Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NJ-WULW8I7z6PKHJmYz635pwxcs.roa
File: NJ-WULW8I7z6PKHJmYz635pwxcs.roa (raw, json)
Hash identifier: 9qVj3vvU1nkVIymHR84NeK8v5YKRzPlYuJafpAUKQzE=
Subject key identifier: 34:9F:96:50:B5:BC:23:BC:FA:3C:A1:C9:99:8C:FA:DF:9A:70:C5:CB
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BFC4AC9B4FA82EB6903B64A82DAA50A5D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NJ-WULW8I7z6PKHJmYz635pwxcs.roa
Signing time: Thu 23 Nov 2023 13:07:21 +0000
ROA not before: Thu 23 Nov 2023 13:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 82.97.240.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:4a:c9:b4:fa:82:eb:69:03:b6:4a:82:da:a5:0a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 23 13:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=349f9650b5bc23bcfa3ca1c9998cfadf9a70c5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9d:08:bb:0d:d0:cf:6a:f6:43:f5:99:ce:c8:
94:6e:be:5c:b4:e7:e6:8b:24:28:fa:25:e1:4f:c6:
c1:1f:26:1b:11:23:b5:76:72:00:5e:f4:50:cf:72:
6c:56:eb:2b:2a:5d:38:d4:c1:a1:a7:f1:45:61:45:
4e:2a:b9:db:5e:01:74:ca:fc:03:5f:07:7d:35:d5:
5a:43:fd:fd:4d:3b:f9:03:28:17:6a:48:a2:c8:f6:
b3:fa:1d:06:b9:17:4c:bc:fc:80:5d:8d:1b:48:63:
01:97:fa:82:26:b8:08:f4:38:0e:ec:c9:5a:d0:49:
2b:94:f0:64:e1:5c:29:4a:8a:74:96:fc:b9:91:20:
68:96:05:0b:bc:b9:e1:d2:23:7a:04:95:17:46:93:
ee:b9:81:8e:11:a4:af:1f:74:56:85:b7:ff:3e:cd:
e4:e7:78:80:d4:c6:fa:22:f0:ad:f9:f2:5f:65:08:
62:25:0b:d1:2f:14:03:4d:ab:f3:cb:d4:e5:15:b2:
4e:5f:31:20:ce:fd:37:20:e4:16:58:2d:45:da:00:
3b:cc:1a:d8:a9:21:f4:56:c7:64:c7:87:fb:e9:04:
70:f1:8e:06:04:11:1c:4e:7e:8f:e7:bc:0d:12:b2:
82:bf:33:45:f2:ee:40:b2:60:e2:62:a9:b8:dc:33:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9F:96:50:B5:BC:23:BC:FA:3C:A1:C9:99:8C:FA:DF:9A:70:C5:CB
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NJ-WULW8I7z6PKHJmYz635pwxcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:13:db:53:af:c6:f7:6d:fa:e7:75:df:4e:dc:ee:f4:30:75:
71:8a:ef:c3:4a:86:ca:6e:de:52:3a:69:68:3c:58:38:80:2c:
41:9e:8e:cd:9d:0b:5f:e1:7b:c9:b7:88:3c:b6:2b:dd:12:5d:
42:d8:6b:a5:88:b7:a7:25:a8:c3:79:b2:e0:2a:39:36:ab:e9:
0e:79:88:37:38:b8:6b:37:81:d2:c4:26:06:41:cd:77:14:13:
fc:d5:bd:a2:6e:7a:17:bb:2b:59:60:1d:c2:f2:c1:58:17:9a:
e7:5f:a1:ad:a3:a7:a3:8c:00:9c:66:7b:66:b6:69:e3:a1:57:
b8:6b:4d:f7:f3:f6:b8:e4:39:59:a3:cd:7a:12:f9:55:d1:c8:
95:47:aa:05:0a:e9:cb:24:7b:03:47:e7:92:b2:cd:5f:f3:f7:
50:76:2e:85:54:0b:c7:41:6e:43:73:f1:ea:81:5c:e7:5c:d8:
aa:fe:e3:b4:52:88:94:de:43:16:47:ac:01:26:73:1e:64:67:
d7:24:bb:ee:84:b9:8f:7f:25:13:5a:12:1d:fb:50:8c:fc:b9:
94:cf:14:da:65:45:e4:81:92:44:5c:27:92:de:e1:47:83:35:
34:44:d7:6d:23:b1:c0:74:f1:eb:03:f1:64:22:b7:fe:22:62:
b5:4e:e6:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv8Ssm0+oLraQO2SoLapQpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTIzMTMwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDlmOTY1MGI1YmMyM2JjZmEzY2ExYzk5OThjZmFkZjlhNzBjNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA550Iuw3Qz2r2Q/WZzsiUbr5ctOfm
iyQo+iXhT8bBHyYbESO1dnIAXvRQz3JsVusrKl041MGhp/FFYUVOKrnbXgF0yvwD
Xwd9NdVaQ/39TTv5AygXakiiyPaz+h0GuRdMvPyAXY0bSGMBl/qCJrgI9DgO7Mla
0EkrlPBk4VwpSop0lvy5kSBolgULvLnh0iN6BJUXRpPuuYGOEaSvH3RWhbf/Ps3k
53iA1Mb6IvCt+fJfZQhiJQvRLxQDTavzy9TlFbJOXzEgzv03IOQWWC1F2gA7zBrY
qSH0Vsdkx4f76QRw8Y4GBBEcTn6P57wNErKCvzNF8u5AsmDiYqm43DPoRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSfllC1vCO8+jyhyZmM+t+acMXLMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTkotV1VMVzhJN3o2UEtISm1ZejYzNXB3eGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUmHwMA0G
CSqGSIb3DQEBCwUAA4IBAQALE9tTr8b3bfrndd9O3O70MHVxiu/DSobKbt5SOmlo
PFg4gCxBno7NnQtf4XvJt4g8tivdEl1C2GuliLenJajDebLgKjk2q+kOeYg3OLhr
N4HSxCYGQc13FBP81b2ibnoXuytZYB3C8sFYF5rnX6Gto6ejjACcZntmtmnjoVe4
a0338/a45DlZo816EvlV0ciVR6oFCunLJHsDR+eSss1f8/dQdi6FVAvHQW5Dc/Hq
gVznXNiq/uO0UoiU3kMWR6wBJnMeZGfXJLvuhLmPfyUTWhId+1CM/LmUzxTaZUXk
gZJEXCeS3uFHgzU0RNdtI7HAdPHrA/FkIrf+ImK1TuYO
-----END CERTIFICATE-----
Generated at Wed Nov 29 15:03:54 2023 by rpki-client on console-fra.rpki-client.org