Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nhu4MoDo1t3B92H8LKv1XCsoPT8.roa
File: Nhu4MoDo1t3B92H8LKv1XCsoPT8.roa (raw, json)
Hash identifier: xvEeRjPlCPxFgdIBEtB4QNB8Fkmsm/oyD+yzPwlWfIg=
Subject key identifier: 36:1B:B8:32:80:E8:D6:DD:C1:F7:61:FC:2C:AB:F5:5C:2B:28:3D:3F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E77FE04507E7EF65204786F0F143D2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nhu4MoDo1t3B92H8LKv1XCsoPT8.roa
Signing time: Mon 02 Jan 2023 05:14:57 +0000
ROA not before: Mon 02 Jan 2023 05:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47422
IP address blocks: 2a0e:b107:5f0::/44 maxlen: 48
2a0e:b107:620::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:7f:e0:45:07:e7:ef:65:20:47:86:f0:f1:43:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=361bb83280e8d6ddc1f761fc2cabf55c2b283d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:ec:9a:86:6b:cb:cf:6c:7d:b2:52:0e:a5:
a9:6d:8b:6d:16:22:57:37:c6:fb:c1:32:99:90:b5:
6d:eb:2c:96:ad:de:2d:df:d1:ee:4f:46:db:eb:bb:
2e:69:8f:08:d8:51:29:be:a4:b0:eb:0b:5f:f9:76:
5f:24:af:f0:17:c6:10:f6:cd:9f:cd:2c:62:b7:e1:
cc:7b:4a:73:44:c9:6c:ef:9d:7f:6c:72:68:7c:61:
3f:b4:dd:bc:df:6b:07:cc:0e:54:c9:8a:bb:c3:15:
a9:5b:74:38:f7:b2:97:3f:9b:66:d2:e4:b9:63:2c:
fe:f5:9a:33:a8:29:90:41:5a:24:cd:e5:f7:33:aa:
f0:e1:4e:59:22:56:ee:a6:e6:0d:22:12:53:67:34:
04:1f:d2:a8:03:0f:c5:0e:ee:47:08:d4:f3:57:62:
51:89:11:a8:47:f1:85:49:41:9a:56:9d:51:3f:e1:
0d:86:81:5b:42:2d:ad:8f:c4:c5:33:a8:b2:ec:90:
c3:57:a2:d1:80:ab:d1:f6:6e:d1:34:64:b2:1c:d6:
2e:7b:57:1c:14:1d:de:3b:42:de:52:28:66:58:6a:
af:3b:10:6b:90:1c:32:72:c6:0e:9a:c7:96:2c:18:
60:97:b3:41:b8:0b:17:af:c1:aa:31:7d:00:14:3c:
9d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1B:B8:32:80:E8:D6:DD:C1:F7:61:FC:2C:AB:F5:5C:2B:28:3D:3F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nhu4MoDo1t3B92H8LKv1XCsoPT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5f0::/44
2a0e:b107:620::/44
Signature Algorithm: sha256WithRSAEncryption
cd:59:38:e2:3a:13:c6:53:48:c6:eb:be:26:c2:b4:1c:1d:68:
db:20:3d:37:c6:99:0f:15:e5:12:5e:e1:92:9d:39:55:e2:b5:
30:ca:36:49:9f:81:8a:0d:cd:5c:ba:18:67:43:db:33:89:c5:
5f:53:c7:c8:e4:6a:c3:be:2f:a0:59:39:7f:e6:e7:13:96:aa:
6c:74:6b:66:e3:47:4b:8f:80:8e:ae:b9:fe:de:af:ce:72:76:
ff:09:d2:a6:94:d5:35:81:08:70:93:7b:fe:bd:95:f2:25:11:
38:5f:b3:54:3c:ef:42:d9:3f:a4:e6:a1:85:8c:a4:04:64:50:
d8:10:4b:c9:75:ac:03:96:b2:ef:6e:71:07:1e:07:dd:1f:a5:
9d:ec:7f:2d:b3:fe:9b:ae:14:88:03:3d:4c:9f:49:a8:fb:dd:
41:91:f2:27:6d:f5:46:d4:5d:f9:de:10:d2:09:2d:14:92:17:
ed:5a:08:73:c1:4b:19:12:b8:e6:2f:ac:4d:fa:23:82:c8:1f:
80:0e:63:f4:74:34:0f:67:c9:37:6d:48:bd:56:0a:86:18:d3:
72:b1:1e:a1:10:de:52:6c:d8:86:2d:44:cb:0b:74:4c:39:56:
af:87:85:5b:4b:e6:65:f4:65:6d:bb:9c:07:4d:5e:36:c5:83:
a3:1f:db:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw53/gRQfn72UgR4bw8UPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFiYjgzMjgwZThkNmRkYzFmNzYxZmMyY2FiZjU1YzJiMjgzZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqLsmoZry89sfbJSDqWpbYttFiJX
N8b7wTKZkLVt6yyWrd4t39HuT0bb67suaY8I2FEpvqSw6wtf+XZfJK/wF8YQ9s2f
zSxit+HMe0pzRMls751/bHJofGE/tN2832sHzA5UyYq7wxWpW3Q497KXP5tm0uS5
Yyz+9ZozqCmQQVokzeX3M6rw4U5ZIlbupuYNIhJTZzQEH9KoAw/FDu5HCNTzV2JR
iRGoR/GFSUGaVp1RP+ENhoFbQi2tj8TFM6iy7JDDV6LRgKvR9m7RNGSyHNYue1cc
FB3eO0LeUihmWGqvOxBrkBwycsYOmseWLBhgl7NBuAsXr8GqMX0AFDydjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDYbuDKA6Nbdwfdh/Cyr9VwrKD0/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTmh1NE1vRG8xdDNCOTJIOExLdjFYQ3NvUFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwXw
AwcEKg6xBwYgMA0GCSqGSIb3DQEBCwUAA4IBAQDNWTjiOhPGU0jG674mwrQcHWjb
ID03xpkPFeUSXuGSnTlV4rUwyjZJn4GKDc1cuhhnQ9szicVfU8fI5GrDvi+gWTl/
5ucTlqpsdGtm40dLj4COrrn+3q/Ocnb/CdKmlNU1gQhwk3v+vZXyJRE4X7NUPO9C
2T+k5qGFjKQEZFDYEEvJdawDlrLvbnEHHgfdH6Wd7H8ts/6brhSIAz1Mn0mo+91B
kfInbfVG1F353hDSCS0UkhftWghzwUsZErjmL6xN+iOCyB+ADmP0dDQPZ8k3bUi9
VgqGGNNysR6hEN5SbNiGLUTLC3RMOVavh4VbS+Zl9GVtu5wHTV42xYOjH9um
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org