Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/nHzSaK_559PnFv6qyBwL2_Gs9ss.roa
File: nHzSaK_559PnFv6qyBwL2_Gs9ss.roa (raw, json)
Hash identifier: Hkkq+IsGYTsgcy3pfdL7Zt5NSpsgBNW8BokExtY8yhM=
Subject key identifier: 9C:7C:D2:68:AF:F9:E7:D3:E7:16:FE:AA:C8:1C:0B:DB:F1:AC:F6:CB
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 018CE0B159006C59178FFBCD6CA3A8E85AB9
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/nHzSaK_559PnFv6qyBwL2_Gs9ss.roa
Signing time: Sat 06 Jan 2024 21:32:48 +0000
ROA not before: Sat 06 Jan 2024 21:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51741
IP address blocks: 2a12:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Jan 2024 08:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:b1:59:00:6c:59:17:8f:fb:cd:6c:a3:a8:e8:5a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Jan 6 21:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c7cd268aff9e7d3e716feaac81c0bdbf1acf6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:58:73:94:72:a5:0b:9f:7b:99:ae:4a:1e:
9d:11:65:65:e0:68:1d:d5:ee:c6:cb:17:a8:bb:f7:
2c:ba:4f:6b:0e:31:6b:59:f4:a0:b7:4a:28:ec:35:
da:e1:0e:56:fd:62:c4:85:a6:13:05:4c:49:f2:7e:
2c:ff:24:d8:ed:a8:16:5c:8d:3b:68:9e:63:df:41:
7e:ef:5c:50:f2:ff:df:21:3a:38:4a:22:4a:bd:33:
ff:57:cd:3c:96:46:8d:9b:e1:95:76:06:13:7d:98:
f3:e6:12:34:64:43:59:06:42:69:28:9f:57:0e:90:
72:d1:d3:ca:a0:7c:e9:21:03:7b:51:85:42:f7:58:
79:80:4d:b3:1b:35:bc:c6:fd:5b:66:06:73:d5:a4:
43:61:46:c5:31:3f:9c:32:9f:7e:71:d0:e0:23:fe:
92:64:82:61:6c:94:6b:a7:2c:d7:1c:a2:f0:7d:32:
04:10:fe:30:49:c3:94:bd:1d:4e:97:bf:15:55:3d:
a0:fe:d0:cc:ec:81:23:f0:d6:3d:99:15:55:bf:05:
e9:74:bd:c8:12:5c:9b:9a:82:fb:b7:e7:6c:98:c4:
8f:90:6a:a2:2e:7c:b3:94:63:a1:e9:ff:25:fe:bc:
90:6a:f0:85:88:57:8b:a8:0b:de:73:56:e7:a3:80:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7C:D2:68:AF:F9:E7:D3:E7:16:FE:AA:C8:1C:0B:DB:F1:AC:F6:CB
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/nHzSaK_559PnFv6qyBwL2_Gs9ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:20:9a:fa:1c:f3:61:a7:d3:ca:b4:c0:85:f1:ff:d3:1c:d9:
8d:68:82:10:4c:b7:52:aa:48:44:e8:cc:5f:c9:02:85:ca:4d:
8f:21:55:f2:de:75:00:b5:d3:cf:7a:26:c0:9d:7b:0e:aa:25:
9d:9b:f0:b0:87:95:d4:51:e7:97:1b:1b:a6:87:db:7b:0d:19:
fd:5b:6f:ca:0e:10:c7:3e:b8:ba:f3:3b:56:db:fd:ac:46:06:
c9:17:3f:1e:7c:83:87:3f:06:05:ff:9c:ac:ce:44:ab:0a:0e:
d0:dd:50:3d:71:28:c2:61:d5:bd:d7:4c:e8:fa:b2:c8:3d:d8:
1f:50:87:d8:d4:60:0f:d0:83:09:a9:10:a4:c5:77:fc:ef:c2:
d2:36:12:ae:a7:81:66:49:55:e6:e6:48:49:e7:6e:51:ac:cc:
c4:89:ef:a3:62:03:6a:a6:bc:59:29:a0:ad:25:e9:61:8c:3a:
cf:2d:aa:b6:93:ce:bc:0b:82:f8:0c:89:04:29:c9:c3:cf:f6:
2e:cd:dc:a1:45:fd:d1:e6:12:e5:66:f3:b4:a8:2b:0f:4f:a6:
35:49:b9:c2:b7:bb:24:b3:dc:82:a4:7d:ba:c9:ba:c1:c9:40:
dd:80:4a:4a:5e:d1:fd:0b:d8:aa:cf:64:7c:77:4e:e2:79:40:
0d:73:c5:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzgsVkAbFkXj/vNbKOo6Fq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjQwMTA2MjEzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdjZDI2OGFmZjllN2QzZTcxNmZlYWFjODFjMGJkYmYxYWNmNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfdYc5RypQufe5muSh6dEWVl4Ggd
1e7Gyxeou/csuk9rDjFrWfSgt0oo7DXa4Q5W/WLEhaYTBUxJ8n4s/yTY7agWXI07
aJ5j30F+71xQ8v/fITo4SiJKvTP/V808lkaNm+GVdgYTfZjz5hI0ZENZBkJpKJ9X
DpBy0dPKoHzpIQN7UYVC91h5gE2zGzW8xv1bZgZz1aRDYUbFMT+cMp9+cdDgI/6S
ZIJhbJRrpyzXHKLwfTIEEP4wScOUvR1Ol78VVT2g/tDM7IEj8NY9mRVVvwXpdL3I
ElybmoL7t+dsmMSPkGqiLnyzlGOh6f8l/ryQavCFiFeLqAvec1bno4BATQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJx80miv+efT5xb+qsgcC9vxrPbLMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvbkh6U2FLXzU1OVBuRnY2cXlCd0wyX0dzOXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAniCa+hzzYafTyrTAhfH/0xzZjWiCEEy3UqpIROjM
X8kChcpNjyFV8t51ALXTz3omwJ17DqolnZvwsIeV1FHnlxsbpofbew0Z/Vtvyg4Q
xz64uvM7Vtv9rEYGyRc/HnyDhz8GBf+crM5EqwoO0N1QPXEowmHVvddM6PqyyD3Y
H1CH2NRgD9CDCakQpMV3/O/C0jYSrqeBZklV5uZISeduUazMxInvo2IDaqa8WSmg
rSXpYYw6zy2qtpPOvAuC+AyJBCnJw8/2Ls3coUX90eYS5WbztKgrD0+mNUm5wre7
JLPcgqR9usm6wclA3YBKSl7R/QvYqs9kfHdO4nlADXPFSA==
-----END CERTIFICATE-----
Generated at Mon Jan 8 12:45:26 2024 by rpki-client on console-fra.rpki-client.org