Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nvtMZ9yXRMjUjNrbkrIEJa5pt2c.roa
File: nvtMZ9yXRMjUjNrbkrIEJa5pt2c.roa (raw, json)
Hash identifier: y9hplP2oOVU5n6JeQSUIE38Xw5hrQNoQgIb5v91bW4k=
Subject key identifier: 9E:FB:4C:67:DC:97:44:C8:D4:8C:DA:DB:92:B2:04:25:AE:69:B7:67
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018F2F75021C3B3C8D5C6A2CE90902FDD93D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nvtMZ9yXRMjUjNrbkrIEJa5pt2c.roa
Signing time: Tue 30 Apr 2024 14:42:28 +0000
ROA not before: Tue 30 Apr 2024 14:42:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:77c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 09:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:75:02:1c:3b:3c:8d:5c:6a:2c:e9:09:02:fd:d9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 30 14:42:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9efb4c67dc9744c8d48cdadb92b20425ae69b767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:3e:b6:7d:04:df:62:aa:3b:f9:36:c1:f2:
16:5c:b1:9c:1b:30:ef:fc:ce:90:ad:17:32:2d:1a:
3e:2d:b1:ae:f5:9c:76:99:22:39:10:2b:87:a0:c5:
53:ad:0e:67:8b:6f:25:d1:8f:4a:fe:c0:2a:30:dc:
17:31:db:30:fc:76:a7:3b:62:23:8d:ee:64:01:78:
13:7c:cf:e6:0b:51:11:38:54:dc:89:b7:e6:00:e8:
23:0b:6f:46:00:35:91:cb:4b:a4:d4:c8:3a:8c:0e:
87:04:22:9f:fb:1e:cf:b2:df:c3:cc:18:b4:0a:2d:
de:04:b0:e5:3b:0d:ba:9d:7e:b6:01:a4:d1:c8:62:
dc:8c:e1:d1:63:3c:a5:79:96:89:ca:82:48:5b:53:
9d:f3:75:c9:ca:05:8e:4b:e3:18:8f:cf:c3:f1:6c:
fe:15:26:20:35:71:67:33:07:e6:d8:e9:65:6d:41:
15:7f:50:08:27:c8:7a:68:f5:c7:b7:67:62:1d:aa:
51:ee:fd:31:bf:b4:01:65:48:bf:51:2e:05:10:45:
7b:bd:5d:0c:32:14:10:c4:87:01:fd:c4:4b:e3:08:
1f:4e:9c:60:d2:73:50:b3:a2:1b:9e:e4:b0:7a:f2:
03:f7:7e:70:b2:48:e2:07:49:42:22:9e:9d:51:48:
7b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FB:4C:67:DC:97:44:C8:D4:8C:DA:DB:92:B2:04:25:AE:69:B7:67
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nvtMZ9yXRMjUjNrbkrIEJa5pt2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:78:0e:f6:9e:1c:47:7b:1c:d1:f2:47:2c:9b:2e:25:1b:29:
f8:9c:fc:9d:f3:d4:33:05:de:ce:d2:d5:44:4b:45:f1:b0:30:
14:4e:43:92:20:ce:50:bf:16:95:6c:ca:a3:8a:1e:b8:1e:01:
37:cc:70:ae:2a:4b:f3:d0:19:d8:42:85:1a:bf:ee:a6:8b:27:
d4:2a:7e:61:3f:62:f8:d8:bf:09:7b:82:39:d0:f2:ea:c1:c3:
f4:cd:76:e9:90:a5:38:e2:aa:ba:95:77:0c:fa:cf:be:41:98:
5d:de:3b:a2:7f:20:09:3f:e2:f0:e5:34:22:c5:80:b6:ae:47:
3f:39:64:2f:d6:a7:db:c7:29:b7:da:e6:61:42:22:79:24:b1:
cd:b7:63:55:68:85:5a:c9:44:e0:79:15:50:14:81:04:1e:88:
5d:7a:e3:17:27:69:ae:4a:81:82:2a:f9:03:83:76:4b:5b:f2:
54:77:ee:5b:c3:08:96:04:0b:5e:97:25:91:ff:5b:14:47:88:
0c:34:ac:d8:2f:f6:e7:1d:65:f5:ea:19:2d:0b:36:ce:e7:5f:
6b:29:91:91:1a:63:f9:71:5a:42:03:17:50:84:97:2c:90:12:
f8:2e:47:e7:4e:b9:90:c3:25:ee:02:de:0e:52:3e:86:04:bf:
54:d6:f2:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8vdQIcOzyNXGos6QkC/dk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwNDMwMTQ0MjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZiNGM2N2RjOTc0NGM4ZDQ4Y2RhZGI5MmIyMDQyNWFlNjliNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubQ+tn0E32KqO/k2wfIWXLGcGzDv
/M6QrRcyLRo+LbGu9Zx2mSI5ECuHoMVTrQ5ni28l0Y9K/sAqMNwXMdsw/HanO2Ij
je5kAXgTfM/mC1EROFTcibfmAOgjC29GADWRy0uk1Mg6jA6HBCKf+x7Pst/DzBi0
Ci3eBLDlOw26nX62AaTRyGLcjOHRYzyleZaJyoJIW1Od83XJygWOS+MYj8/D8Wz+
FSYgNXFnMwfm2OllbUEVf1AIJ8h6aPXHt2diHapR7v0xv7QBZUi/US4FEEV7vV0M
MhQQxIcB/cRL4wgfTpxg0nNQs6IbnuSwevID935wskjiB0lCIp6dUUh7UQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ77TGfcl0TI1Iza25KyBCWuabdnMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbnZ0TVo5eVhSTWpVak5yYmtySUVKYTVwdDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg13wDAN
BgkqhkiG9w0BAQsFAAOCAQEAaXgO9p4cR3sc0fJHLJsuJRsp+Jz8nfPUMwXeztLV
REtF8bAwFE5DkiDOUL8WlWzKo4oeuB4BN8xwripL89AZ2EKFGr/uposn1Cp+YT9i
+Ni/CXuCOdDy6sHD9M126ZClOOKqupV3DPrPvkGYXd47on8gCT/i8OU0IsWAtq5H
PzlkL9an28cpt9rmYUIieSSxzbdjVWiFWslE4HkVUBSBBB6IXXrjFydprkqBgir5
A4N2S1vyVHfuW8MIlgQLXpclkf9bFEeIDDSs2C/25x1l9eoZLQs2zudfaymRkRpj
+XFaQgMXUISXLJAS+C5H5065kMMl7gLeDlI+hgS/VNbyoA==
-----END CERTIFICATE-----
Generated at Wed Jul 17 12:24:41 2024 by rpki-client on console-fra.rpki-client.org