Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM9-K24LvcLIPNaPVuIu4RyDVtg.roa
File: NM9-K24LvcLIPNaPVuIu4RyDVtg.roa (raw, json)
Hash identifier: FRZn79lHZTmUDBcJJjglqpDeUbfMLMFYtlQ5+Bm4ryA=
Subject key identifier: 34:CF:7E:2B:6E:0B:BD:C2:C8:3C:D6:8F:56:E2:2E:E1:1C:83:56:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AEBCAA46F939D97BF4ED067B0986E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM9-K24LvcLIPNaPVuIu4RyDVtg.roa
Signing time: Tue 24 Jan 2023 16:09:47 +0000
ROA not before: Tue 24 Jan 2023 16:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210633
IP address blocks: 2a0e:b107:1880::/44 maxlen: 48
2a0e:b107:1960::/44 maxlen: 48
2a0e:b107:1888::/45 maxlen: 48
2a0e:b107:1880::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:eb:ca:a4:6f:93:9d:97:bf:4e:d0:67:b0:98:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34cf7e2b6e0bbdc2c83cd68f56e22ee11c8356d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f3:5d:a6:4b:b9:a0:5d:89:c0:b5:51:83:5c:
04:8d:9e:8f:70:d4:91:ec:f9:55:e7:f1:db:9e:ae:
77:aa:e3:41:4c:03:c7:e1:84:a8:67:42:46:32:ba:
39:87:c7:1d:d5:ec:f8:ce:07:aa:4e:0d:82:dd:d2:
3e:44:75:fb:1b:8f:f8:5f:0d:6b:07:5d:a1:6b:72:
36:42:86:ec:0a:b6:51:93:62:f5:03:be:bf:08:91:
68:c0:30:d0:66:74:6f:24:12:67:eb:a7:bc:49:88:
41:5a:8c:1e:84:ee:3f:de:bd:da:00:ce:58:5d:ba:
52:aa:22:f3:8b:40:10:b4:11:c0:1d:c7:32:08:d5:
3b:d4:a2:4b:00:4f:89:be:b8:5d:ec:0a:35:47:a4:
8c:9a:de:d0:f5:7f:15:40:65:16:d2:27:b4:0e:88:
f6:24:93:fc:3a:f9:35:29:25:83:62:79:de:3e:c8:
e3:94:18:17:6f:ed:f2:47:22:df:1d:be:64:12:9b:
c5:15:db:d6:9c:9c:b2:32:0c:0e:aa:5b:10:9e:2d:
91:98:43:55:6f:d3:ec:af:d8:72:06:4e:9a:06:c8:
e9:7c:54:3c:a0:33:41:35:95:bb:81:4d:94:f4:96:
8d:a6:9c:4b:bb:9f:54:aa:0d:c8:19:e9:bf:bf:36:
3d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CF:7E:2B:6E:0B:BD:C2:C8:3C:D6:8F:56:E2:2E:E1:1C:83:56:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NM9-K24LvcLIPNaPVuIu4RyDVtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1880::/44
2a0e:b107:1960::/44
Signature Algorithm: sha256WithRSAEncryption
57:e3:94:89:e8:eb:3a:10:fa:f4:93:59:b9:d1:af:ea:c0:b6:
92:73:ba:78:93:23:11:7b:de:07:03:77:e8:b3:67:ee:bc:79:
5b:22:02:9a:8d:e6:f2:99:7b:02:aa:df:7e:0c:4b:62:10:d2:
4d:30:fc:77:bd:b7:67:70:c9:a6:e0:72:93:d3:08:04:3a:67:
95:c8:e4:0a:f5:6e:ba:77:90:a3:e5:47:b1:66:f8:92:83:f3:
48:f5:31:4e:6b:f3:75:f1:86:41:4e:f7:cf:db:6d:ef:0c:43:
65:7e:53:76:15:4c:a4:72:04:25:98:9a:7f:c4:c1:5a:c3:59:
62:3b:94:fe:bd:50:d2:b6:12:9c:95:56:09:dd:b1:8f:da:96:
1f:d7:69:3e:b5:03:e2:de:c6:52:5e:f8:90:c8:58:af:18:02:
9a:06:98:5a:89:26:c8:c8:c5:05:99:17:64:43:a2:90:92:c1:
ad:25:b7:72:a7:24:a7:49:5c:4a:83:4f:05:1e:e3:28:87:8d:
62:8e:86:28:21:cd:58:57:fe:48:82:40:bc:de:9c:4b:9b:d1:
17:11:4d:79:e5:1c:6b:ad:23:d3:af:0c:d3:bc:06:91:05:53:
30:a1:a9:44:05:cd:d5:8e:2f:31:50:e0:4c:c1:9a:b5:29:0e:
b2:29:de:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiuvKpG+TnZe/TtBnsJhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNmN2UyYjZlMGJiZGMyYzgzY2Q2OGY1NmUyMmVlMTFjODM1NmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvNdpku5oF2JwLVRg1wEjZ6PcNSR
7PlV5/Hbnq53quNBTAPH4YSoZ0JGMro5h8cd1ez4zgeqTg2C3dI+RHX7G4/4Xw1r
B12ha3I2QobsCrZRk2L1A76/CJFowDDQZnRvJBJn66e8SYhBWowehO4/3r3aAM5Y
XbpSqiLzi0AQtBHAHccyCNU71KJLAE+Jvrhd7Ao1R6SMmt7Q9X8VQGUW0ie0Doj2
JJP8Ovk1KSWDYnnePsjjlBgXb+3yRyLfHb5kEpvFFdvWnJyyMgwOqlsQni2RmENV
b9Psr9hyBk6aBsjpfFQ8oDNBNZW7gU2U9JaNppxLu59Uqg3IGem/vzY9aQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDTPfituC73CyDzWj1biLuEcg1bYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTk05LUsyNEx2Y0xJUE5hUFZ1SXU0UnlEVnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxiA
AwcEKg6xBxlgMA0GCSqGSIb3DQEBCwUAA4IBAQBX45SJ6Os6EPr0k1m50a/qwLaS
c7p4kyMRe94HA3fos2fuvHlbIgKajebymXsCqt9+DEtiENJNMPx3vbdncMmm4HKT
0wgEOmeVyOQK9W66d5Cj5UexZviSg/NI9TFOa/N18YZBTvfP223vDENlflN2FUyk
cgQlmJp/xMFaw1liO5T+vVDSthKclVYJ3bGP2pYf12k+tQPi3sZSXviQyFivGAKa
BphaiSbIyMUFmRdkQ6KQksGtJbdypySnSVxKg08FHuMoh41ijoYoIc1YV/5IgkC8
3pxLm9EXEU155RxrrSPTrwzTvAaRBVMwoalEBc3Vji8xUOBMwZq1KQ6yKd43
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org