Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/NZNsrmU2XXPR7xVQQ-coRcA_lGk.roa
File: NZNsrmU2XXPR7xVQQ-coRcA_lGk.roa (raw, json)
Hash identifier: F5XFk2px3cQ1iNIScNT0y0OIuJf0cP8I8YBSTBGwi08=
Subject key identifier: 35:93:6C:AE:65:36:5D:73:D1:EF:15:50:43:E7:28:45:C0:3F:94:69
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018B0550CF4F28DAE80E1963DF53E452A12C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/NZNsrmU2XXPR7xVQQ-coRcA_lGk.roa
Signing time: Fri 06 Oct 2023 14:07:43 +0000
ROA not before: Fri 06 Oct 2023 14:07:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47147
IP address blocks: 152.53.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:50:cf:4f:28:da:e8:0e:19:63:df:53:e4:52:a1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Oct 6 14:07:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35936cae65365d73d1ef155043e72845c03f9469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5a:43:80:15:42:29:09:af:ae:1a:cc:d8:b2:
4d:1e:24:3e:4b:16:86:06:36:41:4f:4b:bf:5e:ef:
f2:ea:d6:cb:04:c8:cd:d3:bf:cf:42:e9:6d:46:40:
bd:49:f4:be:16:9c:b2:22:01:90:b4:2c:20:0a:63:
49:4d:f0:27:fc:20:b7:1f:a5:ab:84:02:e7:57:91:
4a:a8:a8:a0:ef:8c:fc:9c:80:a9:16:da:d9:65:9a:
81:f5:1c:94:b9:ac:69:b0:ed:39:13:0d:ec:35:76:
f0:ad:66:a6:76:d4:47:86:06:94:22:ce:2a:10:95:
1b:48:19:69:57:1f:05:bf:01:67:cc:2a:5d:e5:4f:
a2:b9:de:10:fa:66:bd:64:32:c1:62:e9:d9:70:f0:
45:68:16:f4:7e:26:42:a9:46:26:9f:b1:05:36:ca:
ba:16:6e:28:63:2d:c9:61:31:7a:f0:eb:6d:b1:bb:
ef:cf:28:e8:2d:57:e8:ac:1d:19:d2:89:1a:79:a1:
46:a3:f6:c6:30:df:37:dd:74:d4:44:89:35:64:3a:
a1:52:1d:2d:64:d5:9f:fb:13:f0:f6:91:bb:40:1b:
8b:fe:71:c9:d3:a7:d2:09:80:c4:df:fc:10:8e:63:
a0:83:6e:30:1c:a4:3e:9a:ad:aa:4a:38:51:17:a5:
47:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:93:6C:AE:65:36:5D:73:D1:EF:15:50:43:E7:28:45:C0:3F:94:69
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/NZNsrmU2XXPR7xVQQ-coRcA_lGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:22:3c:95:1a:9d:d6:5b:7e:06:fe:2c:22:14:04:86:c4:0a:
23:28:71:91:15:57:7f:44:73:56:4a:e6:c6:91:c4:36:6c:e1:
d5:6d:6b:9d:cf:24:14:e6:2b:11:5a:94:a5:53:a4:da:29:1f:
96:32:17:a3:51:93:93:83:f4:23:66:d2:1c:3a:6d:42:53:3d:
5b:41:7e:32:10:5c:44:5c:d7:5d:78:df:ac:c9:ad:5d:89:a9:
ea:f4:c9:3e:e8:d7:ab:09:f3:43:97:09:cd:8b:c7:89:a8:80:
b4:16:b1:21:2e:dc:71:d1:96:52:5b:ba:d8:86:d6:ba:3d:c4:
8d:65:d3:4c:dc:03:23:61:05:45:e3:04:66:5f:82:b0:59:ac:
57:0e:6e:51:49:3b:2a:36:4c:bc:62:53:cc:6c:ce:30:ed:d4:
8a:38:3a:4a:0b:06:cc:f8:bc:85:0d:4b:ca:75:1a:90:ff:8a:
55:f7:25:70:41:f1:08:67:a1:90:00:96:11:e3:8e:92:e7:d9:
25:19:8c:64:f9:32:8a:b5:90:3c:75:e6:cf:a9:29:28:cb:b4:
0d:3e:81:fe:f9:45:17:25:6b:2e:9e:9c:de:82:07:92:75:e6:
1a:26:29:17:3a:97:fb:0b:50:24:09:05:3a:e1:c4:18:b3:a2:
37:99:63:b9
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYsFUM9PKNroDhlj31PkUqEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjMxMDA2MTQwNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkzNmNhZTY1MzY1ZDczZDFlZjE1NTA0M2U3Mjg0NWMwM2Y5NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFpDgBVCKQmvrhrM2LJNHiQ+SxaG
BjZBT0u/Xu/y6tbLBMjN07/PQultRkC9SfS+FpyyIgGQtCwgCmNJTfAn/CC3H6Wr
hALnV5FKqKig74z8nICpFtrZZZqB9RyUuaxpsO05Ew3sNXbwrWamdtRHhgaUIs4q
EJUbSBlpVx8FvwFnzCpd5U+iud4Q+ma9ZDLBYunZcPBFaBb0fiZCqUYmn7EFNsq6
Fm4oYy3JYTF68OttsbvvzyjoLVforB0Z0okaeaFGo/bGMN833XTURIk1ZDqhUh0t
ZNWf+xPw9pG7QBuL/nHJ06fSCYDE3/wQjmOgg24wHKQ+mq2qSjhRF6VHLwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDWTbK5lNl1z0e8VUEPnKEXAP5RpMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvTlpOc3JtVTJYWFBSN3hWUVEtY29SY0FfbEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBACwiPJUandZbfgb+LCIUBIbECiMocZEVV39Ec1ZK5saR
xDZs4dVta53PJBTmKxFalKVTpNopH5YyF6NRk5OD9CNm0hw6bUJTPVtBfjIQXERc
111436zJrV2Jqer0yT7o16sJ80OXCc2Lx4mogLQWsSEu3HHRllJbutiG1ro9xI1l
00zcAyNhBUXjBGZfgrBZrFcOblFJOyo2TLxiU8xszjDt1Io4OkoLBsz4vIUNS8p1
GpD/ilX3JXBB8QhnoZAAlhHjjpLn2SUZjGT5Moq1kDx15s+pKSjLtA0+gf75RRcl
ay6enN6CB5J15homKRc6l/sLUCQJBTrhxBizojeZY7k=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:16 2024 by rpki-client on console-ams.rpki-client.org