Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/nD87mA-ocZDSzOtTTdqJzaCFduE.roa
File: nD87mA-ocZDSzOtTTdqJzaCFduE.roa (raw, json)
Hash identifier: o6NvThFI2zBT14Xlh5F4iiC1muksDSflEbt/Y001njo=
Subject key identifier: 9C:3F:3B:98:0F:A8:71:90:D2:CC:EB:53:4D:DA:89:CD:A0:85:76:E1
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0A30B2357B855650E773C6DF219D
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/nD87mA-ocZDSzOtTTdqJzaCFduE.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a05:b0c6:a200::/39 maxlen: 39
2a05:b0c7:6000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 15 Jan 2024 17:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0a:30:b2:35:7b:85:56:50:e7:73:c6:df:21:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3f3b980fa87190d2cceb534dda89cda08576e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0c:b0:7e:e9:e4:8b:1f:f7:ae:62:3f:2e:58:
50:38:93:bd:65:7b:fd:7c:b3:15:6c:0a:7d:57:f6:
58:73:b3:f1:f7:07:18:14:d1:0b:df:21:ab:48:ed:
a8:78:d6:ad:75:4c:13:33:02:d3:09:af:98:bf:3a:
c0:5b:00:b4:60:ff:45:ce:df:f4:82:c4:fe:db:8f:
79:f7:e4:a7:f7:97:95:cf:0d:d1:fa:a2:01:2b:aa:
2e:2b:15:d4:10:0f:ec:f1:cf:24:ca:53:1d:84:46:
76:7c:b3:57:6c:ac:e2:fd:f1:22:61:dd:91:10:b6:
59:57:fd:fc:17:e7:74:3a:c5:31:ff:3e:5e:a1:19:
3b:c5:28:a0:49:7e:1e:29:2e:77:c0:14:bf:82:d7:
f1:c3:ab:34:2e:12:7b:d5:83:5c:27:2a:7d:2b:3f:
52:a0:79:ab:0b:04:9d:c7:f5:af:74:07:ca:65:bc:
e9:ca:8a:e4:6a:a0:fd:20:10:e3:53:bc:24:c1:98:
34:e5:56:66:17:e4:e3:7a:ab:cd:88:8d:ff:b6:6a:
03:6c:45:0a:f3:0e:c2:2a:13:4c:12:e6:c7:32:d7:
10:c2:78:dd:89:55:89:7e:db:c3:f9:d7:f8:61:64:
e4:22:8c:6f:36:43:af:a9:a3:cc:5c:23:e9:0f:8e:
9e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3F:3B:98:0F:A8:71:90:D2:CC:EB:53:4D:DA:89:CD:A0:85:76:E1
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/nD87mA-ocZDSzOtTTdqJzaCFduE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:a200::/39
2a05:b0c7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
0a:d1:d2:48:9b:8a:2f:a9:6f:dd:00:1d:e3:af:4e:30:f5:ee:
1f:39:0e:4d:30:03:b5:d8:51:21:5b:04:ee:16:af:95:46:5c:
78:74:0e:c6:d4:dc:d3:43:fc:d4:72:4a:f3:df:f2:00:6c:65:
ec:d3:3b:1d:77:12:57:15:bc:21:fb:70:5c:82:65:ac:c0:e7:
5e:dc:ba:61:de:c6:c4:4b:40:18:76:31:88:a2:bf:11:ee:08:
b4:61:77:44:9b:9c:91:97:5f:48:1a:8c:ba:4a:6b:9a:a4:15:
23:24:c9:eb:ea:03:d0:13:14:c3:c5:01:a5:24:47:60:33:6a:
29:26:79:7c:47:b9:b5:60:21:a5:af:c8:1c:16:80:21:c7:8b:
42:b2:bd:c2:0e:c8:c3:5c:04:4c:a8:c9:99:43:ce:ad:81:9d:
d3:32:f9:4d:b0:fc:ff:de:c5:46:f0:57:dd:77:06:9b:cd:c7:
38:1f:b0:44:f6:7d:4d:8b:c2:1e:9f:c8:51:92:25:86:eb:5b:
67:ac:d2:d8:25:c1:3d:76:63:ad:9d:8e:dc:09:4c:ec:b5:a9:
8b:81:57:5c:d7:fb:b9:e7:47:a2:2f:48:3f:df:6c:73:0e:72:
f1:15:19:02:bb:e9:d6:94:8a:97:bf:b7:8b:75:1f:9d:77:17:
44:91:d3:7a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzF3AowsjV7hVZQ53PG3yGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNmM2I5ODBmYTg3MTkwZDJjY2ViNTM0ZGRhODljZGEwODU3NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQywfunkix/3rmI/LlhQOJO9ZXv9
fLMVbAp9V/ZYc7Px9wcYFNEL3yGrSO2oeNatdUwTMwLTCa+YvzrAWwC0YP9Fzt/0
gsT+24959+Sn95eVzw3R+qIBK6ouKxXUEA/s8c8kylMdhEZ2fLNXbKzi/fEiYd2R
ELZZV/38F+d0OsUx/z5eoRk7xSigSX4eKS53wBS/gtfxw6s0LhJ71YNcJyp9Kz9S
oHmrCwSdx/WvdAfKZbzpyorkaqD9IBDjU7wkwZg05VZmF+TjeqvNiI3/tmoDbEUK
8w7CKhNMEubHMtcQwnjdiVWJftvD+df4YWTkIoxvNkOvqaPMXCPpD46e2QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJw/O5gPqHGQ0szrU03aic2ghXbhMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvbkQ4N21BLW9jWkRTek90VFRkcUp6YUNGZHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYBKgWwxqID
BgQqBbDHYDANBgkqhkiG9w0BAQsFAAOCAQEACtHSSJuKL6lv3QAd469OMPXuHzkO
TTADtdhRIVsE7havlUZceHQOxtTc00P81HJK89/yAGxl7NM7HXcSVxW8IftwXIJl
rMDnXty6Yd7GxEtAGHYxiKK/Ee4ItGF3RJuckZdfSBqMukprmqQVIyTJ6+oD0BMU
w8UBpSRHYDNqKSZ5fEe5tWAhpa/IHBaAIceLQrK9wg7Iw1wETKjJmUPOrYGd0zL5
TbD8/97FRvBX3XcGm83HOB+wRPZ9TYvCHp/IUZIlhutbZ6zS2CXBPXZjrZ2O3AlM
7LWpi4FXXNf7uedHoi9IP99scw5y8RUZArvp1pSKl7+3i3UfnXcXRJHTeg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:13:13 2025 by rpki-client