Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/N9sNSi9BbXJmjATNUFtPgS8d7MI.roa
File: N9sNSi9BbXJmjATNUFtPgS8d7MI.roa (raw, json)
Hash identifier: ALCdlBBXLra7FfgEI7Wfs9yt/nccbAVxKx6/8BtH84E=
Subject key identifier: 37:DB:0D:4A:2F:41:6D:72:66:8C:04:CD:50:5B:4F:81:2F:1D:EC:C2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CF950A47968FB06F038219227A1375FAE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/N9sNSi9BbXJmjATNUFtPgS8d7MI.roa
Signing time: Thu 11 Jan 2024 16:17:40 +0000
ROA not before: Thu 11 Jan 2024 16:17:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215761
IP address blocks: 2a0c:b641:ba0::/44 maxlen: 48
2a0c:b641:6d1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Sep 2024 21:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:50:a4:79:68:fb:06:f0:38:21:92:27:a1:37:5f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 11 16:17:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37db0d4a2f416d72668c04cd505b4f812f1decc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:61:0b:29:60:ee:e4:89:92:c2:69:09:23:
c2:4c:ee:03:7c:ad:c0:dc:5a:dc:f4:3d:51:28:09:
da:95:81:0f:5c:f6:8d:9e:80:4b:70:d7:0e:79:a3:
7c:18:0f:fe:c7:7b:34:a4:6e:2d:c5:65:2c:3e:aa:
c6:57:84:c3:c4:04:d2:eb:dc:ae:5f:4c:c3:7a:a5:
ec:d8:1b:fa:ab:06:0e:56:0d:41:7b:a3:1e:3a:9a:
f2:30:ac:99:37:ff:e7:d0:ac:43:be:9a:74:c2:86:
aa:f3:05:1a:82:55:94:46:45:59:ff:58:6f:ce:61:
47:37:c8:87:07:68:72:1f:c1:0c:29:b1:92:9f:4b:
37:61:94:00:b9:b6:e3:bb:02:2a:00:aa:62:91:b9:
25:56:29:60:9c:3d:a5:49:67:77:1a:c5:0d:72:f5:
f0:ae:69:61:4f:fe:25:f8:c1:4e:85:61:09:fb:ac:
91:d8:c2:1c:54:60:82:89:c8:f9:78:9b:79:25:c1:
43:00:76:03:3a:c0:17:de:f0:b9:d2:96:9c:74:09:
6a:48:b4:7d:41:10:13:40:e3:e7:33:c7:f8:7c:2c:
54:e4:bd:68:43:d3:db:9c:8b:09:52:a9:bb:db:49:
91:d8:a9:23:57:f4:86:f5:e3:86:94:c6:3b:43:2e:
0c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DB:0D:4A:2F:41:6D:72:66:8C:04:CD:50:5B:4F:81:2F:1D:EC:C2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/N9sNSi9BbXJmjATNUFtPgS8d7MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:6d1::/48
2a0c:b641:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
25:73:56:de:d5:23:01:aa:d4:47:a2:04:b2:f8:ab:33:53:26:
55:2d:bb:46:af:f0:71:62:37:a4:3b:9d:fa:69:8f:a7:c4:c0:
41:70:5c:84:59:81:cf:80:dc:bd:b0:d2:ef:0a:ef:6e:ff:a9:
aa:69:7e:fe:03:15:6c:59:96:2f:8c:03:04:26:70:8f:fd:12:
ad:e1:c3:3f:2e:d4:4a:16:c2:46:99:5a:86:b1:42:8b:8c:74:
f7:99:6b:c8:47:57:0a:a0:f4:4b:de:c8:43:d3:27:1a:1d:be:
d7:ea:50:b0:94:ff:fe:30:04:89:ce:e1:0e:8f:1d:6b:6f:53:
61:c8:a1:8c:ed:3e:d4:80:38:eb:a4:80:fa:94:04:26:57:15:
6f:53:73:1e:b6:22:4a:51:e4:de:1a:40:ed:3d:55:67:70:09:
21:f9:ed:31:00:03:05:9b:d5:69:af:1d:9d:79:06:28:03:58:
81:a9:e4:94:d1:30:e1:38:55:d2:b3:1b:81:a9:ca:23:35:6e:
2c:02:d8:bc:d5:88:78:57:fc:45:e4:9b:30:80:bc:12:7f:c3:
7b:c9:d1:9b:41:cd:f4:27:34:23:65:da:b8:29:b1:cf:98:d2:
bf:c6:da:55:84:5f:49:ce:9b:db:b9:86:80:74:5d:01:3f:58:
71:9b:21:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz5UKR5aPsG8DghkiehN1+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTExMTYxNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2RiMGQ0YTJmNDE2ZDcyNjY4YzA0Y2Q1MDViNGY4MTJmMWRlY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgthCylg7uSJksJpCSPCTO4DfK3A
3Frc9D1RKAnalYEPXPaNnoBLcNcOeaN8GA/+x3s0pG4txWUsPqrGV4TDxATS69yu
X0zDeqXs2Bv6qwYOVg1Be6MeOpryMKyZN//n0KxDvpp0woaq8wUaglWURkVZ/1hv
zmFHN8iHB2hyH8EMKbGSn0s3YZQAubbjuwIqAKpikbklVilgnD2lSWd3GsUNcvXw
rmlhT/4l+MFOhWEJ+6yR2MIcVGCCicj5eJt5JcFDAHYDOsAX3vC50pacdAlqSLR9
QRATQOPnM8f4fCxU5L1oQ9PbnIsJUqm720mR2KkjV/SG9eOGlMY7Qy4MFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDfbDUovQW1yZowEzVBbT4EvHezCMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTjlzTlNpOUJiWEptakFUTlVGdFBnUzhkN01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgy2QQbR
AwcEKgy2QQugMA0GCSqGSIb3DQEBCwUAA4IBAQAlc1be1SMBqtRHogSy+KszUyZV
LbtGr/BxYjekO536aY+nxMBBcFyEWYHPgNy9sNLvCu9u/6mqaX7+AxVsWZYvjAME
JnCP/RKt4cM/LtRKFsJGmVqGsUKLjHT3mWvIR1cKoPRL3shD0ycaHb7X6lCwlP/+
MASJzuEOjx1rb1NhyKGM7T7UgDjrpID6lAQmVxVvU3MetiJKUeTeGkDtPVVncAkh
+e0xAAMFm9Vprx2deQYoA1iBqeSU0TDhOFXSsxuBqcojNW4sAti81Yh4V/xF5Jsw
gLwSf8N7ydGbQc30JzQjZdq4KbHPmNK/xtpVhF9JzpvbuYaAdF0BP1hxmyFS
-----END CERTIFICATE-----
Generated at Tue Sep 17 23:54:22 2024 by rpki-client on console-ams.rpki-client.org