Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nwcHt5-LkCRPCxbLd4DcG3g2aS4.roa
File: nwcHt5-LkCRPCxbLd4DcG3g2aS4.roa (raw, json)
Hash identifier: nkSugZ6FhuMPMut64RY9Dti5lgdcVWgEx0Lb9NHW1ww=
Subject key identifier: 9F:07:07:B7:9F:8B:90:24:4F:0B:16:CB:77:80:DC:1B:78:36:69:2E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01862B65B083C7733EA0569B4E5C47618F44
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nwcHt5-LkCRPCxbLd4DcG3g2aS4.roa
Signing time: Tue 07 Feb 2023 10:22:09 +0000
ROA not before: Tue 07 Feb 2023 10:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211659
IP address blocks: 2a0e:b105:120::/48 maxlen: 48
2a0e:97c0:261::/48 maxlen: 48
2a0e:b105:121::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Feb 2023 04:20:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:65:b0:83:c7:73:3e:a0:56:9b:4e:5c:47:61:8f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 7 10:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f0707b79f8b90244f0b16cb7780dc1b7836692e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:72:bd:3e:4a:14:b8:dd:cb:1d:8b:da:ec:
fc:24:36:1c:b4:b4:e5:5e:45:7c:a7:78:2e:85:ef:
81:39:21:f2:bc:ff:f8:fb:7f:36:cf:3d:92:67:89:
f4:12:36:d2:da:16:14:da:57:79:45:85:ec:94:4b:
f1:7c:e4:b6:3d:3b:f1:73:e7:f2:bc:98:84:4e:e2:
61:c8:de:c5:03:a5:76:94:c3:85:d2:c5:50:e1:76:
9e:99:39:a8:1e:7b:e1:2c:d3:0c:29:b7:84:0c:af:
37:be:9d:1b:56:2c:75:b1:ca:e4:9e:30:7c:da:2a:
a2:83:0a:a3:65:aa:b8:3b:59:3d:0a:c4:cf:37:87:
a5:f9:d0:e9:dc:c8:18:c5:11:d2:ba:13:04:70:65:
91:38:55:54:1b:04:ea:76:7e:af:19:a5:50:d9:97:
6d:89:14:da:7b:20:16:12:cb:ad:1f:9a:a4:4d:29:
31:b3:39:c5:c7:67:66:03:26:91:87:6d:da:9f:b4:
05:9a:e2:81:5f:cd:ca:f9:73:bd:18:a8:ae:56:79:
73:08:12:4e:d4:8d:02:fe:cf:e8:14:14:a1:f5:ee:
d9:b8:d3:ca:bf:c5:6d:70:7c:d2:8a:af:91:b3:19:
85:f6:58:c0:03:12:43:3e:26:39:e2:9c:f7:66:b5:
4a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:07:07:B7:9F:8B:90:24:4F:0B:16:CB:77:80:DC:1B:78:36:69:2E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nwcHt5-LkCRPCxbLd4DcG3g2aS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:261::/48
2a0e:b105:120::/47
Signature Algorithm: sha256WithRSAEncryption
69:fd:4b:9e:4b:82:74:df:b4:8c:29:35:91:99:bb:ae:5e:eb:
00:f6:78:ce:24:56:8a:c0:d5:32:c9:c0:ba:9b:65:86:99:17:
5d:a3:06:67:a1:ae:26:f2:e5:f3:dd:76:86:45:2c:1e:50:98:
ee:7a:cf:a7:ad:17:29:1a:b2:3c:f1:7d:64:75:c1:09:bc:eb:
16:2b:3f:79:87:16:ce:37:77:fd:7f:d4:4b:3d:c0:be:b1:d1:
5d:4e:56:24:1b:50:07:b1:74:4d:02:e2:29:a7:59:fa:df:b1:
9d:ce:ce:b9:5d:ad:6a:ec:c9:46:5f:b2:d7:56:47:bc:9a:f6:
c5:97:64:55:0e:a9:87:56:a4:ad:3c:22:04:f8:5a:61:cf:87:
9a:6b:b8:5f:33:4e:89:a1:44:0e:3c:d3:66:f3:0d:54:81:5e:
5c:2a:08:d4:1d:f9:6d:c0:bf:0b:02:73:a1:b7:98:00:7b:0e:
a6:e6:83:15:a4:d7:24:51:9b:43:2b:32:cc:e9:48:be:52:51:
e2:10:a9:55:f3:ba:4c:f7:43:06:b0:ed:52:f7:9f:65:3f:15:
02:04:3a:5c:d0:85:d7:71:a3:d4:04:45:2a:ef:c2:6e:41:10:
b4:a7:e5:e0:bb:4b:a7:c2:4a:15:06:42:47:9d:50:ae:ea:e4:
b1:78:ed:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYrZbCDx3M+oFabTlxHYY9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA3MTAyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA3MDdiNzlmOGI5MDI0NGYwYjE2Y2I3NzgwZGMxYjc4MzY2OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDJyvT5KFLjdyx2L2uz8JDYctLTl
XkV8p3guhe+BOSHyvP/4+382zz2SZ4n0EjbS2hYU2ld5RYXslEvxfOS2PTvxc+fy
vJiETuJhyN7FA6V2lMOF0sVQ4XaemTmoHnvhLNMMKbeEDK83vp0bVix1scrknjB8
2iqigwqjZaq4O1k9CsTPN4el+dDp3MgYxRHSuhMEcGWROFVUGwTqdn6vGaVQ2Zdt
iRTaeyAWEsutH5qkTSkxsznFx2dmAyaRh23an7QFmuKBX83K+XO9GKiuVnlzCBJO
1I0C/s/oFBSh9e7ZuNPKv8VtcHzSiq+RsxmF9ljAAxJDPiY54pz3ZrVKewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8HB7efi5AkTwsWy3eA3Bt4NmkuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbndjSHQ1LUxrQ1JQQ3hiTGQ0RGNHM2cyYVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAJh
AwcBKg6xBQEgMA0GCSqGSIb3DQEBCwUAA4IBAQBp/UueS4J037SMKTWRmbuuXusA
9njOJFaKwNUyycC6m2WGmRddowZnoa4m8uXz3XaGRSweUJjues+nrRcpGrI88X1k
dcEJvOsWKz95hxbON3f9f9RLPcC+sdFdTlYkG1AHsXRNAuIpp1n637Gdzs65Xa1q
7MlGX7LXVke8mvbFl2RVDqmHVqStPCIE+Fphz4eaa7hfM06JoUQOPNNm8w1UgV5c
KgjUHfltwL8LAnOht5gAew6m5oMVpNckUZtDKzLM6Ui+UlHiEKlV87pM90MGsO1S
959lPxUCBDpc0IXXcaPUBEUq78JuQRC0p+Xgu0unwkoVBkJHnVCu6uSxeO3E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org