Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nsga5mZwsPpldVVqqZ-oo8oM6fQ.roa
File: nsga5mZwsPpldVVqqZ-oo8oM6fQ.roa (raw, json)
Hash identifier: g7zSDCk+9F2zBxEbJfIjI+/WPorpgxq0Qm4OWczLpgg=
Subject key identifier: 9E:C8:1A:E6:66:70:B0:FA:65:75:55:6A:A9:9F:A8:A3:CA:0C:E9:F4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E2E0E300EBE4ED12ECDC2E1BC13ACF91B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nsga5mZwsPpldVVqqZ-oo8oM6fQ.roa
Signing time: Mon 11 Mar 2024 15:07:45 +0000
ROA not before: Mon 11 Mar 2024 15:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34927
IP address blocks: 2a10:ccc3:ccc0::/46 maxlen: 48
2a10:ccc3:ccc6::/48 maxlen: 48
2a10:ccc3:ccca::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 15:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:0e:30:0e:be:4e:d1:2e:cd:c2:e1:bc:13:ac:f9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 11 15:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ec81ae66670b0fa6575556aa99fa8a3ca0ce9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:a6:cc:6a:85:b7:70:d2:ca:68:43:b1:90:
79:c7:00:6d:b9:37:3b:60:9f:b8:9b:2b:3d:c2:20:
c1:f6:83:b9:3f:8f:19:b6:88:2c:36:6c:a9:cc:2c:
49:de:27:17:e1:d6:80:f9:2f:65:b6:96:ab:3c:e2:
25:c4:bb:8f:33:81:11:30:ef:88:f1:3a:e3:89:6b:
cc:fd:91:74:99:59:f3:c6:48:04:81:8b:c3:06:4d:
3c:04:46:01:cc:1a:77:86:f7:88:28:3f:c7:58:3c:
76:46:b6:95:c7:7b:a9:e3:19:ed:ae:4d:c2:2e:e3:
9d:80:e6:33:82:4a:05:b1:25:9e:b5:3f:74:e2:6a:
b9:f3:44:4b:ec:30:a0:e4:8f:34:f2:99:3c:76:7f:
94:80:a2:0f:78:39:4b:8e:02:cb:79:bc:2d:68:b5:
e8:61:4f:8c:69:09:db:97:20:b2:09:72:38:40:e0:
d4:9f:9a:19:ab:ff:86:2a:9a:54:38:45:ad:88:55:
99:93:79:24:10:d0:8e:e3:7b:cf:44:5e:62:85:9a:
3a:6c:66:ef:6c:fa:ee:c7:2e:f2:64:6e:61:79:43:
a5:95:71:f2:b0:eb:82:5f:7a:29:68:e9:4c:8c:ca:
86:58:91:a0:b3:40:72:43:37:b5:2c:16:f6:ab:72:
f8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C8:1A:E6:66:70:B0:FA:65:75:55:6A:A9:9F:A8:A3:CA:0C:E9:F4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nsga5mZwsPpldVVqqZ-oo8oM6fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc0::/46
2a10:ccc3:ccc6::/48
2a10:ccc3:ccca::/48
Signature Algorithm: sha256WithRSAEncryption
11:ab:0f:d9:ae:e7:8e:ca:f2:d5:ac:62:ae:cd:7d:41:a3:d5:
89:e7:ea:24:f8:7b:10:4d:82:b9:76:6c:78:8a:0e:b7:75:c9:
13:af:8f:dd:83:74:e3:c7:b6:c3:5b:07:31:3a:ed:29:e4:8f:
07:b6:c0:bd:32:89:67:0c:fc:d3:25:cf:45:f0:9a:07:df:72:
62:10:74:12:d0:af:49:f5:c1:7c:9a:a9:59:18:8b:05:27:5e:
c3:5f:18:d8:94:01:3f:1a:07:a2:39:94:88:82:6b:b9:20:49:
c7:00:c8:1a:df:5d:c8:b2:13:39:2f:02:ee:33:04:48:ba:93:
4a:16:fe:3e:03:d0:a4:e9:0f:b7:8a:41:92:0e:3d:05:20:4c:
e8:ef:af:9a:48:b9:18:7d:56:ac:d1:5d:be:7d:ef:c1:47:72:
4f:06:92:23:a1:00:0a:75:24:e0:1e:8c:81:6a:e2:b3:54:18:
3d:64:61:a9:c8:9b:d7:c7:69:77:c9:1f:7f:2f:72:f5:56:cf:
a2:9a:4e:af:b7:52:cf:6f:22:fb:bf:85:6e:21:f2:90:51:0f:
7c:08:12:0c:3f:9d:9f:80:44:63:18:e4:cc:06:b5:b9:95:ab:
1f:24:33:f8:3c:3b:be:9c:f4:62:ec:dd:6e:ad:8f:6c:e8:59:
5d:81:85:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY4uDjAOvk7RLs3C4bwTrPkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzExMTUwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM4MWFlNjY2NzBiMGZhNjU3NTU1NmFhOTlmYThhM2NhMGNlOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruqmzGqFt3DSymhDsZB5xwBtuTc7
YJ+4mys9wiDB9oO5P48ZtogsNmypzCxJ3icX4daA+S9ltparPOIlxLuPM4ERMO+I
8TrjiWvM/ZF0mVnzxkgEgYvDBk08BEYBzBp3hveIKD/HWDx2RraVx3up4xntrk3C
LuOdgOYzgkoFsSWetT904mq580RL7DCg5I808pk8dn+UgKIPeDlLjgLLebwtaLXo
YU+MaQnblyCyCXI4QODUn5oZq/+GKppUOEWtiFWZk3kkENCO43vPRF5ihZo6bGbv
bPruxy7yZG5heUOllXHysOuCX3opaOlMjMqGWJGgs0ByQze1LBb2q3L4lQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ7IGuZmcLD6ZXVVaqmfqKPKDOn0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbnNnYTVtWndzUHBsZFZWcXFaLW9vOG9NNmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcCKhDMw8zA
AwcAKhDMw8zGAwcAKhDMw8zKMA0GCSqGSIb3DQEBCwUAA4IBAQARqw/ZrueOyvLV
rGKuzX1Bo9WJ5+ok+HsQTYK5dmx4ig63dckTr4/dg3Tjx7bDWwcxOu0p5I8HtsC9
MolnDPzTJc9F8JoH33JiEHQS0K9J9cF8mqlZGIsFJ17DXxjYlAE/GgeiOZSIgmu5
IEnHAMga313IshM5LwLuMwRIupNKFv4+A9Ck6Q+3ikGSDj0FIEzo76+aSLkYfVas
0V2+fe/BR3JPBpIjoQAKdSTgHoyBauKzVBg9ZGGpyJvXx2l3yR9/L3L1Vs+imk6v
t1LPbyL7v4VuIfKQUQ98CBIMP52fgERjGOTMBrW5lasfJDP4PDu+nPRi7N1urY9s
6FldgYUs
-----END CERTIFICATE-----
Generated at Thu Mar 14 20:00:23 2024 by rpki-client on console-fra.rpki-client.org