Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/N27EkjN5aLXrTs41ECeu33EKuWQ.roa
File: N27EkjN5aLXrTs41ECeu33EKuWQ.roa (raw, json)
Hash identifier: JObf+Gk3ph0/vjpEcmSTLXdZ6qnK0T67T2lijLYV9HU=
Subject key identifier: 37:6E:C4:92:33:79:68:B5:EB:4E:CE:35:10:27:AE:DF:71:0A:B9:64
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 01856D81B2CB6877C044BE6A0E455E4D51D0
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/N27EkjN5aLXrTs41ECeu33EKuWQ.roa
Signing time: Sun 01 Jan 2023 13:24:54 +0000
ROA not before: Sun 01 Jan 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52042
IP address blocks: 2a09:be44::/30 maxlen: 48
2a09:be41::/32 maxlen: 48
2a0e:ec05::/32 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a09:be42::/31 maxlen: 48
2a0e:ec04::/31 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b2:cb:68:77:c0:44:be:6a:0e:45:5e:4d:51:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 1 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=376ec492337968b5eb4ece351027aedf710ab964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9b:19:b4:e0:b3:cd:f6:6b:55:67:29:6e:13:
42:df:e9:d1:43:65:ed:95:f3:8c:5c:18:1a:da:8d:
61:94:5a:43:b6:e1:27:fc:ea:13:31:bc:05:26:f1:
9e:08:a1:46:e5:d0:12:37:3a:dc:21:97:90:0d:4d:
b8:47:d7:7d:82:99:e0:13:f9:90:ba:6f:fd:e5:ea:
fd:b0:f0:8b:e6:87:e0:ab:61:57:b7:45:2d:0f:ef:
7e:4c:9f:f6:30:45:a7:57:2a:7e:2a:55:a1:ac:27:
2d:4a:7c:be:93:6b:f2:a4:90:3e:2a:71:41:42:89:
61:d4:2e:5e:e2:96:99:a5:f9:79:9f:84:40:31:3a:
1c:43:7a:16:64:1a:37:a3:79:36:54:01:4f:17:25:
dd:e5:e8:48:19:db:6c:f8:fc:19:11:8c:99:ba:3d:
89:84:ab:e9:b7:2b:8d:70:fd:50:68:81:65:0f:a1:
22:1f:1e:f5:92:5c:ea:ee:bd:3f:75:c1:df:d8:f8:
a3:7a:cf:c1:c5:7e:d9:b0:b5:0a:23:4a:52:68:b6:
88:f9:5f:65:0d:f3:a8:44:c9:64:43:01:dc:9e:98:
fa:5d:6a:d8:ba:1a:05:90:12:ca:0f:be:37:93:91:
06:11:ea:49:8d:fd:66:41:32:f8:4b:82:5c:07:ff:
80:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6E:C4:92:33:79:68:B5:EB:4E:CE:35:10:27:AE:DF:71:0A:B9:64
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/N27EkjN5aLXrTs41ECeu33EKuWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:56:21:01:e6:82:6f:5e:d2:04:b8:c6:42:aa:4f:00:69:bb:
4a:e0:b9:f7:e2:7d:fd:29:1b:0f:b5:e8:a6:2a:2c:99:d5:d9:
f1:25:91:92:f1:10:48:60:cd:b5:ff:69:05:70:3f:0c:cc:20:
07:91:17:d5:7c:6f:6a:e8:7c:07:c2:bb:d5:f4:c6:e1:03:f4:
56:99:50:0f:11:50:8c:40:aa:0d:b5:1e:4d:39:c3:49:d6:65:
b7:11:55:d3:da:d2:c3:3b:18:f0:e6:bd:8a:06:cc:cc:b0:94:
9b:2b:ac:e3:6c:93:61:11:a7:ba:8f:15:97:e6:36:10:10:2c:
e9:ab:00:83:55:ec:b7:7a:6e:c9:1b:cd:7f:1b:3f:ea:74:c8:
aa:c1:46:a7:1a:e5:48:97:01:d2:83:45:ed:c8:15:0b:48:32:
37:f7:4d:67:6b:f4:ac:31:c2:9e:04:46:68:41:88:ac:35:09:
90:cd:33:dc:a6:37:73:b3:00:ec:c0:1c:9e:4f:29:00:74:06:
a8:f7:96:77:23:78:98:98:ad:33:c0:a1:3c:01:55:19:4b:a9:
f7:14:5d:b8:24:0f:b2:7f:e4:80:66:f1:8b:a7:d5:b6:62:c5:
15:5f:66:05:43:72:c3:c0:98:db:d7:fb:59:80:61:28:2f:f1:
a2:a2:9b:02
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVtgbLLaHfARL5qDkVeTVHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjMwMTAxMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzZlYzQ5MjMzNzk2OGI1ZWI0ZWNlMzUxMDI3YWVkZjcxMGFiOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5sZtOCzzfZrVWcpbhNC3+nRQ2Xt
lfOMXBga2o1hlFpDtuEn/OoTMbwFJvGeCKFG5dASNzrcIZeQDU24R9d9gpngE/mQ
um/95er9sPCL5ofgq2FXt0UtD+9+TJ/2MEWnVyp+KlWhrCctSny+k2vypJA+KnFB
Qolh1C5e4paZpfl5n4RAMTocQ3oWZBo3o3k2VAFPFyXd5ehIGdts+PwZEYyZuj2J
hKvptyuNcP1QaIFlD6EiHx71klzq7r0/dcHf2Pijes/BxX7ZsLUKI0pSaLaI+V9l
DfOoRMlkQwHcnpj6XWrYuhoFkBLKD743k5EGEepJjf1mQTL4S4JcB/+AGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDduxJIzeWi1607ONRAnrt9xCrlkMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvTjI3RWtqTjVhTFhyVHM0MUVDZXUzM0VLdVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMA4DBQAqCb5B
AwUDKgm+QDANAwQCKg7sAwUBKg7sBAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEB
AENWIQHmgm9e0gS4xkKqTwBpu0rguffiff0pGw+16KYqLJnV2fElkZLxEEhgzbX/
aQVwPwzMIAeRF9V8b2rofAfCu9X0xuED9FaZUA8RUIxAqg21Hk05w0nWZbcRVdPa
0sM7GPDmvYoGzMywlJsrrONsk2ERp7qPFZfmNhAQLOmrAINV7Ld6bskbzX8bP+p0
yKrBRqca5UiXAdKDRe3IFQtIMjf3TWdr9Kwxwp4ERmhBiKw1CZDNM9ymN3OzAOzA
HJ5PKQB0Bqj3lncjeJiYrTPAoTwBVRlLqfcUXbgkD7J/5IBm8Yun1bZixRVfZgVD
csPAmNvX+1mAYSgv8aKimwI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:20 2024 by rpki-client on console-ams.rpki-client.org