Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/nzgOtDXYYl484HAePmx1eiDwsno.roa
File: nzgOtDXYYl484HAePmx1eiDwsno.roa (raw, json)
Hash identifier: 8eJrJAnlOE1YRIA+xvLdYgR7gcht2+66kWtWlhQrqVo=
Subject key identifier: 9F:38:0E:B4:35:D8:62:5E:3C:E0:70:1E:3E:6C:75:7A:20:F0:B2:7A
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 018FC8420C13C396FD812B6D87331D655051
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/nzgOtDXYYl484HAePmx1eiDwsno.roa
Signing time: Thu 30 May 2024 06:48:42 +0000
ROA not before: Thu 30 May 2024 06:48:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0c:b6c0::/34 maxlen: 34
2a0c:b6c1::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 03 Jun 2024 06:51:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:42:0c:13:c3:96:fd:81:2b:6d:87:33:1d:65:50:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: May 30 06:48:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f380eb435d8625e3ce0701e3e6c757a20f0b27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1f:b1:30:29:3b:ba:9d:87:83:12:6f:db:de:
f6:7a:4b:c5:92:cb:bd:fd:9e:45:50:ad:75:d1:48:
ec:82:c6:e4:cc:ee:04:bc:9b:b2:56:8b:1f:34:18:
1d:cb:83:a5:52:95:bc:07:43:86:e4:be:c2:2a:5c:
a8:2c:fa:a9:e1:72:e3:b3:1c:8b:55:95:19:00:8f:
a0:e3:9e:c6:aa:10:ee:0e:a5:6f:fe:61:03:0d:c7:
0f:c1:ca:50:e6:1b:45:6b:36:20:f1:2a:45:05:04:
cd:2b:ab:84:15:97:56:6c:c5:5b:e6:48:28:8d:87:
fb:1e:18:bf:98:10:c3:a0:0a:71:c8:85:d1:4b:76:
69:cb:34:39:3a:43:1d:71:f1:40:dd:79:dd:51:9a:
6f:26:2a:b4:46:c3:ca:35:8e:fb:83:0d:97:d4:3c:
30:88:4a:7d:f8:92:1d:34:eb:1f:fa:51:cf:f8:20:
f0:19:79:08:36:ee:d3:32:95:c8:34:33:1e:81:76:
b7:30:9a:81:b5:9f:b7:73:16:55:3f:e6:6b:b2:02:
1c:b1:33:ed:2b:dd:88:4c:60:34:fc:6b:ee:d3:0f:
c1:1a:8d:e8:a7:19:90:05:73:ec:dd:2b:24:f6:4a:
46:55:33:41:0c:41:b0:fa:d9:c0:40:9b:12:ad:d3:
e8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:38:0E:B4:35:D8:62:5E:3C:E0:70:1E:3E:6C:75:7A:20:F0:B2:7A
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/nzgOtDXYYl484HAePmx1eiDwsno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c0::/34
2a0c:b6c1::/34
Signature Algorithm: sha256WithRSAEncryption
9a:66:99:b7:9c:d4:d0:26:87:64:d4:87:dc:19:c8:43:b3:6f:
ad:0c:03:99:88:a7:65:fe:fe:72:25:9a:3e:71:95:6b:76:56:
c3:38:f9:8b:6b:07:6f:e2:3a:cf:ca:45:db:2f:e2:9d:83:61:
e5:af:a7:45:de:b6:83:ae:bf:22:1f:1a:37:93:8e:43:cc:4d:
94:bb:1a:80:10:74:84:ef:50:e6:b7:ab:28:95:64:8e:2c:25:
b1:a3:96:e5:97:6b:3f:64:43:89:24:6e:33:38:ed:ed:2a:f2:
ca:b2:c0:65:2c:af:3d:be:8d:9b:81:ac:3f:0d:45:b4:7d:ea:
09:3f:ee:53:47:c6:ae:5c:b1:8b:b4:c9:a0:bf:37:7c:46:8a:
56:f1:b8:19:6e:f7:ca:0d:71:41:a1:e2:2c:e2:98:fe:7c:fe:
0b:e0:c0:b1:2c:34:29:ae:eb:a4:f4:42:db:8a:30:81:2c:cb:
0f:06:f0:c7:27:bd:02:44:63:0d:c5:67:65:ce:c1:b6:80:d6:
8b:89:ff:72:59:04:12:72:4e:5d:8f:83:df:2c:e1:35:fc:a3:
a3:3d:92:5a:e1:ee:be:57:71:78:29:6f:0d:af:2e:bc:9e:4a:
67:bd:65:49:ab:c6:51:17:e8:77:ec:6b:de:d4:b1:18:05:7a:
dd:36:5e:74
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY/IQgwTw5b9gStthzMdZVBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjQwNTMwMDY0ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM4MGViNDM1ZDg2MjVlM2NlMDcwMWUzZTZjNzU3YTIwZjBiMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih+xMCk7up2HgxJv2972ekvFksu9
/Z5FUK110UjsgsbkzO4EvJuyVosfNBgdy4OlUpW8B0OG5L7CKlyoLPqp4XLjsxyL
VZUZAI+g457GqhDuDqVv/mEDDccPwcpQ5htFazYg8SpFBQTNK6uEFZdWbMVb5kgo
jYf7Hhi/mBDDoApxyIXRS3ZpyzQ5OkMdcfFA3XndUZpvJiq0RsPKNY77gw2X1Dww
iEp9+JIdNOsf+lHP+CDwGXkINu7TMpXINDMegXa3MJqBtZ+3cxZVP+ZrsgIcsTPt
K92ITGA0/Gvu0w/BGo3opxmQBXPs3Ssk9kpGVTNBDEGw+tnAQJsSrdPoVQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJ84DrQ12GJePOBwHj5sdXog8LJ6MB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvbnpnT3REWFlZbDQ4NEhBZVBteDFlaUR3c25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYGKgy2wAAD
BgYqDLbBADANBgkqhkiG9w0BAQsFAAOCAQEAmmaZt5zU0CaHZNSH3BnIQ7NvrQwD
mYinZf7+ciWaPnGVa3ZWwzj5i2sHb+I6z8pF2y/inYNh5a+nRd62g66/Ih8aN5OO
Q8xNlLsagBB0hO9Q5rerKJVkjiwlsaOW5ZdrP2RDiSRuMzjt7SryyrLAZSyvPb6N
m4GsPw1FtH3qCT/uU0fGrlyxi7TJoL83fEaKVvG4GW73yg1xQaHiLOKY/nz+C+DA
sSw0Ka7rpPRC24owgSzLDwbwxye9AkRjDcVnZc7BtoDWi4n/clkEEnJOXY+D3yzh
Nfyjoz2SWuHuvldxeClvDa8uvJ5KZ71lSavGURfod+xr3tSxGAV63TZedA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:15 2024 by rpki-client on console-fra.rpki-client.org