Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/NeC2IvdsG7FUU-qDI6jMUZ009g0.roa
File: NeC2IvdsG7FUU-qDI6jMUZ009g0.roa (raw, json)
Hash identifier: QrnqhABATx0SbuInpO0DvrWkfBPGDytXE6bUfU8Tmvg=
Subject key identifier: 35:E0:B6:22:F7:6C:1B:B1:54:53:EA:83:23:A8:CC:51:9D:34:F6:0D
Certificate issuer: /CN=9efae59ebf98b0100bf14c06ca6bee266876cced
Certificate serial: 01857283659B351DF5D318028C4971A9D16F
Authority key identifier: 9E:FA:E5:9E:BF:98:B0:10:0B:F1:4C:06:CA:6B:EE:26:68:76:CC:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nvrlnr-YsBAL8UwGymvuJmh2zO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/NeC2IvdsG7FUU-qDI6jMUZ009g0.roa
Signing time: Mon 02 Jan 2023 12:44:51 +0000
ROA not before: Mon 02 Jan 2023 12:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209173
IP address blocks: 2.56.36.0/23 maxlen: 23
2.56.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:65:9b:35:1d:f5:d3:18:02:8c:49:71:a9:d1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9efae59ebf98b0100bf14c06ca6bee266876cced
Validity
Not Before: Jan 2 12:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35e0b622f76c1bb15453ea8323a8cc519d34f60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cb:38:f1:28:f7:3c:48:fe:94:57:a3:5d:9f:
4a:3f:5b:d2:4e:07:05:cd:33:2f:42:e0:38:d4:50:
e0:31:47:ea:a1:d5:07:19:51:1c:b5:25:b7:d5:aa:
df:7c:aa:be:06:ea:a3:47:9d:91:30:08:37:10:1d:
7c:9a:d4:9a:5d:73:59:51:36:01:22:aa:e6:4d:17:
ef:49:87:c1:04:57:88:30:a8:ea:9c:61:ad:04:e0:
d1:1f:a9:a2:23:09:0e:7c:5d:a2:9a:05:ca:5b:e4:
57:6d:93:03:a8:c4:c1:d0:a3:c9:31:b7:ff:4c:39:
72:53:06:43:f1:7d:e2:78:98:af:5b:a1:d0:61:d7:
bc:6d:ba:04:4e:51:4b:c4:e0:49:37:6c:91:c5:18:
19:9b:63:46:54:df:f3:55:05:79:1a:46:37:4d:82:
39:5a:11:55:71:73:a9:e0:d0:aa:e3:9d:0f:a0:e7:
9a:17:f7:98:2a:ba:3b:8e:69:ed:06:13:0e:55:57:
cb:87:6b:ae:d2:ba:08:c5:14:0a:8f:f4:c2:9d:22:
7c:0a:48:b8:e0:e1:fb:36:ec:ed:ff:7a:5b:3c:77:
16:e4:8a:25:d4:f5:ea:a4:03:eb:d7:27:dc:e8:d3:
5c:b9:ae:cb:a0:68:01:0c:29:8d:8d:b0:15:d7:56:
e0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E0:B6:22:F7:6C:1B:B1:54:53:EA:83:23:A8:CC:51:9D:34:F6:0D
X509v3 Authority Key Identifier:
keyid:9E:FA:E5:9E:BF:98:B0:10:0B:F1:4C:06:CA:6B:EE:26:68:76:CC:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvrlnr-YsBAL8UwGymvuJmh2zO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/NeC2IvdsG7FUU-qDI6jMUZ009g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/nvrlnr-YsBAL8UwGymvuJmh2zO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.36.0/22
Signature Algorithm: sha256WithRSAEncryption
63:8c:59:ac:83:52:63:db:c7:c3:c7:77:f1:51:76:75:ee:30:
e9:62:c3:a6:35:c9:90:1b:75:34:18:7f:92:ec:d8:85:58:d4:
9f:5e:fd:1f:9c:55:ad:06:82:a6:b1:30:7f:2d:b5:f3:03:b8:
37:63:6c:f1:ed:2a:fd:b6:06:ce:37:63:e4:4f:ef:e4:27:56:
8c:d2:6d:8d:2d:a5:ed:4c:88:16:f1:ec:76:81:85:4c:0f:b0:
25:ef:ca:00:f3:23:c1:bc:c3:b4:58:4f:5c:b7:07:2b:8c:25:
b0:1c:63:5c:d3:cb:ad:ef:ef:b5:8b:1f:8e:a8:c0:64:65:61:
67:6e:ac:31:b4:3c:25:43:71:b8:0f:31:88:5a:bb:db:18:10:
41:b2:1d:cf:a1:f7:db:96:b5:d1:f4:9b:87:c9:a4:66:3f:6a:
b5:5b:9e:75:f9:80:88:c3:8d:ea:19:69:a9:bf:b1:40:9f:14:
42:17:42:9c:05:89:12:95:d8:5b:99:1e:b9:ae:0d:ad:7a:1b:
8c:82:dc:bb:59:f8:35:5d:ca:ac:d8:13:82:8d:7d:15:b1:f1:
2c:ec:61:cb:8c:e9:88:6c:f1:a9:69:a4:f6:e0:28:82:eb:7a:
8a:a9:03:63:ae:6d:4f:14:8f:4f:68:df:f0:ad:86:dd:de:e3:
f7:6a:5a:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg2WbNR310xgCjElxqdFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZmFlNTllYmY5OGIwMTAwYmYxNGMwNmNhNmJlZTI2Njg3
NmNjZWQwHhcNMjMwMTAyMTI0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWUwYjYyMmY3NmMxYmIxNTQ1M2VhODMyM2E4Y2M1MTlkMzRmNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhss48Sj3PEj+lFejXZ9KP1vSTgcF
zTMvQuA41FDgMUfqodUHGVEctSW31arffKq+BuqjR52RMAg3EB18mtSaXXNZUTYB
IqrmTRfvSYfBBFeIMKjqnGGtBODRH6miIwkOfF2imgXKW+RXbZMDqMTB0KPJMbf/
TDlyUwZD8X3ieJivW6HQYde8bboETlFLxOBJN2yRxRgZm2NGVN/zVQV5GkY3TYI5
WhFVcXOp4NCq450PoOeaF/eYKro7jmntBhMOVVfLh2uu0roIxRQKj/TCnSJ8Cki4
4OH7Nuzt/3pbPHcW5Iol1PXqpAPr1yfc6NNcua7LoGgBDCmNjbAV11bgLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXgtiL3bBuxVFPqgyOozFGdNPYNMB8GA1UdIwQY
MBaAFJ765Z6/mLAQC/FMBspr7iZodsztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZybG5yLVlzQkFMOFV3R3ltdnVKbWgyek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZjJlMDktNjg4NC00NjZlLWFmZWYt
YTBmNWM3ODEyN2JiLzEvTmVDMkl2ZHNHN0ZVVS1xREk2ak1VWjAwOWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZjJlMDktNjg4NC00NjZlLWFmZWYtYTBmNWM3ODEyN2Ji
LzEvbnZybG5yLVlzQkFMOFV3R3ltdnVKbWgyek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjgkMA0G
CSqGSIb3DQEBCwUAA4IBAQBjjFmsg1Jj28fDx3fxUXZ17jDpYsOmNcmQG3U0GH+S
7NiFWNSfXv0fnFWtBoKmsTB/LbXzA7g3Y2zx7Sr9tgbON2PkT+/kJ1aM0m2NLaXt
TIgW8ex2gYVMD7Al78oA8yPBvMO0WE9ctwcrjCWwHGNc08ut7++1ix+OqMBkZWFn
bqwxtDwlQ3G4DzGIWrvbGBBBsh3PoffblrXR9JuHyaRmP2q1W551+YCIw43qGWmp
v7FAnxRCF0KcBYkSldhbmR65rg2tehuMgty7Wfg1Xcqs2BOCjX0VsfEs7GHLjOmI
bPGpaaT24CiC63qKqQNjrm1PFI9PaN/wrYbd3uP3alqF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:29 2024 by rpki-client on console-fra.rpki-client.org