Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/IpwsGq4nMmlUWRQRLhuf49jTfHs.roa
File: IpwsGq4nMmlUWRQRLhuf49jTfHs.roa (raw, json)
Hash identifier: M7G7tkmewRhAEZ9ZgFxPGASWPqN+pUgkO3WTGwVxTDU=
Subject key identifier: 22:9C:2C:1A:AE:27:32:69:54:59:14:11:2E:1B:9F:E3:D8:D3:7C:7B
Certificate issuer: /CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Certificate serial: 01856D41971F9ACF394F80F1EE5BF0875C15
Authority key identifier: 34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/IpwsGq4nMmlUWRQRLhuf49jTfHs.roa
Signing time: Sun 01 Jan 2023 12:14:52 +0000
ROA not before: Sun 01 Jan 2023 12:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16262
IP address blocks: 2a03:e140:3a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:97:1f:9a:cf:39:4f:80:f1:ee:5b:f0:87:5c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Validity
Not Before: Jan 1 12:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=229c2c1aae273269545914112e1b9fe3d8d37c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8e:3f:25:a9:12:30:c5:b1:df:28:07:76:b4:
0e:02:3c:74:1d:de:a9:7c:ba:1e:9d:0a:ff:56:8e:
1c:2d:0c:18:fa:df:e2:ae:0f:c8:51:71:fd:ea:2c:
05:08:75:9a:2a:66:05:6a:46:d1:25:ce:1d:0b:6e:
f5:16:f0:b5:f0:72:dd:4c:61:12:25:03:c5:ac:c3:
a7:79:ec:3e:b7:18:7b:fd:44:37:7a:51:d2:44:c8:
2c:58:99:c0:d5:c5:92:79:f1:2a:df:ac:b0:70:8b:
4e:5c:4c:b5:37:b0:ad:38:84:5b:ee:8e:a7:e9:25:
13:86:55:55:57:34:75:01:71:f9:c6:5a:0c:7c:0a:
92:a5:d8:6f:80:0c:8c:b3:a5:95:75:46:ac:41:d7:
4c:a0:ca:02:6a:ac:66:ce:bb:2d:de:18:e6:e5:0f:
93:53:de:e0:40:ee:4a:c0:ed:21:28:22:86:ee:7c:
f8:13:fe:28:65:13:7a:ee:85:0c:d2:35:ff:ac:dc:
c1:63:e0:3f:ff:10:64:53:c5:1c:02:48:91:33:a1:
0d:44:82:04:03:dc:24:ad:8b:08:72:61:fc:23:93:
5d:e7:12:2f:84:f3:bb:9f:45:2c:1d:c7:3a:04:c3:
9c:0d:e5:1f:d5:2b:5b:85:21:eb:99:20:93:d4:5f:
37:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9C:2C:1A:AE:27:32:69:54:59:14:11:2E:1B:9F:E3:D8:D3:7C:7B
X509v3 Authority Key Identifier:
keyid:34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/IpwsGq4nMmlUWRQRLhuf49jTfHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/NHK1U_DLCxOQDUwuDmx3msoD47E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e140:3a::/48
Signature Algorithm: sha256WithRSAEncryption
6d:85:73:cb:a8:14:e9:a5:15:60:5a:47:93:13:2c:23:9f:1a:
a5:78:e2:92:ec:8f:7f:c8:0e:cd:7a:a6:f7:34:45:20:9a:7a:
26:e1:09:7f:92:44:73:79:e2:b9:55:50:dc:06:9b:41:62:60:
f6:83:19:76:9a:fe:f2:bb:42:0b:f1:f8:2b:a4:f4:fa:76:03:
b9:2e:ed:57:01:5a:ff:35:4d:8e:41:53:0f:72:09:4a:78:97:
d5:87:41:16:91:5e:5e:f0:96:bb:70:de:c1:4f:f2:0a:5b:2c:
4e:cc:d8:8b:7f:ce:10:c5:e6:d9:56:c5:94:13:90:ab:ab:c6:
e1:6a:81:7f:44:72:16:6e:7a:3b:60:df:af:34:6f:55:d8:96:
e3:6e:83:50:3c:7c:e1:c1:d0:38:fe:d3:d3:84:cb:c8:db:0c:
e0:d4:58:d3:91:82:4b:77:b3:f5:fc:42:91:d0:10:cb:c3:6c:
af:27:d7:a3:29:da:f7:ab:7e:d3:25:aa:ad:65:07:e4:0b:b6:
db:6b:14:fe:56:36:a3:58:d3:60:72:11:91:32:2b:cd:a0:8d:
e7:91:9c:60:c7:8a:89:51:c4:22:91:48:7c:da:ed:ce:fd:35:
d7:01:16:02:70:bd:2a:1e:75:a0:f6:55:9d:3a:f7:b8:a3:de:
91:de:d7:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtQZcfms85T4Dx7lvwh1wVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzJiNTUzZjBjYjBiMTM5MDBkNGMyZTBlNmM3NzlhY2Ew
M2UzYjEwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjljMmMxYWFlMjczMjY5NTQ1OTE0MTEyZTFiOWZlM2Q4ZDM3YzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI4/JakSMMWx3ygHdrQOAjx0Hd6p
fLoenQr/Vo4cLQwY+t/irg/IUXH96iwFCHWaKmYFakbRJc4dC271FvC18HLdTGES
JQPFrMOneew+txh7/UQ3elHSRMgsWJnA1cWSefEq36ywcItOXEy1N7CtOIRb7o6n
6SUThlVVVzR1AXH5xloMfAqSpdhvgAyMs6WVdUasQddMoMoCaqxmzrst3hjm5Q+T
U97gQO5KwO0hKCKG7nz4E/4oZRN67oUM0jX/rNzBY+A//xBkU8UcAkiRM6ENRIIE
A9wkrYsIcmH8I5Nd5xIvhPO7n0UsHcc6BMOcDeUf1StbhSHrmSCT1F838QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCKcLBquJzJpVFkUES4bn+PY03x7MB8GA1UdIwQY
MBaAFDRytVPwywsTkA1MLg5sd5rKA+OxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmIt
MGQyMDUyNWVkYzc0LzEvSXB3c0dxNG5NbWxVV1JRUkxodWY0OWpUZkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmItMGQyMDUyNWVkYzc0
LzEvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPhQAA6
MA0GCSqGSIb3DQEBCwUAA4IBAQBthXPLqBTppRVgWkeTEywjnxqleOKS7I9/yA7N
eqb3NEUgmnom4Ql/kkRzeeK5VVDcBptBYmD2gxl2mv7yu0IL8fgrpPT6dgO5Lu1X
AVr/NU2OQVMPcglKeJfVh0EWkV5e8Ja7cN7BT/IKWyxOzNiLf84QxebZVsWUE5Cr
q8bhaoF/RHIWbno7YN+vNG9V2JbjboNQPHzhwdA4/tPThMvI2wzg1FjTkYJLd7P1
/EKR0BDLw2yvJ9ejKdr3q37TJaqtZQfkC7bbaxT+VjajWNNgchGRMivNoI3nkZxg
x4qJUcQikUh82u3O/TXXARYCcL0qHnWg9lWdOve4o96R3tdY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org