Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/NicZXIiLQXzD-XO-1ua1Uxw5tak.roa
File: NicZXIiLQXzD-XO-1ua1Uxw5tak.roa (raw, json)
Hash identifier: K5Q/3ybxXaeqU6udJHD0LodwHnHiQVJrDS+ZblcX77Y=
Subject key identifier: 36:27:19:5C:88:8B:41:7C:C3:F9:73:BE:D6:E6:B5:53:1C:39:B5:A9
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 018D21A92CD73ABF8685CC976B6FEC2A4406
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/NicZXIiLQXzD-XO-1ua1Uxw5tak.roa
Signing time: Fri 19 Jan 2024 12:19:11 +0000
ROA not before: Fri 19 Jan 2024 12:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140915
IP address blocks: 2a13:a5c3:f100::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 09:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:a9:2c:d7:3a:bf:86:85:cc:97:6b:6f:ec:2a:44:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 19 12:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3627195c888b417cc3f973bed6e6b5531c39b5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:3a:db:af:9c:00:8c:a7:9f:0f:b4:41:da:
66:cd:7c:9e:4d:9e:e2:64:e7:04:19:42:8c:ba:48:
69:77:70:4b:b6:83:0e:5b:59:44:e6:53:56:e7:f1:
b6:cb:6f:c9:0b:57:94:f8:3a:9c:b6:96:d5:9c:5b:
6b:11:18:fa:6a:e2:cf:6b:6e:eb:4a:8a:ea:52:20:
92:2a:6e:51:2d:c4:7d:ae:4b:b0:cd:cc:4a:6a:6b:
c4:89:b9:fa:f0:bb:83:c0:5f:19:e2:e7:c1:c2:bd:
4c:dc:53:5c:a0:35:67:ba:fb:48:99:a3:f9:f9:dc:
54:28:87:76:81:b5:fc:65:68:bd:93:43:7d:67:17:
4f:ed:17:fc:ff:43:2a:8a:fa:c7:3c:04:6b:ab:cc:
09:bf:1b:1e:32:81:99:64:e6:f2:c8:46:4f:da:cf:
3d:9e:57:50:03:c6:6c:18:5b:21:ba:e1:bd:0d:f6:
d6:88:b7:db:c4:5e:30:e0:b1:79:b6:09:b1:b2:30:
12:a7:82:07:18:14:4c:64:79:e1:b6:21:0a:51:81:
1a:f2:51:84:bb:be:f2:a7:6f:d3:00:7b:e1:07:9b:
5d:c8:18:a9:0b:52:89:98:63:a6:80:62:83:c8:b4:
3e:b2:e0:1d:30:fb:f6:cf:f8:c6:d7:52:d5:b9:fa:
f6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:27:19:5C:88:8B:41:7C:C3:F9:73:BE:D6:E6:B5:53:1C:39:B5:A9
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/NicZXIiLQXzD-XO-1ua1Uxw5tak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c3:f100::/44
Signature Algorithm: sha256WithRSAEncryption
1b:46:46:95:d5:f1:dd:97:f9:43:49:38:8b:4f:87:d1:ec:44:
87:58:af:bd:0c:e2:d8:e9:52:82:fa:be:11:cc:71:65:7f:ff:
69:d0:49:c4:50:7e:f4:1b:c1:89:6a:c1:ab:b3:e8:4d:82:b1:
5e:9e:2d:4f:09:1d:49:f0:ec:0d:e9:14:11:91:69:7b:35:70:
06:59:a7:e1:b4:90:31:2e:bb:29:70:a6:83:7c:7d:eb:9c:72:
56:3c:83:51:c6:64:6d:51:e7:8c:88:34:0c:83:0a:a9:4d:59:
ac:42:8a:7e:2a:b7:04:e7:0a:8f:eb:5b:a6:af:aa:1c:a2:ee:
0a:29:9d:a7:12:2f:06:b8:b5:fe:cc:2c:a5:7a:ce:6e:65:eb:
d3:9d:59:dd:8c:f3:42:37:ff:b6:21:d8:7b:a1:64:25:13:f6:
c4:4e:86:fa:7a:19:a8:47:53:cc:b5:dc:29:98:9f:fb:44:9f:
15:85:e2:ad:f2:ad:f3:9e:63:50:55:c3:12:f8:09:de:bc:b1:
bf:20:99:46:28:a5:c1:72:d9:d2:cb:8f:e7:8f:51:62:a5:4a:
4a:3d:34:93:86:6d:0d:23:07:79:1b:d1:eb:e2:83:54:a4:d6:
38:90:6a:5f:d7:dd:05:15:d6:5d:f1:f8:44:e2:75:42:ff:be:
67:5e:e5:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0hqSzXOr+GhcyXa2/sKkQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjQwMTE5MTIxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI3MTk1Yzg4OGI0MTdjYzNmOTczYmVkNmU2YjU1MzFjMzliNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9M626+cAIynnw+0QdpmzXyeTZ7i
ZOcEGUKMukhpd3BLtoMOW1lE5lNW5/G2y2/JC1eU+DqctpbVnFtrERj6auLPa27r
SorqUiCSKm5RLcR9rkuwzcxKamvEibn68LuDwF8Z4ufBwr1M3FNcoDVnuvtImaP5
+dxUKId2gbX8ZWi9k0N9ZxdP7Rf8/0MqivrHPARrq8wJvxseMoGZZObyyEZP2s89
nldQA8ZsGFshuuG9DfbWiLfbxF4w4LF5tgmxsjASp4IHGBRMZHnhtiEKUYEa8lGE
u77yp2/TAHvhB5tdyBipC1KJmGOmgGKDyLQ+suAdMPv2z/jG11LVufr2awIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDYnGVyIi0F8w/lzvtbmtVMcObWpMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvTmljWlhJaUxRWHpELVhPLTF1YTFVeHc1dGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhOlw/EA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbRkaV1fHdl/lDSTiLT4fR7ESHWK+9DOLY6VKC
+r4RzHFlf/9p0EnEUH70G8GJasGrs+hNgrFeni1PCR1J8OwN6RQRkWl7NXAGWafh
tJAxLrspcKaDfH3rnHJWPINRxmRtUeeMiDQMgwqpTVmsQop+KrcE5wqP61umr6oc
ou4KKZ2nEi8GuLX+zCyles5uZevTnVndjPNCN/+2Idh7oWQlE/bETob6ehmoR1PM
tdwpmJ/7RJ8VheKt8q3znmNQVcMS+AnevLG/IJlGKKXBctnSy4/nj1FipUpKPTST
hm0NIwd5G9Hr4oNUpNY4kGpf190FFdZd8fhE4nVC/75nXuVu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:00 2024 by rpki-client on console-fra.rpki-client.org