Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nXdObTCTY91Kp6fOeJM2PmUfYnI.roa
File: nXdObTCTY91Kp6fOeJM2PmUfYnI.roa (raw, json)
Hash identifier: VgXGEPAFL8eyMiLe2cOsQ0AsZuuMXYpkR797eRU1xPU=
Subject key identifier: 9D:77:4E:6D:30:93:63:DD:4A:A7:A7:CE:78:93:36:3E:65:1F:62:72
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0185704BF0EF5D617E43E91D2BA1E8C35B1E
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nXdObTCTY91Kp6fOeJM2PmUfYnI.roa
Signing time: Mon 02 Jan 2023 02:25:03 +0000
ROA not before: Mon 02 Jan 2023 02:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:5241::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:f0:ef:5d:61:7e:43:e9:1d:2b:a1:e8:c3:5b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Jan 2 02:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d774e6d309363dd4aa7a7ce7893363e651f6272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f0:c8:0b:e8:c2:3e:88:5e:cf:b1:18:ae:78:
4a:7e:49:eb:70:a9:52:af:5a:1a:74:f9:bb:b2:a6:
73:ef:15:ce:b0:2e:e1:03:f2:6a:c8:1f:06:19:33:
59:65:63:d2:4a:d3:b2:21:84:94:9e:0e:1f:6f:5b:
d7:34:db:6e:17:14:e7:71:3f:2f:2a:f2:d3:56:ca:
27:0d:44:00:3a:57:61:ae:ed:ba:43:46:b6:7c:ab:
41:17:4b:da:ef:96:af:aa:5d:d2:45:2b:02:ec:1a:
39:03:6e:72:7d:a0:83:8e:01:9d:79:bb:1f:b8:06:
bb:3a:9d:14:5a:67:cc:01:50:8e:6c:65:3b:e8:a9:
1c:14:e1:ed:78:ec:fc:f8:13:1f:a3:03:d6:3d:ca:
c2:7f:ea:f8:46:d1:d0:d4:84:a8:34:fa:c1:1c:41:
ac:c8:90:b6:78:e9:7a:67:fd:53:55:58:8b:cd:b4:
b7:8e:37:9e:22:0b:b0:8f:54:4e:db:bd:77:a6:e6:
ac:56:10:34:e8:9d:fa:9e:c7:99:8f:24:78:b3:f0:
66:5a:e8:94:ee:bb:25:53:53:22:88:6e:8e:fa:fb:
2f:c2:14:29:1e:9b:4a:85:f5:f9:6c:86:b7:e0:9b:
d1:2b:92:f1:c3:a9:f3:8d:d1:67:87:f4:8f:1c:e6:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:77:4E:6D:30:93:63:DD:4A:A7:A7:CE:78:93:36:3E:65:1F:62:72
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nXdObTCTY91Kp6fOeJM2PmUfYnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5241::/32
Signature Algorithm: sha256WithRSAEncryption
28:40:0c:ec:1d:6c:a5:4c:1f:1a:9d:34:2d:aa:bd:7b:9d:84:
0d:cb:a7:4d:c5:29:60:fa:47:42:38:87:77:6b:5f:a2:5b:b9:
79:01:9d:4d:58:27:a0:8a:44:db:cf:df:38:71:04:84:90:23:
1c:26:96:33:fa:64:cc:c0:08:64:91:9a:db:9c:d8:47:43:f4:
50:61:97:85:0d:31:14:ac:62:a0:ae:dd:bc:4d:db:d4:c5:95:
b7:44:2f:1a:60:7f:89:71:39:8a:fe:91:3d:36:9d:c3:99:0b:
bf:6a:e9:d9:1e:04:41:f8:3d:59:8d:f4:b5:98:7b:01:5e:06:
ce:c1:6e:89:72:75:65:a4:15:66:ea:06:72:c8:53:2c:2f:f2:
a7:c9:93:39:fc:45:29:7f:87:1b:8d:1d:b2:d6:ab:6e:d3:df:
15:2b:e2:82:77:32:bd:c7:e5:4b:c9:aa:14:77:ff:0a:89:f1:
9b:9b:da:df:8e:b2:1a:25:1a:e9:0f:84:69:b6:8e:6c:a5:13:
d4:30:57:82:b8:52:87:dc:98:20:93:9c:6a:9e:0f:b9:e0:5d:
93:8c:a4:b0:a6:13:f9:6c:03:ee:96:a6:59:a7:1e:ec:2e:2e:
d4:30:a5:dd:6c:f1:6c:fc:45:62:2b:f7:b4:f6:5d:76:c5:d2:
c4:bf:ef:66
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwS/DvXWF+Q+kdK6How1seMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjMwMTAyMDIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc3NGU2ZDMwOTM2M2RkNGFhN2E3Y2U3ODkzMzYzZTY1MWY2MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofDIC+jCPohez7EYrnhKfknrcKlS
r1oadPm7sqZz7xXOsC7hA/JqyB8GGTNZZWPSStOyIYSUng4fb1vXNNtuFxTncT8v
KvLTVsonDUQAOldhru26Q0a2fKtBF0va75avql3SRSsC7Bo5A25yfaCDjgGdebsf
uAa7Op0UWmfMAVCObGU76KkcFOHteOz8+BMfowPWPcrCf+r4RtHQ1ISoNPrBHEGs
yJC2eOl6Z/1TVViLzbS3jjeeIguwj1RO2713puasVhA06J36nseZjyR4s/BmWuiU
7rslU1MiiG6O+vsvwhQpHptKhfX5bIa34JvRK5Lxw6nzjdFnh/SPHOaemQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ13Tm0wk2PdSqenzniTNj5lH2JyMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvblhkT2JUQ1RZOTFLcDZmT2VKTTJQbVVmWW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhNSQTAN
BgkqhkiG9w0BAQsFAAOCAQEAKEAM7B1spUwfGp00Laq9e52EDcunTcUpYPpHQjiH
d2tfolu5eQGdTVgnoIpE28/fOHEEhJAjHCaWM/pkzMAIZJGa25zYR0P0UGGXhQ0x
FKxioK7dvE3b1MWVt0QvGmB/iXE5iv6RPTadw5kLv2rp2R4EQfg9WY30tZh7AV4G
zsFuiXJ1ZaQVZuoGcshTLC/yp8mTOfxFKX+HG40dstarbtPfFSvigncyvcflS8mq
FHf/Conxm5va346yGiUa6Q+EabaObKUT1DBXgrhSh9yYIJOcap4PueBdk4yksKYT
+WwD7pamWace7C4u1DCl3WzxbPxFYiv3tPZddsXSxL/vZg==
-----END CERTIFICATE-----
Generated at Thu Aug 17 13:32:22 2023 by rpki-client on console-fra.rpki-client.org