Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/nKeI_sDD0oeJLzoMbz2Hvuu97kM.roa
File: nKeI_sDD0oeJLzoMbz2Hvuu97kM.roa (raw, json)
Hash identifier: noDy6MYhqSo5CeqLu7jwxn/pTnvQ4j9tQemOCcxzbZY=
Subject key identifier: 9C:A7:88:FE:C0:C3:D2:87:89:2F:3A:0C:6F:3D:87:BE:EB:BD:EE:43
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 01879AD0B350A4E04EABF1FA88251968EE08
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/nKeI_sDD0oeJLzoMbz2Hvuu97kM.roa
Signing time: Wed 19 Apr 2023 18:39:41 +0000
ROA not before: Wed 19 Apr 2023 18:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211380
IP address blocks: 2a0c:5707:ff04::/48 maxlen: 48
2a0c:5707:ff01::/48 maxlen: 48
2a0c:5707:ff00::/40 maxlen: 48
2a0c:5707:ff02::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:d0:b3:50:a4:e0:4e:ab:f1:fa:88:25:19:68:ee:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Apr 19 18:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ca788fec0c3d287892f3a0c6f3d87beebbdee43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f3:6d:ba:70:8d:cf:24:ca:ae:41:d9:a8:c4:
fe:a2:7e:d9:83:ec:6e:1b:40:84:87:40:8c:6c:60:
f0:ad:ac:d1:0a:31:ea:27:95:e3:b8:90:8e:af:88:
6b:0a:c5:e8:c0:70:72:cd:6e:2e:2e:5c:a6:83:24:
18:d4:d9:b3:da:42:60:5b:e8:d8:e4:28:79:f7:a7:
bd:99:63:e0:72:f3:38:36:da:4b:b7:e5:00:d9:2b:
31:7a:8e:92:58:d3:77:6b:b7:66:ba:03:e9:34:39:
41:3b:fe:8e:55:02:6e:d6:82:4f:89:19:87:39:62:
57:ea:c6:73:80:fc:ae:56:61:29:43:1f:c6:1a:69:
89:2e:b8:ba:64:b7:2d:a6:12:00:3f:bf:76:a7:6b:
8a:bc:26:4a:23:45:c7:81:bb:47:ec:31:e0:8a:54:
88:68:09:5f:bf:fc:ca:b2:85:7d:c8:c1:83:24:86:
10:4c:8f:b8:c1:88:f3:45:fd:70:1b:84:ae:87:a4:
67:2c:19:35:38:b9:7a:11:70:fe:6f:6a:92:28:9b:
9e:6c:42:13:fe:b7:e1:47:43:2c:b6:09:11:49:c6:
59:e2:fe:cf:4b:5b:f5:0a:c1:dc:f9:a7:66:93:bb:
c3:df:b4:1b:49:2e:25:38:dd:f3:8d:43:79:ce:58:
6a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:88:FE:C0:C3:D2:87:89:2F:3A:0C:6F:3D:87:BE:EB:BD:EE:43
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/nKeI_sDD0oeJLzoMbz2Hvuu97kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:5707:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
50:5b:e5:e9:63:64:8f:87:b6:31:28:c2:6a:df:49:91:9f:36:
31:6e:a8:d7:1c:cc:c3:e5:99:bc:21:ce:de:17:ff:56:33:c2:
06:44:5f:0c:8d:6c:af:77:6f:89:c0:7b:02:75:f6:a5:2a:13:
c8:d4:4a:c3:32:61:4a:32:f2:71:29:5d:d6:d9:ea:26:c6:84:
7b:ae:8e:52:cd:a1:01:e6:e6:e0:bf:60:01:cf:84:5e:8e:90:
6c:2d:b9:ec:5d:56:b3:c3:b7:60:4e:51:e9:27:9e:51:0a:b3:
5b:a9:98:25:df:c3:74:62:26:cd:01:19:96:03:d3:ce:65:e9:
ca:f5:fe:d2:30:f5:e9:73:a3:98:06:92:f1:a0:62:e3:eb:c3:
ba:e7:0a:ab:ba:38:ba:86:d3:4c:92:6a:fc:2e:a2:62:1c:6e:
b2:05:93:6d:11:bb:8d:eb:bc:19:cb:d7:9c:0e:e5:03:d9:0a:
ae:fb:25:2a:44:a9:16:9c:5e:09:52:4c:16:95:a8:ce:84:1b:
4b:9d:9c:e8:69:4e:ce:d4:d4:28:1e:b5:6b:0a:de:fd:a9:08:
0d:d3:6a:07:ff:42:f9:ec:22:a9:23:2a:b6:36:f5:d3:3a:37:
17:56:fe:a1:72:d7:96:56:a8:f6:0a:50:88:60:25:44:8f:47:
66:a7:97:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYea0LNQpOBOq/H6iCUZaO4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjMwNDE5MTgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E3ODhmZWMwYzNkMjg3ODkyZjNhMGM2ZjNkODdiZWViYmRlZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPNtunCNzyTKrkHZqMT+on7Zg+xu
G0CEh0CMbGDwrazRCjHqJ5XjuJCOr4hrCsXowHByzW4uLlymgyQY1Nmz2kJgW+jY
5Ch596e9mWPgcvM4NtpLt+UA2Ssxeo6SWNN3a7dmugPpNDlBO/6OVQJu1oJPiRmH
OWJX6sZzgPyuVmEpQx/GGmmJLri6ZLctphIAP792p2uKvCZKI0XHgbtH7DHgilSI
aAlfv/zKsoV9yMGDJIYQTI+4wYjzRf1wG4Suh6RnLBk1OLl6EXD+b2qSKJuebEIT
/rfhR0MstgkRScZZ4v7PS1v1CsHc+admk7vD37QbSS4lON3zjUN5zlhqsQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJyniP7Aw9KHiS86DG89h77rve5DMB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvbktlSV9zREQwb2VKTHpvTWJ6Mkh2dXU5N2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgxXB/8w
DQYJKoZIhvcNAQELBQADggEBAFBb5eljZI+HtjEowmrfSZGfNjFuqNcczMPlmbwh
zt4X/1YzwgZEXwyNbK93b4nAewJ19qUqE8jUSsMyYUoy8nEpXdbZ6ibGhHuujlLN
oQHm5uC/YAHPhF6OkGwtuexdVrPDt2BOUeknnlEKs1upmCXfw3RiJs0BGZYD085l
6cr1/tIw9elzo5gGkvGgYuPrw7rnCqu6OLqG00ySavwuomIcbrIFk20Ru43rvBnL
15wO5QPZCq77JSpEqRacXglSTBaVqM6EG0udnOhpTs7U1CgetWsK3v2pCA3Tagf/
QvnsIqkjKrY29dM6NxdW/qFy15ZWqPYKUIhgJUSPR2anl1M=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:19 2024 by rpki-client on console-fra.rpki-client.org