Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nNzIm9hbtNFFY6m1b-6AqqkXGYg.roa
File: nNzIm9hbtNFFY6m1b-6AqqkXGYg.roa (raw, json)
Hash identifier: ofbbBYi1Te7pHSnrq7uMftLI0vqNdKsYMo3ksHrB2QI=
Subject key identifier: 9C:DC:C8:9B:D8:5B:B4:D1:45:63:A9:B5:6F:EE:80:AA:A9:17:19:88
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 01856CC1744BE8377A8AB6BB9FE58CB6AE4E
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nNzIm9hbtNFFY6m1b-6AqqkXGYg.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213341
IP address blocks: 2a0a:4587:2000::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:74:4b:e8:37:7a:8a:b6:bb:9f:e5:8c:b6:ae:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cdcc89bd85bb4d14563a9b56fee80aaa9171988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:1c:b8:0e:17:8b:95:38:37:ef:82:a8:38:
5e:94:20:b6:46:92:8f:0b:67:72:3d:62:ec:cf:5f:
3e:db:38:50:f8:5f:b3:1d:38:82:70:6a:ae:10:02:
26:5b:3f:36:77:7f:da:f7:6a:bc:28:4b:6b:74:47:
79:88:72:ce:6b:63:66:0f:3f:6d:90:30:d9:45:e4:
b5:17:f9:07:35:c5:1e:af:8d:14:6c:3d:af:d6:be:
80:ed:03:ae:b5:26:af:47:7f:54:c7:2c:2f:03:69:
48:db:34:1e:fd:60:aa:af:62:8d:b0:94:e8:37:33:
66:8b:56:d5:55:a9:7c:e7:4c:02:1d:31:c9:30:54:
a5:fe:71:99:71:a5:a7:a5:cb:1e:32:6b:13:c7:48:
27:76:0c:ed:27:f3:39:c4:5c:f2:9e:d2:a2:12:96:
d7:65:61:2d:d4:0f:e1:d2:f2:96:b7:76:26:84:1f:
4a:40:48:87:8b:f0:51:09:f2:11:6c:5a:70:5c:f2:
8e:51:73:4d:4f:28:cd:fb:b6:e7:fa:73:cc:ae:19:
7f:9c:70:46:42:5f:03:91:3f:f3:ed:75:24:eb:71:
ce:13:67:4e:83:c9:44:08:7b:51:b1:13:e1:07:62:
95:ed:0f:03:42:c9:49:fd:06:10:d6:dc:0f:e3:60:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DC:C8:9B:D8:5B:B4:D1:45:63:A9:B5:6F:EE:80:AA:A9:17:19:88
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/nNzIm9hbtNFFY6m1b-6AqqkXGYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4587:2000::/44
Signature Algorithm: sha256WithRSAEncryption
68:49:43:76:2f:09:35:81:1d:2f:f5:1a:94:8f:78:0e:31:bd:
51:a8:59:af:a3:0e:16:fa:8f:c4:2e:4f:ca:14:bd:94:ab:db:
51:65:63:02:a3:da:a1:9f:c0:0e:b9:2c:cd:69:01:e8:e2:bb:
1a:3e:25:78:e5:a6:ce:68:2f:a8:6d:68:71:ba:27:32:05:be:
62:b8:75:48:dd:aa:4e:27:b3:43:10:5f:c5:3a:31:fc:b9:c5:
e1:dc:64:26:86:58:fc:47:ee:0d:e7:0f:66:c3:27:81:d6:0c:
74:bb:29:06:70:7e:98:9b:3f:7d:00:24:ba:98:32:7a:0e:30:
d3:2e:6d:83:b8:d4:49:a0:a4:2a:9e:26:1f:6b:b3:10:4a:4b:
6b:8d:9e:f6:21:e7:84:f2:ef:d9:e8:5d:eb:84:20:36:84:2e:
ae:aa:be:f5:ac:15:76:60:6d:ba:d5:04:bb:eb:ff:ec:a2:3f:
0b:3f:f0:d9:c9:d4:e4:e3:c5:81:64:bc:5e:e1:a2:f5:53:5f:
c3:c3:d1:75:20:9b:ef:21:46:10:d1:aa:28:21:61:82:6a:a5:
55:e7:6a:96:41:a0:6e:b1:e9:f6:05:c7:65:39:d6:3e:bf:51:
e2:b6:4c:f6:99:00:6b:71:fd:23:dc:5d:78:64:8d:27:61:d9:
c2:8b:22:77
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVswXRL6Dd6ira7n+WMtq5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl
YzEwNWUwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2RjYzg5YmQ4NWJiNGQxNDU2M2E5YjU2ZmVlODBhYWE5MTcxOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7IcuA4Xi5U4N++CqDhelCC2RpKP
C2dyPWLsz18+2zhQ+F+zHTiCcGquEAImWz82d3/a92q8KEtrdEd5iHLOa2NmDz9t
kDDZReS1F/kHNcUer40UbD2v1r6A7QOutSavR39UxywvA2lI2zQe/WCqr2KNsJTo
NzNmi1bVVal850wCHTHJMFSl/nGZcaWnpcseMmsTx0gndgztJ/M5xFzyntKiEpbX
ZWEt1A/h0vKWt3YmhB9KQEiHi/BRCfIRbFpwXPKOUXNNTyjN+7bn+nPMrhl/nHBG
Ql8DkT/z7XUk63HOE2dOg8lECHtRsRPhB2KV7Q8DQslJ/QYQ1twP42Bp2wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFJzcyJvYW7TRRWOptW/ugKqpFxmIMB8GA1UdIwQY
MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1
LTM4MjM1NWZjMmZmMS8xL25OekltOWhidE5GRlk2bTFiLTZBcXFrWEdZZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm
MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqCkWH
IAAwDQYJKoZIhvcNAQELBQADggEBAGhJQ3YvCTWBHS/1GpSPeA4xvVGoWa+jDhb6
j8QuT8oUvZSr21FlYwKj2qGfwA65LM1pAejiuxo+JXjlps5oL6htaHG6JzIFvmK4
dUjdqk4ns0MQX8U6Mfy5xeHcZCaGWPxH7g3nD2bDJ4HWDHS7KQZwfpibP30AJLqY
MnoOMNMubYO41EmgpCqeJh9rsxBKS2uNnvYh54Ty79noXeuEIDaELq6qvvWsFXZg
bbrVBLvr/+yiPws/8NnJ1OTjxYFkvF7hovVTX8PD0XUgm+8hRhDRqighYYJqpVXn
apZBoG6x6fYFx2U51j6/UeK2TPaZAGtx/SPcXXhkjSdh2cKLInc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:25 2024 by rpki-client on console-fra.rpki-client.org