af:85:76:
3f:b7:cb:2b:58:ae:e1:62:87:50:77:32:cc:eb:93:
50:d3:65:4f:27:2b:2f:29:04:ba:ff:98:6d:d0:52:
58:19:d2:2e:29:b0:09:90:3d:31:8c:b2:20:2d:ec:
29:96:58:a0:70:1b:05:39:da:fb:e8:ff:c1:a6:05:
a0:ed:67:72:1f:ea:2f:99:40:52:b6:44:cb:9a:e3:
79:21:f7:6b:00:f5:0d:49:92:f3:f3:ec:2b:ae:f2:
d1:49:c9:56:3a:5c:34:f7:b4:42:05:b0:46:7f:09:
60:97:c7:5a:f8:1b:10:69:a8:3e:2f:4c:e0:57:0a:
63:b8:41:8c:53:b1:2a:db:aa:a9:73:79:a8:10:1c:
65:90:e2:78:54:eb:24:41:14:a6:0b:da:f0:ba:ca:
29:84:57:3c:9d:32:80:e2:9e:7f:4e:9d:be:b4:f0:
4c:3f:29:04:23:84:5b:10:c8:b8:93:83:a5:2f:11:
f1:11:da:88:30:26:76:4e:da:c6:f5:f0:7e:ab:26:
60:93:fa:55:03:97:d4:ed:6d:28:db:97:05:6a:4f:
1a:95:5d:f7:9a:5c:c1:1d:e3:ed:9d:1d:32:c2:14:
d2:dd:18:5f:1a:a3:1f:87:c6:1f:b8:0e:23:f3:cf:
88:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9D:FF:5B:AE:5A:A3:DD:84:4C:BE:29:33:FE:5D:7A:6E:1B:53:D7
X509v3 Authority Key Identifier:
keyid:67:C2:5A:41:F1:C5:22:8E:10:EA:94:1C:E7:07:8F:43:CD:90:9B:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/np3_W65ao92ETL4pM_5dem4bU9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.224.0/20
IPv6:
2a01:9320::/32
Signature Algorithm: sha256WithRSAEncryption
bd:2f:32:18:94:b5:a5:05:8d:1f:bf:a9:fa:53:fa:79:dd:3f:
96:d4:d8:cf:90:c6:59:7e:f4:9e:b6:22:a1:fd:dd:ac:4d:a2:
2d:d6:2e:3d:23:55:01:93:67:7f:14:e8:5d:b0:b5:88:66:8e:
97:e0:b0:8e:c1:72:a3:41:e8:c5:e9:34:84:5f:d4:c1:33:80:
9c:aa:d0:fe:4d:d5:f1:90:4a:e9:fe:97:3a:8f:93:5a:bb:49:
4f:5f:23:2d:07:29:e6:d9:f0:bd:93:72:99:60:8e:f3:06:78:
21:8b:13:a7:4e:b2:ee:c2:b9:60:c4:df:b0:43:93:69:b2:8d:
33:99:9f:44:59:11:06:57:cd:15:3f:8c:fa:a4:4c:00:93:3b:
04:5f:d6:7e:fd:7d:3e:91:1f:d6:98:93:09:65:cb:a9:04:2f:
53:fc:cc:10:b1:97:14:14:05:1f:0c:fa:f0:ba:66:58:9a:f9:
3c:eb:80:c5:c7:66:48:91:f6:5e:6b:c3:8c:70:de:42:7c:35:
aa:7f:16:a6:6f:ab:b8:38:a0:46:96:33:1f:68:49:4c:fd:3e:
99:d6:6a:56:df:c6:59:2a:f5:b0:cf:b3:f5:b5:12:98:20:24:
9f:66:77:b0:ea:e0:df:19:ca:58:fc:86:9e:4f:5b:ae:17:d2:
6e:7b:97:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur+DbvrqcdFB39bNyHszbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzI1YTQxZjFjNTIyOGUxMGVhOTQxY2U3MDc4ZjQzY2Q5
MDliNjMwHhcNMjMwMTAxMTg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTlkZmY1YmFlNWFhM2RkODQ0Y2JlMjkzM2ZlNWQ3YTZlMWI1M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSLkWAwRazLZD1SvhXY/t8srWK7h
YodQdzLM65NQ02VPJysvKQS6/5ht0FJYGdIuKbAJkD0xjLIgLewplligcBsFOdr7
6P/BpgWg7WdyH+ovmUBStkTLmuN5IfdrAPUNSZLz8+wrrvLRSclWOlw097RCBbBG
fwlgl8da+BsQaag+L0zgVwpjuEGMU7Eq26qpc3moEBxlkOJ4VOskQRSmC9rwusop
hFc8nTKA4p5/Tp2+tPBMPykEI4RbEMi4k4OlLxHxEdqIMCZ2TtrG9fB+qyZgk/pV
A5fU7W0o25cFak8alV33mlzBHePtnR0ywhTS3RhfGqMfh8YfuA4j88+IUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ6d/1uuWqPdhEy+KTP+XXpuG1PXMB8GA1UdIwQY
MBaAFGfCWkHxxSKOEOqUHOcHj0PNkJtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhKYVFmSEZJbzRRNnBRYzV3ZVBRODJRbTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hMWE2YzItZDdjMS00MmU4LWEzOGYt
ZmM5MTBjMGIxOWFlLzEvbnAzX1c2NWFvOTJFVEw0cE1fNWRlbTRiVTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hMWE2YzItZDdjMS00MmU4LWEzOGYtZmM5MTBjMGIxOWFl
LzEvWjhKYVFmSEZJbzRRNnBRYzV3ZVBRODJRbTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UTgMA0E
AgACMAcDBQAqAZMgMA0GCSqGSIb3DQEBCwUAA4IBAQC9LzIYlLWlBY0fv6n6U/p5
3T+W1NjPkMZZfvSetiKh/d2sTaIt1i49I1UBk2d/FOhdsLWIZo6X4LCOwXKjQejF
6TSEX9TBM4CcqtD+TdXxkErp/pc6j5Nau0lPXyMtBynm2fC9k3KZYI7zBnghixOn
TrLuwrlgxN+wQ5Npso0zmZ9EWREGV80VP4z6pEwAkzsEX9Z+/X0+kR/WmJMJZcup
BC9T/MwQsZcUFAUfDPrwumZYmvk864DFx2ZIkfZea8OMcN5CfDWqfxamb6u4OKBG
ljMfaElM/T6Z1mpW38ZZKvWwz7P1tRKYICSfZnew6uDfGcpY/IaeT1uuF9Jue5d0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:39 2024 by rpki-client on console-fra.rpki-client.org