Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/SN_ncgxgmdRSOurz-6W4MatkYjI.roa
File: SN_ncgxgmdRSOurz-6W4MatkYjI.roa (raw, json)
Hash identifier: CVS4JX6ek3FeoXb4AibzvRsT8oBPDqYSN8AMUfXoNMw=
Subject key identifier: 48:DF:E7:72:0C:60:99:D4:52:3A:EA:F3:FB:A5:B8:31:AB:64:62:32
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01856F9E059460054191466183B2E03E8761
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/SN_ncgxgmdRSOurz-6W4MatkYjI.roa
Signing time: Sun 01 Jan 2023 23:15:05 +0000
ROA not before: Sun 01 Jan 2023 23:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57712
IP address blocks: 2a00:f440:c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:05:94:60:05:41:91:46:61:83:b2:e0:3e:87:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 23:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48dfe7720c6099d4523aeaf3fba5b831ab646232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:97:d3:24:fa:84:b8:66:67:30:a4:9b:10:8f:
9c:4b:19:e2:05:08:08:7e:a2:4f:aa:19:0d:5e:7b:
af:f5:3a:22:66:39:be:ab:a4:ab:b7:e0:fa:e5:ca:
fd:38:ad:ab:95:07:0c:56:3f:01:cc:62:b8:0d:f2:
f9:14:ec:79:86:75:b2:ea:c7:b2:d5:95:60:92:78:
b2:03:2c:f6:2d:a1:d2:48:6e:32:89:70:92:bb:03:
f8:3c:c1:d6:b4:fa:c4:ac:af:e3:8f:38:51:00:f7:
ec:20:4b:f3:db:c8:da:65:34:68:33:03:cf:2a:5b:
a6:9d:9e:2a:a2:ad:a0:69:7e:63:0d:85:90:30:7d:
ea:ed:d1:5e:82:10:ac:c7:18:bc:0d:94:2f:52:cc:
e4:a7:01:92:fd:5a:93:a1:c9:2c:1a:86:97:4a:7e:
59:2f:e2:6d:fe:53:d2:d0:2f:a7:d8:a3:cf:e4:a2:
89:5c:47:94:be:42:40:87:d6:ea:53:b0:57:4a:cd:
f8:c1:18:43:f7:e0:de:69:d9:d9:10:84:33:62:35:
8e:1c:1a:5a:da:88:dc:4c:b8:4d:70:80:42:be:53:
7d:f4:a2:0e:6f:c6:e0:f2:47:dd:2c:a6:65:79:20:
fe:21:6d:1b:31:ca:69:23:f4:bb:7d:e9:b1:9b:7a:
38:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:DF:E7:72:0C:60:99:D4:52:3A:EA:F3:FB:A5:B8:31:AB:64:62:32
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/SN_ncgxgmdRSOurz-6W4MatkYjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f440:c::/48
Signature Algorithm: sha256WithRSAEncryption
29:94:80:c6:25:9c:5b:34:a3:8d:9a:4a:8a:fd:4a:bc:e2:ea:
4b:16:6d:a5:c3:96:e9:bd:69:e0:01:ea:df:25:83:d5:c4:f0:
95:4e:c2:ac:40:87:9a:18:c7:60:6f:68:44:6d:93:47:72:d9:
b2:84:cf:17:31:52:05:7c:12:99:dd:6a:f1:08:d0:06:9d:8d:
ee:b5:6e:a6:ad:58:0c:1b:4c:27:ef:c2:2b:22:a5:92:da:d3:
32:ae:38:09:01:f3:63:3d:92:e2:af:bc:49:40:14:c7:5e:d7:
8b:0a:7b:90:af:ad:15:f3:f7:f6:78:bc:05:26:4f:e5:07:4c:
a3:f3:d0:18:bc:d3:07:cf:81:d1:01:23:3b:80:24:44:f8:9c:
77:64:0b:42:00:24:7d:a8:ed:88:8f:85:e9:68:d1:a3:c5:6a:
46:43:97:64:a8:f2:2a:e3:8b:65:28:4e:6a:48:c2:3d:a0:53:
5a:d2:ec:4e:b4:e3:3e:be:4b:77:81:27:ba:79:fc:c9:06:1d:
51:af:08:27:74:9e:a6:a0:ec:20:42:b6:eb:96:aa:d7:03:c1:
09:81:70:bf:94:f2:6e:0d:1a:ca:00:a2:8f:9b:5c:d5:46:f5:
62:be:93:b3:56:33:f1:c8:a4:1b:98:bc:d1:9c:2c:7e:07:a1:
63:f3:48:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvngWUYAVBkUZhg7LgPodhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjMwMTAxMjMxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGRmZTc3MjBjNjA5OWQ0NTIzYWVhZjNmYmE1YjgzMWFiNjQ2MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpfTJPqEuGZnMKSbEI+cSxniBQgI
fqJPqhkNXnuv9ToiZjm+q6Srt+D65cr9OK2rlQcMVj8BzGK4DfL5FOx5hnWy6sey
1ZVgkniyAyz2LaHSSG4yiXCSuwP4PMHWtPrErK/jjzhRAPfsIEvz28jaZTRoMwPP
KlumnZ4qoq2gaX5jDYWQMH3q7dFeghCsxxi8DZQvUszkpwGS/VqTocksGoaXSn5Z
L+Jt/lPS0C+n2KPP5KKJXEeUvkJAh9bqU7BXSs34wRhD9+DeadnZEIQzYjWOHBpa
2ojcTLhNcIBCvlN99KIOb8bg8kfdLKZleSD+IW0bMcppI/S7femxm3o4RQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEjf53IMYJnUUjrq8/uluDGrZGIyMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvU05fbmNneGdtZFJTT3Vyei02VzRNYXRrWWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD0QAAM
MA0GCSqGSIb3DQEBCwUAA4IBAQAplIDGJZxbNKONmkqK/Uq84upLFm2lw5bpvWng
AerfJYPVxPCVTsKsQIeaGMdgb2hEbZNHctmyhM8XMVIFfBKZ3WrxCNAGnY3utW6m
rVgMG0wn78IrIqWS2tMyrjgJAfNjPZLir7xJQBTHXteLCnuQr60V8/f2eLwFJk/l
B0yj89AYvNMHz4HRASM7gCRE+Jx3ZAtCACR9qO2Ij4XpaNGjxWpGQ5dkqPIq44tl
KE5qSMI9oFNa0uxOtOM+vkt3gSe6efzJBh1RrwgndJ6moOwgQrbrlqrXA8EJgXC/
lPJuDRrKAKKPm1zVRvVivpOzVjPxyKQbmLzRnCx+B6Fj80jG
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:58 2024 by rpki-client on console-ams.rpki-client.org