Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/NJ7sxw2LJ7OY-ngFljna1eyCSpw.roa
File: NJ7sxw2LJ7OY-ngFljna1eyCSpw.roa (raw, json)
Hash identifier: T/TQenzBkK+VI5H77MfC2l6rehZg8ZexZiSCNsNz7HM=
Subject key identifier: 34:9E:EC:C7:0D:8B:27:B3:98:FA:78:05:96:39:DA:D5:EC:82:4A:9C
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0186171663B9ADD33FB06B26FE7A9B7ED964
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/NJ7sxw2LJ7OY-ngFljna1eyCSpw.roa
Signing time: Fri 03 Feb 2023 11:43:08 +0000
ROA not before: Fri 03 Feb 2023 11:43:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 2a12:8fc1:3000::/36 maxlen: 36
2a12:8fc1:2000::/36 maxlen: 36
2a12:8fc1:1000::/36 maxlen: 36
2a12:8fc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:16:63:b9:ad:d3:3f:b0:6b:26:fe:7a:9b:7e:d9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Feb 3 11:43:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=349eecc70d8b27b398fa78059639dad5ec824a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b9:11:e3:45:93:46:8a:7a:2e:62:9c:9e:3c:
06:be:1d:f2:58:9a:69:e1:b2:39:8b:3f:df:49:b6:
c4:dc:8f:7d:20:35:35:c6:4f:a9:71:db:ed:8d:2e:
5c:f8:51:8e:ea:a0:16:ed:40:04:28:81:20:7b:8d:
30:84:b9:2a:5a:dc:f3:23:ba:14:99:69:07:fb:59:
6d:51:8f:67:0c:12:d6:0e:43:86:10:54:12:0f:d3:
c4:9f:4b:6a:27:c8:96:4c:d6:ca:2f:47:34:82:94:
1d:d1:58:03:ff:fe:aa:e5:6b:82:7e:25:88:e1:11:
03:1d:29:3b:3f:92:41:8f:87:5b:6f:70:94:f0:91:
58:5c:87:74:06:29:ea:75:b6:85:72:26:5c:f5:14:
6e:43:53:e1:5e:73:0d:80:87:37:3a:4e:23:dd:5a:
e4:b2:8d:d9:5b:5b:16:7f:70:57:bc:4a:e5:4a:7e:
28:05:d0:ba:92:9c:17:a6:f0:e1:38:04:3b:6a:29:
56:da:6c:1e:89:aa:78:91:e6:66:0c:ee:44:c0:98:
80:33:4c:06:1e:8b:2e:68:1e:70:a8:cc:ec:67:63:
4c:70:19:fd:f9:62:d3:b4:21:25:f5:43:53:19:7d:
0e:2c:34:25:5e:f5:73:40:96:eb:02:54:3f:a8:49:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9E:EC:C7:0D:8B:27:B3:98:FA:78:05:96:39:DA:D5:EC:82:4A:9C
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/NJ7sxw2LJ7OY-ngFljna1eyCSpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc1::/32
Signature Algorithm: sha256WithRSAEncryption
0e:1a:7b:1a:38:14:45:3d:d9:dc:3e:5c:34:f0:d1:73:c6:c5:
de:38:95:0b:30:3f:9f:57:8a:c2:db:56:4f:8b:d2:88:cc:2e:
62:2e:c3:11:5c:a8:a8:26:ee:76:10:02:c9:fa:5e:ba:cd:4d:
8a:34:da:c7:8a:8e:7e:d5:6e:77:a4:e1:dc:98:9f:e4:71:8f:
57:0f:e9:41:0b:ed:3c:f5:1f:2c:0d:cb:ee:46:09:d2:ec:cd:
ec:4c:17:c7:50:67:18:70:2c:4a:45:9a:74:44:17:94:fa:b5:
4d:b4:be:d9:44:42:1c:65:59:ad:d5:86:e9:e2:79:47:d9:93:
aa:72:4b:88:2f:72:19:29:9d:9c:2e:6e:f4:27:e2:d0:08:2c:
8b:51:71:45:05:57:66:df:58:82:3d:c3:4d:ec:b9:bc:71:1c:
4b:db:9c:5c:a0:b8:81:4e:72:74:c1:6a:4a:04:64:39:ee:21:
b4:d6:b4:c8:21:11:06:c0:f0:a9:1a:0f:a0:f6:da:06:55:e4:
04:36:b8:7b:ea:8a:86:4e:fc:09:5f:fe:bc:e5:76:67:09:96:
85:1c:b8:dd:9d:a9:86:92:c6:f1:70:2f:c0:54:e1:39:1b:08:
60:f3:63:94:93:9d:5b:c5:db:6a:1d:e0:2a:96:a3:6a:8e:df:
76:86:3d:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYXFmO5rdM/sGsm/nqbftlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMjAzMTE0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDllZWNjNzBkOGIyN2IzOThmYTc4MDU5NjM5ZGFkNWVjODI0YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLkR40WTRop6LmKcnjwGvh3yWJpp
4bI5iz/fSbbE3I99IDU1xk+pcdvtjS5c+FGO6qAW7UAEKIEge40whLkqWtzzI7oU
mWkH+1ltUY9nDBLWDkOGEFQSD9PEn0tqJ8iWTNbKL0c0gpQd0VgD//6q5WuCfiWI
4REDHSk7P5JBj4dbb3CU8JFYXId0BinqdbaFciZc9RRuQ1PhXnMNgIc3Ok4j3Vrk
so3ZW1sWf3BXvErlSn4oBdC6kpwXpvDhOAQ7ailW2mweiap4keZmDO5EwJiAM0wG
HosuaB5wqMzsZ2NMcBn9+WLTtCEl9UNTGX0OLDQlXvVzQJbrAlQ/qEleuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDSe7McNiyezmPp4BZY52tXsgkqcMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvTko3c3h3MkxKN09ZLW5nRmxqbmExZXlDU3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPwTAN
BgkqhkiG9w0BAQsFAAOCAQEADhp7GjgURT3Z3D5cNPDRc8bF3jiVCzA/n1eKwttW
T4vSiMwuYi7DEVyoqCbudhACyfpeus1NijTax4qOftVud6Th3Jif5HGPVw/pQQvt
PPUfLA3L7kYJ0uzN7EwXx1BnGHAsSkWadEQXlPq1TbS+2URCHGVZrdWG6eJ5R9mT
qnJLiC9yGSmdnC5u9Cfi0Agsi1FxRQVXZt9Ygj3DTey5vHEcS9ucXKC4gU5ydMFq
SgRkOe4htNa0yCERBsDwqRoPoPbaBlXkBDa4e+qKhk78CV/+vOV2ZwmWhRy43Z2p
hpLG8XAvwFThORsIYPNjlJOdW8Xbah3gKpajao7fdoY9Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org