Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM6HFyAR9t5Gxl23HfnDGWbWQfo.roa
File: NM6HFyAR9t5Gxl23HfnDGWbWQfo.roa (raw, json)
Hash identifier: 8XgtG50/c1H3aJ17yL9i0jf5ocD5Q9M9AREzHBqO32U=
Subject key identifier: 34:CE:87:17:20:11:F6:DE:46:C6:5D:B7:1D:F9:C3:19:66:D6:41:FA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD5567B07FCD95E3D1AF486D150F79
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM6HFyAR9t5Gxl23HfnDGWbWQfo.roa
Signing time: Tue 02 Jan 2024 10:34:37 +0000
ROA not before: Tue 02 Jan 2024 10:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216026
IP address blocks: 2a0e:97c0:585::/48 maxlen: 48
2a0e:97c0:580::/48 maxlen: 48
2a0e:97c0:583::/48 maxlen: 48
2a0e:97c0:581::/48 maxlen: 48
2a0e:97c0:584::/48 maxlen: 48
2a0e:97c0:582::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 18:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:55:67:b0:7f:cd:95:e3:d1:af:48:6d:15:0f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34ce87172011f6de46c65db71df9c31966d641fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:6f:f4:a3:c2:03:48:c0:a9:dd:68:95:9c:
a4:22:b8:0e:26:2c:e4:80:07:6a:46:a5:10:7a:8c:
35:80:b5:ec:d2:aa:af:74:cb:ce:de:e8:22:9d:65:
72:ec:2a:fc:30:ec:5a:c2:58:88:05:f8:aa:cc:4f:
76:30:1b:43:18:73:18:c5:b8:19:d9:9a:1d:91:9a:
6f:14:e3:0c:02:a3:68:1a:c0:ca:2b:6d:ec:bf:85:
df:f1:6b:86:00:17:2f:53:ad:aa:bc:c8:9c:e5:eb:
a6:70:5d:7a:9a:52:4f:52:53:65:88:bf:e4:a0:c6:
bc:93:c6:8b:a5:1b:98:39:23:f4:dc:8c:46:ee:1f:
48:44:1e:76:56:bf:a8:f4:89:ac:de:df:97:4b:fd:
2d:ff:3e:d0:d6:18:4d:f6:7f:ea:4a:bb:48:8e:f7:
72:9e:e5:28:43:04:b4:99:c2:46:6d:19:21:62:4b:
ec:a1:6e:32:1f:b0:4c:b3:ef:fa:5d:80:a2:b5:38:
47:21:62:5d:48:6d:36:ef:d4:95:f2:c6:7d:b9:9f:
cf:64:b2:97:33:e5:70:fa:6e:92:f8:e0:c7:08:5d:
a8:95:f9:e4:42:d0:e8:9c:ea:12:4a:0f:90:fb:1c:
96:68:c3:ab:ea:c9:12:ec:bb:07:04:7e:63:cd:38:
67:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CE:87:17:20:11:F6:DE:46:C6:5D:B7:1D:F9:C3:19:66:D6:41:FA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM6HFyAR9t5Gxl23HfnDGWbWQfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:580::-2a0e:97c0:585:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:8b:e4:92:26:8e:d1:41:d1:4f:3c:3f:4e:02:0e:94:4e:a9:
b3:a2:33:6d:2d:7b:2c:0e:e9:83:47:90:09:b2:c5:b1:79:c1:
07:ae:d4:e0:70:be:cc:c8:2e:ba:20:3d:ef:19:b7:5c:33:ae:
69:05:2a:07:bf:80:7e:29:08:d5:bc:20:3e:d7:d0:44:c0:82:
29:2f:14:db:6b:5e:d9:f8:48:f1:c3:31:6f:f1:cd:99:5d:fb:
1f:53:cf:03:76:ae:97:23:23:4f:d0:5c:cd:44:30:47:ff:b1:
a9:23:f1:32:36:63:09:95:5f:14:66:59:00:ac:5d:27:2f:f8:
86:ba:8d:66:c9:34:77:e5:38:59:68:95:70:1d:3b:2b:86:e2:
e5:fb:ec:df:06:8c:0c:24:fe:59:11:06:39:e5:47:6c:79:5f:
72:98:37:cd:4e:55:3e:cf:f9:1e:c0:26:2a:a8:0f:de:ab:2f:
cd:4b:7e:2c:38:48:12:b9:7a:7f:b5:df:a1:13:7b:e4:b7:8d:
b9:c1:31:d8:0c:df:61:37:02:8b:5e:cf:9f:3c:3f:55:be:e6:
9b:8d:8f:33:cf:30:3e:ed:17:bc:8c:74:01:01:51:a4:f3:4f:
31:c1:b3:ae:39:a5:1e:88:bc:9f:86:d4:9f:97:76:fd:b8:58:
aa:9f:37:04
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvVVnsH/NlePRr0htFQ95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNlODcxNzIwMTFmNmRlNDZjNjVkYjcxZGY5YzMxOTY2ZDY0MWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNxv9KPCA0jAqd1olZykIrgOJizk
gAdqRqUQeow1gLXs0qqvdMvO3uginWVy7Cr8MOxawliIBfiqzE92MBtDGHMYxbgZ
2ZodkZpvFOMMAqNoGsDKK23sv4Xf8WuGABcvU62qvMic5eumcF16mlJPUlNliL/k
oMa8k8aLpRuYOSP03IxG7h9IRB52Vr+o9Ims3t+XS/0t/z7Q1hhN9n/qSrtIjvdy
nuUoQwS0mcJGbRkhYkvsoW4yH7BMs+/6XYCitThHIWJdSG0279SV8sZ9uZ/PZLKX
M+Vw+m6S+ODHCF2olfnkQtDonOoSSg+Q+xyWaMOr6skS7LsHBH5jzThnuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDTOhxcgEfbeRsZdtx35wxlm1kH6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTk02SEZ5QVI5dDVHeGwyM0hmbkRHV2JXUWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDpfA
BYADBwEqDpfABYQwDQYJKoZIhvcNAQELBQADggEBACaL5JImjtFB0U88P04CDpRO
qbOiM20teywO6YNHkAmyxbF5wQeu1OBwvszILrogPe8Zt1wzrmkFKge/gH4pCNW8
ID7X0ETAgikvFNtrXtn4SPHDMW/xzZld+x9TzwN2rpcjI0/QXM1EMEf/sakj8TI2
YwmVXxRmWQCsXScv+Ia6jWbJNHflOFlolXAdOyuG4uX77N8GjAwk/lkRBjnlR2x5
X3KYN81OVT7P+R7AJiqoD96rL81Lfiw4SBK5en+136ETe+S3jbnBMdgM32E3Aote
z588P1W+5puNjzPPMD7tF7yMdAEBUaTzTzHBs645pR6IvJ+G1J+Xdv24WKqfNwQ=
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:31 2024 by rpki-client on console-ams.rpki-client.org