Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/nBdh69tnUt6p5NDekpsWqEw_4g0.roa
File: nBdh69tnUt6p5NDekpsWqEw_4g0.roa (raw, json)
Hash identifier: ImQGxvQhqeSqsZxa6mcScBJn4TyippTVaJ6tQQQdUQY=
Subject key identifier: 9C:17:61:EB:DB:67:52:DE:A9:E4:D0:DE:92:9B:16:A8:4C:3F:E2:0D
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01927D4AE131B64C8225D09FDF124BF284AF
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/nBdh69tnUt6p5NDekpsWqEw_4g0.roa
Signing time: Fri 11 Oct 2024 20:35:12 +0000
ROA not before: Fri 11 Oct 2024 20:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:7f40::/32 maxlen: 32
2a0e:7f43::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 12 Oct 2024 20:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e1:31:b6:4c:82:25:d0:9f:df:12:4b:f2:84:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Oct 11 20:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c1761ebdb6752dea9e4d0de929b16a84c3fe20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:97:e7:07:74:71:a1:66:b4:05:bf:4c:4c:
0b:08:78:8f:c3:0c:5d:1a:b8:ec:23:76:f8:7e:88:
28:1d:79:4c:cd:d0:a3:3c:ae:79:45:70:c6:ba:93:
8b:d0:e8:bf:e6:00:ca:16:71:62:06:0e:9a:ec:b8:
c2:44:91:7c:01:ca:45:99:4d:2f:03:2d:22:4d:d3:
ff:a4:0e:a6:93:8b:db:60:7b:21:7b:ff:7b:ac:4f:
4d:1a:ea:ca:9b:7a:32:56:44:1c:d2:dd:d2:0b:41:
4f:49:ac:81:5b:09:cc:c0:6c:8e:3b:fb:84:d2:fe:
04:2b:c2:9d:52:97:06:f8:1a:29:d6:c7:c9:e8:7a:
19:e2:2b:87:ec:40:f9:0e:17:a9:82:df:3b:78:20:
5a:a6:8f:ff:e1:00:ec:81:30:13:d1:dd:61:b5:35:
b5:8c:fa:89:68:2e:d0:99:a8:c3:6a:07:9d:3c:7c:
72:82:5f:08:1e:4d:b9:ec:80:61:86:c4:c9:95:6d:
fc:f5:01:68:c3:90:31:f3:d5:3a:e2:dd:f8:13:2f:
19:75:f1:88:40:aa:c9:8b:1c:b5:d8:fe:1b:e4:11:
fc:0c:d2:9c:2b:15:f3:4c:37:3a:79:71:ed:70:35:
b2:11:b3:f4:f6:9f:62:9a:f3:ae:7b:a3:6d:9e:f4:
9a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:17:61:EB:DB:67:52:DE:A9:E4:D0:DE:92:9B:16:A8:4C:3F:E2:0D
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/nBdh69tnUt6p5NDekpsWqEw_4g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/32
2a0e:7f43::/32
Signature Algorithm: sha256WithRSAEncryption
37:fc:a0:f0:88:90:da:aa:5c:75:3e:10:1a:46:1f:0c:ee:00:
3f:7e:59:fe:7a:72:05:5a:73:0f:eb:47:77:98:cb:72:c8:e2:
0c:0c:9e:7e:83:d2:e6:6a:c6:04:95:91:45:97:7b:48:af:26:
33:2a:b0:c5:87:ca:26:9a:36:db:39:01:bf:8f:3d:31:ab:49:
8a:d2:1c:62:51:e6:ea:8e:3c:db:58:16:7d:54:2e:8e:67:ee:
e0:da:6c:20:a2:68:9d:8f:3e:95:5c:a9:a3:0d:3b:3c:b9:75:
fb:89:07:a1:a1:f6:94:0b:03:04:ea:23:cd:ae:e0:b7:b0:20:
e2:ed:df:d0:a8:32:22:f4:78:b1:ca:2e:ee:79:91:55:45:b8:
d7:b5:f1:d7:c1:1d:ab:75:05:5c:17:c8:63:21:f4:4d:fc:8c:
4e:1d:98:16:b1:60:ef:92:17:12:3d:29:44:17:ef:e6:84:dc:
b2:ee:a3:4d:44:14:7a:5c:7f:4f:8e:f4:9d:32:37:5a:6b:ca:
c5:52:e3:90:e3:82:83:c2:76:79:5f:62:cd:09:19:81:37:c8:
e3:b4:85:9a:11:63:3a:a2:ba:aa:51:13:dc:2f:76:88:b9:ca:
69:b0:fb:5b:b0:0a:ee:85:c4:55:63:23:4a:f1:19:50:8d:72:
cc:f8:e3:50
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9SuExtkyCJdCf3xJL8oSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQxMDExMjAzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE3NjFlYmRiNjc1MmRlYTllNGQwZGU5MjliMTZhODRjM2ZlMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyqX5wd0caFmtAW/TEwLCHiPwwxd
GrjsI3b4fogoHXlMzdCjPK55RXDGupOL0Oi/5gDKFnFiBg6a7LjCRJF8AcpFmU0v
Ay0iTdP/pA6mk4vbYHshe/97rE9NGurKm3oyVkQc0t3SC0FPSayBWwnMwGyOO/uE
0v4EK8KdUpcG+Bop1sfJ6HoZ4iuH7ED5Dhepgt87eCBapo//4QDsgTAT0d1htTW1
jPqJaC7QmajDagedPHxygl8IHk257IBhhsTJlW389QFow5Ax89U64t34Ey8ZdfGI
QKrJixy12P4b5BH8DNKcKxXzTDc6eXHtcDWyEbP09p9imvOue6NtnvSaSQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJwXYevbZ1LeqeTQ3pKbFqhMP+INMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvbkJkaDY5dG5VdDZwNU5EZWtwc1dxRXdfNGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/QAMF
ACoOf0MwDQYJKoZIhvcNAQELBQADggEBADf8oPCIkNqqXHU+EBpGHwzuAD9+Wf56
cgVacw/rR3eYy3LI4gwMnn6D0uZqxgSVkUWXe0ivJjMqsMWHyiaaNts5Ab+PPTGr
SYrSHGJR5uqOPNtYFn1ULo5n7uDabCCiaJ2PPpVcqaMNOzy5dfuJB6Gh9pQLAwTq
I82u4LewIOLt39CoMiL0eLHKLu55kVVFuNe18dfBHat1BVwXyGMh9E38jE4dmBax
YO+SFxI9KUQX7+aE3LLuo01EFHpcf0+O9J0yN1prysVS45DjgoPCdnlfYs0JGYE3
yOO0hZoRYzqiuqpRE9wvdoi5ymmw+1uwCu6FxFVjI0rxGVCNcsz441A=
-----END CERTIFICATE-----
Generated at Sat Oct 12 22:40:43 2024 by rpki-client on console-ams.rpki-client.org