Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NSIbZxSsv72ATm3_iJ2Nc-WO37s.roa
File: NSIbZxSsv72ATm3_iJ2Nc-WO37s.roa (raw, json)
Hash identifier: skglGeyd51bzNY1ZZgNivSF0j/9EL6brQGkFB+DAF5Y=
Subject key identifier: 35:22:1B:67:14:AC:BF:BD:80:4E:6D:FF:88:9D:8D:73:E5:8E:DF:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7D6978E1A87FC4455A1FF1B33FEA4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NSIbZxSsv72ATm3_iJ2Nc-WO37s.roa
Signing time: Mon 02 Jan 2023 05:15:20 +0000
ROA not before: Mon 02 Jan 2023 05:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208699
IP address blocks: 2a0e:97c0:730::/48 maxlen: 48
2a0e:97c0:731::/48 maxlen: 48
2a0e:97c0:738::/45 maxlen: 48
2a0e:b107:9fe::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:d6:97:8e:1a:87:fc:44:55:a1:ff:1b:33:fe:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35221b6714acbfbd804e6dff889d8d73e58edfbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c8:5b:7d:3f:e0:96:63:a6:86:d6:84:7f:64:
e0:cc:65:eb:cb:ae:b5:a9:9b:35:d8:60:5e:f8:27:
a1:c3:05:c9:e0:65:63:09:7a:18:14:dc:c4:ab:70:
69:d3:8b:c6:fb:c6:7f:fa:63:21:af:9a:5e:e7:f1:
d1:ba:64:32:f9:0e:ac:1a:9b:12:eb:3b:6c:a6:58:
ba:f9:05:84:a4:29:d0:37:22:ba:9d:d9:d7:dc:f3:
9f:f5:d1:04:6e:43:11:e1:9e:f7:e2:56:4a:c2:0e:
23:2f:b3:db:71:15:43:5c:78:24:8a:68:b3:78:c6:
97:59:f0:73:74:d7:52:cd:b6:69:12:37:f2:a0:63:
80:aa:fd:5d:05:86:f2:7e:e7:d4:e9:94:42:ad:51:
f2:55:db:ac:35:e3:28:9a:13:56:93:fd:da:ff:9b:
d7:ad:57:d2:4d:44:c6:fc:1e:d0:c0:f7:2a:f6:d7:
3d:db:06:30:34:ff:9d:ea:fc:2d:4a:bf:5f:58:69:
d2:a1:42:a7:fa:5c:b4:0c:2a:fd:ff:4c:4c:9d:dd:
60:58:30:94:b7:e3:e7:cb:40:04:50:63:bc:86:a2:
9c:e7:c1:6e:26:2c:c6:dd:71:76:4a:13:6a:f8:ec:
d0:a8:70:82:e8:40:77:f9:ae:19:99:ae:dc:de:cc:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:22:1B:67:14:AC:BF:BD:80:4E:6D:FF:88:9D:8D:73:E5:8E:DF:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NSIbZxSsv72ATm3_iJ2Nc-WO37s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:730::/47
2a0e:97c0:738::/45
2a0e:b107:9fe::/48
Signature Algorithm: sha256WithRSAEncryption
90:af:52:1e:0d:ba:4a:24:44:0b:7b:de:46:1c:99:ec:fa:0e:
24:b1:40:0f:8f:3e:75:f6:c1:6a:b7:54:4a:3c:78:d1:b7:1d:
75:7e:4b:25:6d:cb:d6:06:e4:55:39:a6:ad:c8:24:8e:95:2f:
c5:91:ee:61:b0:93:b8:7d:74:5d:77:aa:34:64:8c:74:79:98:
58:48:2e:2e:27:b9:69:ce:94:18:10:31:bb:30:18:f6:9f:57:
7c:c6:0f:3a:cc:1d:ce:f6:52:6f:fe:be:92:df:2a:ac:9c:62:
7b:b3:09:8f:d4:99:f9:28:86:53:d1:45:a9:5f:c0:f3:73:f1:
e1:7c:f7:86:1e:72:d0:aa:25:18:65:db:56:ae:ea:dd:d7:7e:
11:fb:4b:92:25:34:70:12:95:e1:95:85:7c:ca:64:d4:9e:bb:
95:f6:80:7e:3e:f2:1f:81:b2:76:2a:9d:9b:47:41:ae:76:e5:
99:4c:27:2d:e7:22:58:67:53:c2:d1:b1:80:77:29:85:6d:81:
af:62:3d:ed:30:59:63:6b:cc:9d:18:bf:c6:74:cc:5f:61:10:
3e:ef:e4:d0:9e:05:54:ae:9b:2a:70:f6:25:51:01:8a:c4:dc:
aa:d5:16:86:7a:60:ec:9f:cb:e6:b3:46:bb:6b:2e:08:5d:d0:
53:a4:c9:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw59aXjhqH/ERVof8bM/6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIyMWI2NzE0YWNiZmJkODA0ZTZkZmY4ODlkOGQ3M2U1OGVkZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MhbfT/glmOmhtaEf2TgzGXry661
qZs12GBe+CehwwXJ4GVjCXoYFNzEq3Bp04vG+8Z/+mMhr5pe5/HRumQy+Q6sGpsS
6ztspli6+QWEpCnQNyK6ndnX3POf9dEEbkMR4Z734lZKwg4jL7PbcRVDXHgkimiz
eMaXWfBzdNdSzbZpEjfyoGOAqv1dBYbyfufU6ZRCrVHyVdusNeMomhNWk/3a/5vX
rVfSTUTG/B7QwPcq9tc92wYwNP+d6vwtSr9fWGnSoUKn+ly0DCr9/0xMnd1gWDCU
t+Pny0AEUGO8hqKc58FuJizG3XF2ShNq+OzQqHCC6EB3+a4Zma7c3syYYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDUiG2cUrL+9gE5t/4idjXPljt+7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTlNJYlp4U3N2NzJBVG0zX2lKMk5jLVdPMzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAcw
AwcDKg6XwAc4AwcAKg6xBwn+MA0GCSqGSIb3DQEBCwUAA4IBAQCQr1IeDbpKJEQL
e95GHJns+g4ksUAPjz519sFqt1RKPHjRtx11fkslbcvWBuRVOaatyCSOlS/Fke5h
sJO4fXRdd6o0ZIx0eZhYSC4uJ7lpzpQYEDG7MBj2n1d8xg86zB3O9lJv/r6S3yqs
nGJ7swmP1Jn5KIZT0UWpX8Dzc/HhfPeGHnLQqiUYZdtWrurd134R+0uSJTRwEpXh
lYV8ymTUnruV9oB+PvIfgbJ2Kp2bR0GuduWZTCct5yJYZ1PC0bGAdymFbYGvYj3t
MFlja8ydGL/GdMxfYRA+7+TQngVUrpsqcPYlUQGKxNyq1RaGemDsn8vms0a7ay4I
XdBTpMm3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org