Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/NJP37H4n9j5KId6Dt5m9jTiNHBc.roa
File: NJP37H4n9j5KId6Dt5m9jTiNHBc.roa (raw, json)
Hash identifier: WHdamSRLGIkfFJeUTu6YfH6dibMhFzsZiCoZ+tss1So=
Subject key identifier: 34:93:F7:EC:7E:27:F6:3E:4A:21:DE:83:B7:99:BD:8D:38:8D:1C:17
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018CC7942BC1A8968641FD00F049E6FA22CD
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/NJP37H4n9j5KId6Dt5m9jTiNHBc.roa
Signing time: Tue 02 Jan 2024 00:30:25 +0000
ROA not before: Tue 02 Jan 2024 00:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 03 Jan 2024 15:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:2b:c1:a8:96:86:41:fd:00:f0:49:e6:fa:22:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jan 2 00:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3493f7ec7e27f63e4a21de83b799bd8d388d1c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:f6:6b:cd:fb:c2:92:f5:76:37:d2:b2:f5:
37:50:d4:a2:b7:e4:96:42:db:cd:38:61:11:b5:32:
57:f9:d3:09:2a:4d:0b:99:e3:36:e8:a7:2a:d5:e0:
76:b4:08:f9:c1:0e:07:58:bc:dc:8b:57:09:33:cf:
e8:63:19:bc:15:45:66:2b:3b:e1:2d:c4:88:13:50:
ee:d6:c4:99:b5:75:ce:ad:94:84:7e:7b:98:4b:db:
d6:3c:47:a7:14:a6:c5:3d:7c:8d:30:f4:45:92:ec:
d4:0c:0c:ec:18:1f:43:66:d4:b4:3c:63:06:7f:14:
93:88:fc:82:9d:47:42:7d:3c:28:72:7e:30:b4:b4:
de:10:45:45:a0:09:f3:e3:31:ea:d6:27:29:99:81:
c3:3e:84:9f:d2:03:43:75:0b:3c:90:16:ff:09:bd:
97:3a:d1:86:c6:11:dd:1b:88:10:ba:75:e2:a8:30:
b7:bf:db:a2:66:62:fb:b0:48:61:e9:20:14:1d:79:
dc:2e:06:85:dd:a1:7e:82:79:bf:79:da:63:55:72:
9c:61:fe:0c:1e:1c:65:f6:e8:fb:1f:b1:f8:a5:7f:
d4:3d:ce:a9:b9:7f:f1:31:6f:be:45:9c:8f:4c:f4:
cf:8b:4f:5e:aa:cd:2c:47:62:9c:d4:d4:5f:16:d7:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:93:F7:EC:7E:27:F6:3E:4A:21:DE:83:B7:99:BD:8D:38:8D:1C:17
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/NJP37H4n9j5KId6Dt5m9jTiNHBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
Signature Algorithm: sha256WithRSAEncryption
a4:eb:94:9e:6b:a2:5d:1a:9a:cb:4c:9d:a5:cb:98:f3:2f:81:
c1:e2:98:12:69:8b:22:a7:ff:29:19:96:27:4c:c1:c7:c6:41:
2d:ca:ce:d7:50:ef:5b:d2:75:44:11:1b:74:d5:1f:ae:e8:25:
04:03:a8:f0:a6:02:e7:35:fa:98:a4:3f:ce:31:c0:fc:12:f3:
6e:9d:97:aa:af:2b:dd:cd:ec:59:88:3b:62:56:0d:01:a2:fd:
f9:67:ac:03:24:6f:21:1d:21:d4:1f:6f:21:ce:a4:c8:ab:6a:
f5:6b:e3:0f:b8:80:8e:26:b0:c5:ae:51:6f:a3:72:19:b6:f0:
f2:48:d5:fb:2d:18:eb:0d:38:53:3a:7d:ba:96:99:05:4b:ae:
7e:df:45:de:f3:b6:6e:b2:94:c9:f7:81:b9:9f:55:28:eb:d2:
4a:f8:b5:65:44:d7:72:48:9e:45:dd:fe:b9:b0:80:53:58:38:
0a:55:9c:78:90:42:27:62:02:f6:84:01:da:b3:d3:08:9c:bb:
d3:0c:98:58:58:f6:63:d8:6d:0f:b3:56:ad:89:16:b8:8b:dc:
dd:39:dd:5c:85:e1:ad:33:74:02:52:6d:26:df:14:3f:e6:f2:
fc:cd:a9:56:fd:54:7b:4d:47:9b:12:fc:da:71:00:4a:1a:40:
f3:76:00:a9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHlCvBqJaGQf0A8Enm+iLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwMTAyMDAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDkzZjdlYzdlMjdmNjNlNGEyMWRlODNiNzk5YmQ4ZDM4OGQxYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZD2a837wpL1djfSsvU3UNSit+SW
QtvNOGERtTJX+dMJKk0LmeM26Kcq1eB2tAj5wQ4HWLzci1cJM8/oYxm8FUVmKzvh
LcSIE1Du1sSZtXXOrZSEfnuYS9vWPEenFKbFPXyNMPRFkuzUDAzsGB9DZtS0PGMG
fxSTiPyCnUdCfTwocn4wtLTeEEVFoAnz4zHq1icpmYHDPoSf0gNDdQs8kBb/Cb2X
OtGGxhHdG4gQunXiqDC3v9uiZmL7sEhh6SAUHXncLgaF3aF+gnm/edpjVXKcYf4M
Hhxl9uj7H7H4pX/UPc6puX/xMW++RZyPTPTPi09eqs0sR2Kc1NRfFtcXVwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDST9+x+J/Y+SiHeg7eZvY04jRwXMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvTkpQMzdING45ajVLSWQ2RHQ1bTlqVGlOSEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwYAKgPvwBcD
BgAqA+/AIwMGACoD78AlAwYAKgPvwCcwDQYJKoZIhvcNAQELBQADggEBAKTrlJ5r
ol0amstMnaXLmPMvgcHimBJpiyKn/ykZlidMwcfGQS3KztdQ71vSdUQRG3TVH67o
JQQDqPCmAuc1+pikP84xwPwS826dl6qvK93N7FmIO2JWDQGi/flnrAMkbyEdIdQf
byHOpMiravVr4w+4gI4msMWuUW+jchm28PJI1fstGOsNOFM6fbqWmQVLrn7fRd7z
tm6ylMn3gbmfVSjr0kr4tWVE13JInkXd/rmwgFNYOApVnHiQQidiAvaEAdqz0wic
u9MMmFhY9mPYbQ+zVq2JFriL3N053VyF4a0zdAJSbSbfFD/m8vzNqVb9VHtNR5sS
/NpxAEoaQPN2AKk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org