Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/nBcHSNWAXbAjfkvp-AwLAz3oJ_I.roa
File: nBcHSNWAXbAjfkvp-AwLAz3oJ_I.roa (raw, json)
Hash identifier: OdiToCK+L5EDlYFGZw3rJ2dAqyQ2LSbSq6ClneNJF+w=
Subject key identifier: 9C:17:07:48:D5:80:5D:B0:23:7E:4B:E9:F8:0C:0B:03:3D:E8:27:F2
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018A5569151DDD2504F3BE426590B4011CD9
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/nBcHSNWAXbAjfkvp-AwLAz3oJ_I.roa
Signing time: Sat 02 Sep 2023 10:21:04 +0000
ROA not before: Sat 02 Sep 2023 10:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db83::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 02 Sep 2023 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:69:15:1d:dd:25:04:f3:be:42:65:90:b4:01:1c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Sep 2 10:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c170748d5805db0237e4be9f80c0b033de827f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:31:19:7e:54:e2:13:85:69:a0:0f:b5:09:16:
7f:30:2a:b8:19:93:a6:b4:55:bc:17:9d:c3:d6:53:
82:1a:f6:31:53:81:c1:88:f9:1b:b3:60:fb:fe:43:
09:24:94:fb:7f:f6:29:fd:ab:b5:cf:8c:57:f0:2c:
cf:f0:2f:56:e9:1d:d6:96:6b:6a:92:f7:72:50:3f:
b8:c9:27:1a:fa:87:51:1b:26:cf:34:46:65:a4:88:
c5:8b:aa:c8:1a:1e:e4:9e:e9:ae:67:5c:ac:a6:5d:
e7:db:c4:e6:99:49:58:69:22:34:8f:df:36:44:4b:
9c:b8:af:e3:3c:51:6f:86:67:ea:7b:b2:6b:a6:e5:
8a:d0:06:da:c7:f6:f0:b5:14:25:fe:b0:2a:8b:4e:
f6:93:03:a0:ac:d7:b9:3d:b3:ff:61:89:c8:c9:ff:
7b:a2:26:ce:41:5c:cb:b6:c5:d6:d1:53:74:14:7b:
00:00:ad:58:8f:76:13:09:eb:5d:97:18:86:2e:12:
ab:02:e4:aa:60:2e:83:8b:71:66:57:99:55:4b:8e:
74:86:f0:fb:7e:a9:21:a9:4e:e2:5d:d6:23:2f:8e:
9d:49:0a:90:c4:c7:30:41:5f:5b:12:4a:08:81:db:
df:c1:3d:ac:6a:78:a1:8f:7e:ff:a5:b3:ba:41:1f:
b1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:17:07:48:D5:80:5D:B0:23:7E:4B:E9:F8:0C:0B:03:3D:E8:27:F2
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/nBcHSNWAXbAjfkvp-AwLAz3oJ_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
2a07:db82::/31
Signature Algorithm: sha256WithRSAEncryption
59:da:19:3a:bb:32:17:56:1c:1c:e4:98:29:f1:b8:b3:23:ec:
9a:fb:a2:c7:20:00:82:34:21:b6:b0:d8:b3:ea:d4:f2:a5:3c:
57:7f:8a:ca:10:50:28:91:92:4c:4a:b2:4d:61:f5:2f:70:41:
05:2e:33:fc:c6:c9:20:89:a3:c7:e2:1b:29:20:88:d1:cb:36:
e0:56:bb:88:0c:9e:ac:da:ff:c7:f1:22:9a:87:e2:59:d9:d5:
28:f8:46:45:34:99:d5:b8:19:7a:c9:8d:c4:e9:ec:ef:d1:af:
c4:2f:40:2b:e9:e8:9c:a4:84:6f:47:70:55:0f:00:69:62:9c:
c4:a2:86:48:1b:9e:f2:29:ae:e7:2c:c3:4f:23:33:80:6e:42:
57:1f:74:34:dd:de:6e:95:ab:27:f2:38:36:61:21:e4:03:86:
b0:f1:14:fd:fc:11:aa:b4:8f:cf:7a:51:5a:8b:28:9d:52:77:
3a:49:4a:e5:da:5d:b2:14:cb:3e:40:6b:af:6e:59:49:7c:0f:
25:4b:d7:78:f2:92:24:60:53:be:a7:59:47:c2:32:23:5e:4b:
f0:4f:dd:3a:bb:43:72:13:85:83:0d:04:10:c2:68:68:df:f9:
da:8d:d1:5d:40:fa:ab:94:f6:7c:36:c2:18:e9:72:04:6f:e2:
71:40:b0:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpVaRUd3SUE875CZZC0ARzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwOTAyMTAyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE3MDc0OGQ1ODA1ZGIwMjM3ZTRiZTlmODBjMGIwMzNkZTgyN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjEZflTiE4VpoA+1CRZ/MCq4GZOm
tFW8F53D1lOCGvYxU4HBiPkbs2D7/kMJJJT7f/Yp/au1z4xX8CzP8C9W6R3Wlmtq
kvdyUD+4ySca+odRGybPNEZlpIjFi6rIGh7knumuZ1yspl3n28TmmUlYaSI0j982
REucuK/jPFFvhmfqe7JrpuWK0Abax/bwtRQl/rAqi072kwOgrNe5PbP/YYnIyf97
oibOQVzLtsXW0VN0FHsAAK1Yj3YTCetdlxiGLhKrAuSqYC6Di3FmV5lVS450hvD7
fqkhqU7iXdYjL46dSQqQxMcwQV9bEkoIgdvfwT2sanihj37/pbO6QR+x4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJwXB0jVgF2wI35L6fgMCwM96CfyMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvbkJjSFNOV0FYYkFqZmt2cC1Bd0xBejNvSl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfbgAMF
ASoH24IwDQYJKoZIhvcNAQELBQADggEBAFnaGTq7MhdWHBzkmCnxuLMj7Jr7oscg
AII0Ibaw2LPq1PKlPFd/isoQUCiRkkxKsk1h9S9wQQUuM/zGySCJo8fiGykgiNHL
NuBWu4gMnqza/8fxIpqH4lnZ1Sj4RkU0mdW4GXrJjcTp7O/Rr8QvQCvp6JykhG9H
cFUPAGlinMSihkgbnvIprucsw08jM4BuQlcfdDTd3m6VqyfyODZhIeQDhrDxFP38
Eaq0j896UVqLKJ1SdzpJSuXaXbIUyz5Aa69uWUl8DyVL13jykiRgU76nWUfCMiNe
S/BP3Tq7Q3IThYMNBBDCaGjf+dqN0V1A+quU9nw2whjpcgRv4nFAsKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org