Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nu-b6PZIPnNR4pSiNBYhfRDsbH0.roa
File: nu-b6PZIPnNR4pSiNBYhfRDsbH0.roa (raw, json)
Hash identifier: CH5U+GqIbzHh9YdWb2cSGKwR0xubEZreE7ZbuPvIn4c=
Subject key identifier: 9E:EF:9B:E8:F6:48:3E:73:51:E2:94:A2:34:16:21:7D:10:EC:6C:7D
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0191EB5E44218CA3E7DDA3F24FA83BF52028
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nu-b6PZIPnNR4pSiNBYhfRDsbH0.roa
Signing time: Fri 13 Sep 2024 12:31:49 +0000
ROA not before: Fri 13 Sep 2024 12:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211318
IP address blocks: 2a07:4a00::/29 maxlen: 29
2a0a:37c0::/29 maxlen: 29
2a0b:a280::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Nov 2024 13:43:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:5e:44:21:8c:a3:e7:dd:a3:f2:4f:a8:3b:f5:20:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Sep 13 12:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eef9be8f6483e7351e294a23416217d10ec6c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:95:bf:49:47:c7:75:c3:af:f9:33:2c:bf:c9:
07:b1:43:ef:41:f4:59:5c:a8:1c:2b:14:08:b1:75:
b4:57:23:57:a6:34:16:46:84:80:2d:1b:bf:0a:55:
9a:e8:03:d6:5d:ae:ce:1a:d1:e9:b8:1b:3c:14:81:
6c:12:bf:47:d3:42:25:50:c0:1a:05:ba:52:d8:98:
49:31:02:35:95:ff:da:53:b4:09:07:51:48:a7:55:
cd:5c:dc:7a:89:a8:37:cd:72:8b:6d:c3:15:15:b3:
de:4f:df:6e:1d:bf:68:32:3e:e8:c9:54:83:31:92:
05:b4:04:ce:fd:4f:88:a1:3b:63:09:1f:f9:a5:73:
95:48:a3:12:23:29:ad:08:93:45:fa:85:c8:2d:95:
10:be:16:87:64:e0:30:c2:51:64:5e:41:6f:99:e4:
f0:28:76:9a:d9:46:bc:32:c2:25:ef:e6:db:b3:ba:
ab:3c:eb:f1:ec:6c:62:83:2d:08:8e:ab:87:ec:2f:
e7:c2:50:b5:70:fa:46:ce:34:e3:73:7f:06:7c:49:
3c:3e:dd:9b:78:9a:e9:b6:fa:e0:ce:b8:c9:11:0c:
c5:89:2c:c0:e7:4b:51:1d:5e:3b:15:f2:10:24:bd:
a5:ae:b4:83:60:bf:2e:40:23:21:aa:46:61:07:c7:
3f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EF:9B:E8:F6:48:3E:73:51:E2:94:A2:34:16:21:7D:10:EC:6C:7D
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nu-b6PZIPnNR4pSiNBYhfRDsbH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:4a00::/29
2a0a:37c0::/29
2a0b:a280::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
Signature Algorithm: sha256WithRSAEncryption
2d:98:11:98:c5:25:4a:47:78:1d:de:fb:ae:82:0c:47:ac:6b:
5c:69:cf:32:a3:20:09:0a:85:18:b6:f9:c2:95:8d:c5:e5:17:
18:2d:e5:f2:d7:19:96:2a:94:96:91:c1:aa:42:0d:3b:7b:78:
3b:2a:40:63:5a:ad:7a:0b:ba:9e:20:72:9e:ce:4e:14:7e:7f:
28:5a:e1:2d:a4:74:8a:42:86:a4:ba:5a:96:7a:84:e2:31:9a:
e9:5b:52:42:71:a4:35:df:b6:1c:fc:11:1c:61:53:69:56:f8:
aa:4c:f2:d1:e3:08:46:ea:54:35:f0:3c:c4:ac:65:1b:15:23:
34:22:5b:03:0e:2c:17:74:a3:62:fc:43:97:4d:5c:1f:02:fb:
7b:1c:00:86:54:d9:ff:f4:bd:46:6b:a2:88:dd:d6:f6:68:50:
a1:94:9b:96:ed:2d:c4:4c:9e:fd:d7:9d:a2:74:2e:0b:ea:c5:
27:ca:9c:91:cf:02:af:bf:33:fe:60:b0:60:2a:4f:85:02:1d:
e7:c9:2a:0d:80:9a:99:0b:c5:2b:fc:2f:91:14:ee:8d:94:4c:
67:42:ca:66:7e:76:ac:02:94:74:3f:8d:0a:3c:78:bf:f7:c7:
e0:83:30:c7:ee:3b:09:fc:e3:d3:a5:20:94:d8:9e:a4:75:4c:
e5:3c:a2:10
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZHrXkQhjKPn3aPyT6g79SAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwOTEzMTIzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVmOWJlOGY2NDgzZTczNTFlMjk0YTIzNDE2MjE3ZDEwZWM2YzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZW/SUfHdcOv+TMsv8kHsUPvQfRZ
XKgcKxQIsXW0VyNXpjQWRoSALRu/ClWa6APWXa7OGtHpuBs8FIFsEr9H00IlUMAa
BbpS2JhJMQI1lf/aU7QJB1FIp1XNXNx6iag3zXKLbcMVFbPeT99uHb9oMj7oyVSD
MZIFtATO/U+IoTtjCR/5pXOVSKMSIymtCJNF+oXILZUQvhaHZOAwwlFkXkFvmeTw
KHaa2Ua8MsIl7+bbs7qrPOvx7Gxigy0IjquH7C/nwlC1cPpGzjTjc38GfEk8Pt2b
eJrptvrgzrjJEQzFiSzA50tRHV47FfIQJL2lrrSDYL8uQCMhqkZhB8c/6QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFJ7vm+j2SD5zUeKUojQWIX0Q7Gx9MB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvbnUtYjZQWklQbk5SNHBTaU5CWWhmUkRzYkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKgdKAAMF
AyoKN8ADBQMqC6KAAwUDKgujAAMFAyoMdEADBQMqDHTAAwUDKgx1QAMFAyoNLMAD
BQMqDYjAAwUDKg8RgAMFAyoPI4AwDQYJKoZIhvcNAQELBQADggEBAC2YEZjFJUpH
eB3e+66CDEesa1xpzzKjIAkKhRi2+cKVjcXlFxgt5fLXGZYqlJaRwapCDTt7eDsq
QGNarXoLup4gcp7OThR+fyha4S2kdIpChqS6WpZ6hOIxmulbUkJxpDXfthz8ERxh
U2lW+KpM8tHjCEbqVDXwPMSsZRsVIzQiWwMOLBd0o2L8Q5dNXB8C+3scAIZU2f/0
vUZroojd1vZoUKGUm5btLcRMnv3XnaJ0LgvqxSfKnJHPAq+/M/5gsGAqT4UCHefJ
Kg2AmpkLxSv8L5EU7o2UTGdCymZ+dqwClHQ/jQo8eL/3x+CDMMfuOwn849OlIJTY
nqR1TOU8ohA=
-----END CERTIFICATE-----
Generated at Fri Nov 1 16:06:58 2024 by rpki-client on console-ams.rpki-client.org