Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCcjyAg4_1VafHlFuW1GSPV10oQ.roa
File: nCcjyAg4_1VafHlFuW1GSPV10oQ.roa (raw, json)
Hash identifier: R7OggCUQ9pIAarKY27i/4/ypK8UGRJsXqvHI/cGHxl8=
Subject key identifier: 9C:27:23:C8:08:38:FF:55:5A:7C:79:45:B9:6D:46:48:F5:75:D2:84
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01856C9CE51669F7A27CE343D984FA647A3A
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCcjyAg4_1VafHlFuW1GSPV10oQ.roa
Signing time: Sun 01 Jan 2023 09:14:59 +0000
ROA not before: Sun 01 Jan 2023 09:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48446
IP address blocks: 2a02:c47:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e5:16:69:f7:a2:7c:e3:43:d9:84:fa:64:7a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c2723c80838ff555a7c7945b96d4648f575d284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:a6:c4:14:76:1d:93:7e:89:27:de:56:4d:
36:79:65:13:04:aa:84:74:de:35:33:3b:2d:5a:12:
94:b3:b0:cc:f1:d9:3d:20:53:98:b6:7b:ff:40:d3:
0b:df:74:83:1a:1c:73:72:95:35:88:ab:25:c0:96:
f2:d3:28:f1:39:f5:59:16:6d:8c:91:51:99:51:f4:
62:b3:37:15:d7:26:bb:e0:88:dd:17:55:e2:d3:1f:
98:f3:d7:4d:f8:76:a2:69:f7:da:8b:b0:e2:bf:57:
9a:39:7f:d3:c2:60:6d:9d:20:94:d4:0b:a0:38:a4:
f4:9d:c2:70:83:cd:5f:6c:5a:51:0d:6f:fe:fa:4a:
23:b5:9b:12:5b:51:bd:0a:39:3e:cc:ce:b6:86:b1:
6d:48:14:d5:0d:c8:cc:e8:e8:c2:33:90:7b:7c:e6:
34:bb:41:1a:f9:d3:67:90:6f:d5:7d:59:30:e3:47:
5c:e2:e5:4e:d7:e6:aa:47:99:5a:27:e1:4f:99:aa:
16:a0:16:3c:b9:4f:95:02:dc:4e:94:e1:04:f3:56:
1b:34:5f:4d:02:56:39:4b:e7:6e:ac:3c:93:44:4e:
ca:f6:ca:1b:0a:02:80:58:3d:86:42:ee:4d:04:3e:
b7:88:ba:32:d7:ce:0a:4e:50:cc:65:48:da:17:84:
12:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:27:23:C8:08:38:FF:55:5A:7C:79:45:B9:6D:46:48:F5:75:D2:84
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCcjyAg4_1VafHlFuW1GSPV10oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:c47:4::/48
Signature Algorithm: sha256WithRSAEncryption
8f:30:36:5a:d2:23:a6:33:33:c8:f0:36:2b:7c:8b:5b:60:ac:
8c:dd:4e:f8:e0:86:1f:4b:04:9e:34:4f:6f:c7:a8:64:d3:7f:
25:1b:cd:83:1f:00:cb:8c:f5:24:a8:90:fe:ed:14:8e:7b:18:
7f:c2:d4:85:6b:80:fe:13:cf:3e:d6:f4:10:25:1d:97:0d:0c:
f9:f2:d3:62:7e:f5:e5:1f:8f:0b:b3:ed:38:8f:2a:6f:3d:37:
60:fa:e9:9d:b6:13:ce:b2:29:bc:b6:be:60:32:61:05:d3:1e:
2e:c8:82:e0:11:18:4b:81:b7:f6:79:86:31:72:0b:16:74:dc:
1b:b0:c5:d8:a3:c2:ac:fb:08:10:25:10:c2:26:c1:08:82:ea:
79:3d:25:93:73:43:57:df:6f:7d:20:1e:a3:01:f9:54:c2:f2:
fb:fa:8f:37:40:6a:56:68:0c:25:12:04:e2:69:9c:d6:4d:1c:
b6:bd:9a:99:9e:5c:fd:8a:47:45:96:d4:08:c2:16:c7:3a:48:
86:31:3f:cc:05:84:53:00:57:e1:90:38:cc:5a:5a:a1:02:9d:
56:1a:56:c3:ac:21:70:52:31:6c:17:30:53:ad:13:69:1d:77:
03:8d:7a:1c:aa:d8:f6:17:a0:63:b5:5e:8c:d0:39:8b:e0:95:
ed:f9:ef:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsnOUWafeifOND2YT6ZHo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjMwMTAxMDkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI3MjNjODA4MzhmZjU1NWE3Yzc5NDViOTZkNDY0OGY1NzVkMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo6mxBR2HZN+iSfeVk02eWUTBKqE
dN41MzstWhKUs7DM8dk9IFOYtnv/QNML33SDGhxzcpU1iKslwJby0yjxOfVZFm2M
kVGZUfRiszcV1ya74IjdF1Xi0x+Y89dN+Haiaffai7Div1eaOX/TwmBtnSCU1Aug
OKT0ncJwg81fbFpRDW/++kojtZsSW1G9Cjk+zM62hrFtSBTVDcjM6OjCM5B7fOY0
u0Ea+dNnkG/VfVkw40dc4uVO1+aqR5laJ+FPmaoWoBY8uU+VAtxOlOEE81YbNF9N
AlY5S+durDyTRE7K9sobCgKAWD2GQu5NBD63iLoy184KTlDMZUjaF4QSjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJwnI8gIOP9VWnx5RbltRkj1ddKEMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvbkNjanlBZzRfMVZhZkhsRnVXMUdTUFYxMG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIMRwAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCPMDZa0iOmMzPI8DYrfItbYKyM3U744IYfSwSe
NE9vx6hk038lG82DHwDLjPUkqJD+7RSOexh/wtSFa4D+E88+1vQQJR2XDQz58tNi
fvXlH48Ls+04jypvPTdg+umdthPOsim8tr5gMmEF0x4uyILgERhLgbf2eYYxcgsW
dNwbsMXYo8Ks+wgQJRDCJsEIgup5PSWTc0NX3299IB6jAflUwvL7+o83QGpWaAwl
EgTiaZzWTRy2vZqZnlz9ikdFltQIwhbHOkiGMT/MBYRTAFfhkDjMWlqhAp1WGlbD
rCFwUjFsFzBTrRNpHXcDjXocqtj2F6BjtV6M0DmL4JXt+e8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org