Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/NCj24aEUcUaGMamK_inNf2uf_cg.roa
File: NCj24aEUcUaGMamK_inNf2uf_cg.roa (raw, json)
Hash identifier: leG+54f02YoSDT47A3L2s7WPzPCx9YPnFrPbl2uAFH4=
Subject key identifier: 34:28:F6:E1:A1:14:71:46:86:31:A9:8A:FE:29:CD:7F:6B:9F:FD:C8
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018F68EEE183C6A8BD4615A11A3F4C8A135A
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/NCj24aEUcUaGMamK_inNf2uf_cg.roa
Signing time: Sat 11 May 2024 18:33:56 +0000
ROA not before: Sat 11 May 2024 18:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216164
IP address blocks: 2a05:4142::/32 maxlen: 32
2a05:4143::/32 maxlen: 32
2a05:4144::/32 maxlen: 32
2a11:e100::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 18:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:68:ee:e1:83:c6:a8:bd:46:15:a1:1a:3f:4c:8a:13:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: May 11 18:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3428f6e1a11471468631a98afe29cd7f6b9ffdc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:2b:5f:9f:07:e5:4d:7e:b0:17:4c:53:72:
4f:96:57:86:a7:41:cf:ef:cb:a9:d2:4b:07:7f:57:
47:6b:60:2c:4c:55:cf:f5:d4:da:6f:7f:03:19:45:
71:0a:8e:8c:1b:dc:73:c4:83:2c:76:2c:89:a1:4b:
04:7d:fa:46:0b:9c:4b:c2:bf:f5:17:3a:1d:5e:17:
dd:87:60:ce:5c:76:62:1f:5b:de:6d:ad:d8:36:b6:
0d:39:cc:62:4c:d7:ac:c7:1d:41:9b:bd:8d:ee:53:
70:7d:2b:df:c5:c0:b5:f2:70:f0:44:20:b7:eb:cd:
0c:fa:d8:07:4a:f0:7e:aa:f7:c1:4d:10:a3:7f:cb:
44:55:50:79:58:65:76:5a:9f:31:9f:d0:47:28:4d:
31:5b:bd:d8:63:a7:c9:7b:01:1b:c8:a6:bb:66:7f:
c9:b0:91:3a:a1:93:36:c4:9a:7b:a6:68:92:a2:60:
23:0c:a8:47:6d:6f:8c:02:d9:40:af:f8:71:22:cf:
fd:77:d3:40:15:90:20:a8:2d:c2:c6:0e:60:50:c2:
32:3f:f5:ce:88:09:e7:c0:de:f9:dd:67:51:86:7f:
14:b9:25:4e:b2:d5:11:bc:e0:96:45:d6:5d:1d:ca:
24:c5:dd:a6:6b:d0:92:92:56:1b:04:01:2e:c0:c3:
79:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:28:F6:E1:A1:14:71:46:86:31:A9:8A:FE:29:CD:7F:6B:9F:FD:C8
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/NCj24aEUcUaGMamK_inNf2uf_cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4142::-2a05:4144:ffff:ffff:ffff:ffff:ffff:ffff
2a11:e100::/29
Signature Algorithm: sha256WithRSAEncryption
33:af:d8:10:6b:5e:bc:0e:4e:cc:1e:80:3b:47:19:d6:dc:ce:
33:d4:91:b6:cf:c2:11:85:04:62:b7:e6:20:58:b8:62:64:d7:
da:43:c4:ae:09:6b:cd:ae:ca:aa:8a:39:6d:22:b6:77:e6:72:
e7:1d:34:1e:4d:1b:51:14:eb:5f:64:a3:50:e2:43:b6:ab:7d:
19:21:b9:7c:84:dd:04:87:59:72:03:de:f6:c5:72:94:03:c2:
89:b7:a2:ba:d3:19:ec:97:8d:eb:31:6a:9c:c0:a2:6d:d2:73:
d7:62:f4:3d:2c:56:2e:53:7b:bd:2c:2f:08:df:9e:1f:9a:21:
38:b3:4e:97:61:e6:73:67:79:27:32:c7:50:07:2b:54:65:90:
9d:91:9b:c3:24:d1:92:37:c5:81:63:3b:e8:81:ed:71:64:6b:
37:00:3a:31:da:7d:ca:35:13:98:cd:14:6a:77:ec:1c:15:52:
06:37:89:54:85:02:d5:99:c5:3b:6d:8e:b5:31:5c:43:c3:e9:
5f:f5:9a:1c:b2:42:ea:51:96:1b:25:9e:62:1c:90:ad:7a:91:
79:61:78:9e:4d:ad:cc:c2:2c:e9:58:42:c4:9c:75:db:e5:2e:
4e:d3:40:58:fa:4f:46:92:b6:5a:d1:a7:61:6a:41:2b:36:c9:
99:94:bc:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9o7uGDxqi9RhWhGj9MihNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwNTExMTgzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDI4ZjZlMWExMTQ3MTQ2ODYzMWE5OGFmZTI5Y2Q3ZjZiOWZmZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdErX58H5U1+sBdMU3JPlleGp0HP
78up0ksHf1dHa2AsTFXP9dTab38DGUVxCo6MG9xzxIMsdiyJoUsEffpGC5xLwr/1
FzodXhfdh2DOXHZiH1veba3YNrYNOcxiTNesxx1Bm72N7lNwfSvfxcC18nDwRCC3
680M+tgHSvB+qvfBTRCjf8tEVVB5WGV2Wp8xn9BHKE0xW73YY6fJewEbyKa7Zn/J
sJE6oZM2xJp7pmiSomAjDKhHbW+MAtlAr/hxIs/9d9NAFZAgqC3Cxg5gUMIyP/XO
iAnnwN753WdRhn8UuSVOstURvOCWRdZdHcokxd2ma9CSklYbBAEuwMN51QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDQo9uGhFHFGhjGpiv4pzX9rn/3IMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvTkNqMjRhRVVjVWFHTWFtS19pbk5mMnVmX2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqBUFC
AwUAKgVBRAMFAyoR4QAwDQYJKoZIhvcNAQELBQADggEBADOv2BBrXrwOTswegDtH
GdbczjPUkbbPwhGFBGK35iBYuGJk19pDxK4Ja82uyqqKOW0itnfmcucdNB5NG1EU
619ko1DiQ7arfRkhuXyE3QSHWXID3vbFcpQDwom3orrTGeyXjesxapzAom3Sc9di
9D0sVi5Te70sLwjfnh+aITizTpdh5nNneScyx1AHK1RlkJ2Rm8Mk0ZI3xYFjO+iB
7XFkazcAOjHafco1E5jNFGp37BwVUgY3iVSFAtWZxTttjrUxXEPD6V/1mhyyQupR
lhslnmIckK16kXlheJ5NrczCLOlYQsScddvlLk7TQFj6T0aStlrRp2FqQSs2yZmU
vBA=
-----END CERTIFICATE-----
Generated at Tue Oct 8 22:29:11 2024 by rpki-client on console-ams.rpki-client.org