Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/a142a9-a00a-4235-b71f-e6b20b09f866/1/nddLOA-Q4Oulx2lYE3IlgqM-vG4.roa
File: nddLOA-Q4Oulx2lYE3IlgqM-vG4.roa (raw, json)
Hash identifier: ZH+2hol5l0KIVcV+j15T+0q0+zYWDFzNx8f5Ch6Y8WU=
Subject key identifier: 9D:D7:4B:38:0F:90:E0:EB:A5:C7:69:58:13:72:25:82:A3:3E:BC:6E
Certificate issuer: /CN=ef7e5c75f648ac692b14bc222e2c180c863b45e2
Certificate serial: 01933F74A7F74F96F4442B3212A6EE09521D
Authority key identifier: EF:7E:5C:75:F6:48:AC:69:2B:14:BC:22:2E:2C:18:0C:86:3B:45:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/735cdfZIrGkrFLwiLiwYDIY7ReI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/a142a9-a00a-4235-b71f-e6b20b09f866/1/nddLOA-Q4Oulx2lYE3IlgqM-vG4.roa
Signing time: Mon 18 Nov 2024 13:27:09 +0000
ROA not before: Mon 18 Nov 2024 13:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213852
IP address blocks: 2a13:bf00::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:74:a7:f7:4f:96:f4:44:2b:32:12:a6:ee:09:52:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7e5c75f648ac692b14bc222e2c180c863b45e2
Validity
Not Before: Nov 18 13:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd74b380f90e0eba5c7695813722582a33ebc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f4:9e:54:5f:80:49:c4:3c:7a:d7:67:83:4a:
0c:af:77:8f:75:d0:0f:d7:a0:73:b8:7e:de:30:06:
99:3b:ef:4a:40:a3:6f:a4:9b:26:1c:da:56:be:c4:
70:75:eb:2c:a9:f7:5b:c7:fc:0c:9f:21:66:19:a9:
28:73:9f:ac:f9:2e:e6:71:0e:1e:22:9e:a7:fc:34:
4f:53:61:61:a5:8e:bf:94:4a:e9:8c:c3:87:0f:2a:
f4:d9:da:b4:93:b0:1e:d3:53:bd:77:5c:13:fd:47:
b2:11:95:cd:a1:f4:94:24:9f:98:c4:85:22:7a:f6:
1b:05:f0:01:83:87:bd:3b:cf:b7:38:aa:5f:80:c7:
ad:f9:d0:a4:84:fb:40:be:4e:bc:0c:95:31:8f:bb:
18:ac:14:52:fa:24:b5:3b:0d:bf:98:8a:70:d9:43:
39:5c:c7:c7:82:ca:30:c9:75:8e:1e:88:83:51:b2:
24:3a:fc:49:ca:b3:ea:3b:53:c7:09:8a:71:e2:6f:
37:8d:67:27:07:4d:ac:5a:9b:df:e2:bb:05:fb:a1:
68:f8:1e:29:2f:6d:42:5f:e3:bc:4d:cc:52:15:b2:
5a:2a:56:6b:d7:04:18:86:ec:59:93:c0:95:5b:c9:
49:c7:66:1c:84:57:3c:71:77:6f:fb:0c:b1:03:85:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D7:4B:38:0F:90:E0:EB:A5:C7:69:58:13:72:25:82:A3:3E:BC:6E
X509v3 Authority Key Identifier:
keyid:EF:7E:5C:75:F6:48:AC:69:2B:14:BC:22:2E:2C:18:0C:86:3B:45:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/735cdfZIrGkrFLwiLiwYDIY7ReI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/a142a9-a00a-4235-b71f-e6b20b09f866/1/nddLOA-Q4Oulx2lYE3IlgqM-vG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/a142a9-a00a-4235-b71f-e6b20b09f866/1/735cdfZIrGkrFLwiLiwYDIY7ReI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bf00::/48
Signature Algorithm: sha256WithRSAEncryption
0c:92:ac:1b:5c:60:fa:f1:40:0c:4c:1b:6d:76:ef:54:84:6c:
2f:bc:0f:ca:ef:f9:90:ec:fe:71:b2:33:76:a2:35:f6:10:a5:
59:ec:36:3c:8a:1c:ee:f0:72:7b:b5:56:75:b6:85:51:4a:0c:
3d:6f:7a:fa:56:df:11:83:43:1a:46:0b:c8:06:f7:71:97:b0:
04:a1:18:92:cc:df:ad:1f:39:85:d2:6a:e2:ea:1b:c9:4e:20:
86:4f:bd:5f:0f:ae:8c:27:da:fe:97:78:9a:32:e4:87:2c:d3:
b7:3d:d9:b3:5f:14:8e:29:19:cc:21:ff:0e:9f:72:cd:87:97:
af:95:ee:cf:00:a2:6b:ba:0e:18:e9:08:29:02:2a:42:56:66:
d4:31:53:85:6c:95:16:1b:bc:29:15:18:2a:ac:0f:a4:55:2a:
52:83:66:e7:db:5b:31:c5:03:af:a4:07:f7:e4:04:74:95:e4:
75:78:0b:30:16:0f:06:29:6f:2c:7e:82:ed:76:99:b9:55:58:
69:51:b7:4e:7b:5a:68:dd:fc:be:19:85:bf:17:ae:0b:72:d7:
2c:51:9d:02:62:41:1e:0a:04:11:8b:54:c3:64:86:f4:ed:7e:
94:08:e3:64:d9:31:4d:3c:12:54:53:21:64:37:7e:b2:27:02:
40:32:ee:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZM/dKf3T5b0RCsyEqbuCVIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2U1Yzc1ZjY0OGFjNjkyYjE0YmMyMjJlMmMxODBjODYz
YjQ1ZTIwHhcNMjQxMTE4MTMyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ3NGIzODBmOTBlMGViYTVjNzY5NTgxMzcyMjU4MmEzM2ViYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvSeVF+AScQ8etdng0oMr3ePddAP
16BzuH7eMAaZO+9KQKNvpJsmHNpWvsRwdessqfdbx/wMnyFmGakoc5+s+S7mcQ4e
Ip6n/DRPU2FhpY6/lErpjMOHDyr02dq0k7Ae01O9d1wT/UeyEZXNofSUJJ+YxIUi
evYbBfABg4e9O8+3OKpfgMet+dCkhPtAvk68DJUxj7sYrBRS+iS1Ow2/mIpw2UM5
XMfHgsowyXWOHoiDUbIkOvxJyrPqO1PHCYpx4m83jWcnB02sWpvf4rsF+6Fo+B4p
L21CX+O8TcxSFbJaKlZr1wQYhuxZk8CVW8lJx2YchFc8cXdv+wyxA4XlsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3XSzgPkODrpcdpWBNyJYKjPrxuMB8GA1UdIwQY
MBaAFO9+XHX2SKxpKxS8Ii4sGAyGO0XiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzM1Y2RmWklyR2tyRkx3aUxpd1lESVk3UmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9hMTQyYTktYTAwYS00MjM1LWI3MWYt
ZTZiMjBiMDlmODY2LzEvbmRkTE9BLVE0T3VseDJsWUUzSWxncU0tdkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9hMTQyYTktYTAwYS00MjM1LWI3MWYtZTZiMjBiMDlmODY2
LzEvNzM1Y2RmWklyR2tyRkx3aUxpd1lESVk3UmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhO/AAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMkqwbXGD68UAMTBttdu9UhGwvvA/K7/mQ7P5x
sjN2ojX2EKVZ7DY8ihzu8HJ7tVZ1toVRSgw9b3r6Vt8Rg0MaRgvIBvdxl7AEoRiS
zN+tHzmF0mri6hvJTiCGT71fD66MJ9r+l3iaMuSHLNO3PdmzXxSOKRnMIf8On3LN
h5evle7PAKJrug4Y6QgpAipCVmbUMVOFbJUWG7wpFRgqrA+kVSpSg2bn21sxxQOv
pAf35AR0leR1eAswFg8GKW8sfoLtdpm5VVhpUbdOe1po3fy+GYW/F64LctcsUZ0C
YkEeCgQRi1TDZIb07X6UCONk2TFNPBJUUyFkN36yJwJAMu4t
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:11 2025 by rpki-client