Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NGQpUt80O7jC4MtDASDfnUa_ROw.roa
File: NGQpUt80O7jC4MtDASDfnUa_ROw.roa (raw, json)
Hash identifier: hq8dCaz10O26gc8kJdZQLFFsu0+XcHFLhMGfsgI1x7Y=
Subject key identifier: 34:64:29:52:DF:34:3B:B8:C2:E0:CB:43:01:20:DF:9D:46:BF:44:EC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D32CE38A0658F0C4667F40BC410477E2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NGQpUt80O7jC4MtDASDfnUa_ROw.roa
Signing time: Mon 22 Jan 2024 20:13:12 +0000
ROA not before: Mon 22 Jan 2024 20:13:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207445
IP address blocks: 2a0e:b107:444::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 04:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:ce:38:a0:65:8f:0c:46:67:f4:0b:c4:10:47:7e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 22 20:13:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34642952df343bb8c2e0cb430120df9d46bf44ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:33:de:10:47:48:dd:40:70:81:23:54:7f:b9:
7d:09:f8:b2:04:3e:db:d8:49:8f:e5:b3:3d:57:f2:
8d:96:cb:08:cf:27:97:39:f4:3a:04:38:84:36:52:
15:99:8c:af:34:81:28:1c:5d:01:d2:4f:6e:61:d4:
73:52:53:b6:bb:57:43:79:1f:93:b4:b8:1c:e5:66:
e7:7e:55:3e:30:61:93:f5:27:6f:cd:15:75:c2:b6:
03:5a:52:65:65:2b:d1:22:f8:9c:56:c0:25:a4:1b:
ed:03:6f:5c:42:39:cc:38:b8:00:cf:7f:6b:da:be:
7a:67:b0:85:f5:6f:dd:f8:ca:37:55:50:40:47:8c:
3f:41:d4:16:90:68:68:8b:ab:fc:0e:1a:9a:50:9c:
e3:24:7b:3a:d1:8c:20:08:9a:b9:2a:0e:53:22:df:
c9:d8:83:b6:4d:d7:61:71:cf:e5:b6:1a:16:51:4c:
87:23:dc:93:57:c7:a6:34:d9:58:0f:f8:87:b0:51:
31:f7:dd:e8:e4:fa:68:f6:84:a0:ae:a4:2d:a4:40:
ba:82:24:f9:2d:6c:60:48:31:35:c9:94:65:06:68:
23:ae:d8:ed:1c:80:03:b8:92:d3:49:39:0d:4f:d2:
91:91:dc:8f:86:11:ff:0f:43:37:a5:13:34:89:8c:
19:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:64:29:52:DF:34:3B:B8:C2:E0:CB:43:01:20:DF:9D:46:BF:44:EC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NGQpUt80O7jC4MtDASDfnUa_ROw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:444::/48
Signature Algorithm: sha256WithRSAEncryption
31:a4:73:d3:23:f2:fd:df:71:55:65:5a:5b:a5:42:ac:21:aa:
2e:46:11:f5:64:36:5a:cf:2a:90:7a:23:24:10:09:40:a4:3c:
28:ae:e6:fb:fd:52:db:ad:3e:c2:a9:8b:ac:ee:a4:c0:06:d7:
52:b2:f2:a9:8f:aa:01:97:e2:8e:a0:1a:76:c1:33:89:a9:ec:
3d:7d:8a:2d:66:76:42:22:d6:c7:f7:a9:21:76:64:55:db:cc:
2b:6f:2c:ff:01:0c:f5:e5:25:85:01:ea:00:5c:98:cf:54:12:
75:e0:bd:f4:20:0c:a2:2a:53:31:24:cc:99:ba:2e:8b:1d:35:
96:31:48:eb:3a:68:12:97:a6:ee:5e:ab:d6:a7:6a:a9:53:7b:
bc:34:4d:10:08:f1:78:a2:59:6d:ec:e0:38:55:d2:08:b1:81:
16:8a:d3:04:56:21:e5:05:de:b0:94:44:aa:37:37:09:ea:d8:
2d:30:a7:a4:80:a0:3e:57:8f:05:b8:b5:17:7e:b0:78:43:92:
98:a5:fd:74:b1:ac:e7:ef:2f:26:10:23:3c:fa:12:fc:b8:d8:
1b:d8:85:d7:a3:ee:bb:6b:a6:4e:5a:36:31:60:49:6b:d8:6b:
a3:ac:e9:26:74:34:25:33:ae:dd:68:83:36:53:e0:07:2f:dd:
b6:93:64:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0yzjigZY8MRmf0C8QQR34sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTIyMjAxMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY0Mjk1MmRmMzQzYmI4YzJlMGNiNDMwMTIwZGY5ZDQ2YmY0NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizPeEEdI3UBwgSNUf7l9CfiyBD7b
2EmP5bM9V/KNlssIzyeXOfQ6BDiENlIVmYyvNIEoHF0B0k9uYdRzUlO2u1dDeR+T
tLgc5WbnflU+MGGT9SdvzRV1wrYDWlJlZSvRIvicVsAlpBvtA29cQjnMOLgAz39r
2r56Z7CF9W/d+Mo3VVBAR4w/QdQWkGhoi6v8DhqaUJzjJHs60YwgCJq5Kg5TIt/J
2IO2Tddhcc/lthoWUUyHI9yTV8emNNlYD/iHsFEx993o5Ppo9oSgrqQtpEC6giT5
LWxgSDE1yZRlBmgjrtjtHIADuJLTSTkNT9KRkdyPhhH/D0M3pRM0iYwZowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDRkKVLfNDu4wuDLQwEg351Gv0TsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTkdRcFV0ODBPN2pDNE10REFTRGZuVWFfUk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwRE
MA0GCSqGSIb3DQEBCwUAA4IBAQAxpHPTI/L933FVZVpbpUKsIaouRhH1ZDZazyqQ
eiMkEAlApDworub7/VLbrT7CqYus7qTABtdSsvKpj6oBl+KOoBp2wTOJqew9fYot
ZnZCItbH96khdmRV28wrbyz/AQz15SWFAeoAXJjPVBJ14L30IAyiKlMxJMyZui6L
HTWWMUjrOmgSl6buXqvWp2qpU3u8NE0QCPF4ollt7OA4VdIIsYEWitMEViHlBd6w
lESqNzcJ6tgtMKekgKA+V48FuLUXfrB4Q5KYpf10sazn7y8mECM8+hL8uNgb2IXX
o+67a6ZOWjYxYElr2GujrOkmdDQlM67daIM2U+AHL922k2T+
-----END CERTIFICATE-----
Generated at Tue Jan 23 05:56:23 2024 by rpki-client on console-ams.rpki-client.org