Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/NxFSnGkTG2WOep6Oax6n36kJIR0.roa
File: NxFSnGkTG2WOep6Oax6n36kJIR0.roa (raw, json)
Hash identifier: b4GQQN2k4fKQBZ2cRkkpfbLQtioB6X4Cn2ioaDxjlWE=
Subject key identifier: 37:11:52:9C:69:13:1B:65:8E:7A:9E:8E:6B:1E:A7:DF:A9:09:21:1D
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0192A59C9B0BAA76760A05A4359A62196619
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/NxFSnGkTG2WOep6Oax6n36kJIR0.roa
Signing time: Sat 19 Oct 2024 16:29:16 +0000
ROA not before: Sat 19 Oct 2024 16:29:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206058
IP address blocks: 2a12:7a40:3221::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Oct 2024 09:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a5:9c:9b:0b:aa:76:76:0a:05:a4:35:9a:62:19:66:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Oct 19 16:29:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3711529c69131b658e7a9e8e6b1ea7dfa909211d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bb:ed:2b:1c:52:f9:dd:24:e4:94:bc:d9:77:
37:25:8c:fb:40:7a:2f:04:cf:23:03:3f:4b:2a:c0:
e2:6b:a6:7f:72:b4:18:f7:93:c1:5b:52:6d:22:19:
08:37:eb:83:1e:b7:09:bb:c0:d3:da:8a:6f:ad:55:
44:38:d8:60:51:a9:38:e3:ce:6f:c0:9a:41:4b:5b:
b5:2b:f6:5f:fc:62:2b:08:5f:75:43:6d:2d:3d:0a:
4b:f8:32:22:02:d7:7e:9a:37:a0:11:97:fe:e8:cc:
ee:c1:62:3a:dd:a9:98:4b:df:8f:76:c1:80:d9:01:
54:0a:32:ca:9c:54:89:7c:12:6f:1f:c3:6c:1e:b7:
c3:73:41:89:aa:6e:3d:87:95:7a:b7:8c:07:66:02:
40:6e:ad:b1:34:3c:ba:5c:57:aa:63:06:e2:98:b2:
9a:f8:09:6f:ca:55:1d:73:1c:35:90:ac:99:f1:64:
40:42:0d:a3:ef:67:42:4a:44:11:84:c7:ca:3c:a0:
4f:2a:de:85:f3:69:4c:7d:7a:12:2e:db:ee:ce:8e:
02:b9:cb:ad:c8:c1:17:b1:fb:9e:78:47:b1:de:20:
b3:7a:63:be:31:8a:90:b2:7a:5d:cc:99:54:1f:ec:
ff:69:8f:a4:e7:16:31:ea:c9:19:9b:be:db:23:d3:
80:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:11:52:9C:69:13:1B:65:8E:7A:9E:8E:6B:1E:A7:DF:A9:09:21:1D
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/NxFSnGkTG2WOep6Oax6n36kJIR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:3221::/48
Signature Algorithm: sha256WithRSAEncryption
0c:f1:0e:87:1c:68:c0:32:56:e6:22:39:ab:76:62:33:5a:eb:
fc:c0:0d:c9:c6:c5:09:d4:17:6f:25:37:22:45:bd:8f:a9:05:
4d:80:f3:55:de:cc:6c:d9:7e:04:90:fe:11:ff:b0:bb:0e:45:
d6:1b:4f:f8:73:cb:c9:3b:f6:05:1d:3a:f6:f2:a5:62:31:0a:
22:87:8e:a7:8d:6b:e9:56:a9:bd:39:ad:69:88:4d:63:24:9f:
7e:3f:f1:65:2f:88:3c:e4:3c:ec:11:90:62:33:f0:4b:d2:87:
5a:64:73:71:a9:67:ec:f4:78:10:7e:be:37:24:af:03:9e:71:
7f:19:e0:a6:80:c4:b1:f9:e5:10:eb:8b:58:dd:5a:d4:00:78:
88:01:3c:f4:31:98:eb:5a:8d:2d:e1:48:f6:25:b5:5f:8e:87:
be:80:8c:1b:7e:cd:3a:ba:8e:c8:56:d7:d3:75:c6:f9:c6:73:
73:10:d6:40:be:d1:dc:41:d2:fc:77:0a:95:0c:44:2d:97:31:
ed:25:82:17:bc:39:e6:76:e6:f6:ab:d0:7d:aa:a6:f7:20:f5:
3b:b1:6a:46:2f:93:04:37:56:14:01:de:62:72:d7:b1:1b:1f:
7e:fc:a4:cc:23:6f:d8:09:61:43:61:22:9f:d8:2c:ac:6f:71:
24:3e:d2:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZKlnJsLqnZ2CgWkNZpiGWYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMDE5MTYyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzExNTI5YzY5MTMxYjY1OGU3YTllOGU2YjFlYTdkZmE5MDkyMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrvtKxxS+d0k5JS82Xc3JYz7QHov
BM8jAz9LKsDia6Z/crQY95PBW1JtIhkIN+uDHrcJu8DT2opvrVVEONhgUak4485v
wJpBS1u1K/Zf/GIrCF91Q20tPQpL+DIiAtd+mjegEZf+6MzuwWI63amYS9+PdsGA
2QFUCjLKnFSJfBJvH8NsHrfDc0GJqm49h5V6t4wHZgJAbq2xNDy6XFeqYwbimLKa
+AlvylUdcxw1kKyZ8WRAQg2j72dCSkQRhMfKPKBPKt6F82lMfXoSLtvuzo4Cucut
yMEXsfueeEex3iCzemO+MYqQsnpdzJlUH+z/aY+k5xYx6skZm77bI9OA7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDcRUpxpExtljnqejmsep9+pCSEdMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvTnhGU25Ha1RHMldPZXA2T2F4Nm4zNmtKSVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJ6QDIh
MA0GCSqGSIb3DQEBCwUAA4IBAQAM8Q6HHGjAMlbmIjmrdmIzWuv8wA3JxsUJ1Bdv
JTciRb2PqQVNgPNV3sxs2X4EkP4R/7C7DkXWG0/4c8vJO/YFHTr28qViMQoih46n
jWvpVqm9Oa1piE1jJJ9+P/FlL4g85DzsEZBiM/BL0odaZHNxqWfs9HgQfr43JK8D
nnF/GeCmgMSx+eUQ64tY3VrUAHiIATz0MZjrWo0t4Uj2JbVfjoe+gIwbfs06uo7I
VtfTdcb5xnNzENZAvtHcQdL8dwqVDEQtlzHtJYIXvDnmdub2q9B9qqb3IPU7sWpG
L5MEN1YUAd5ictexGx9+/KTMI2/YCWFDYSKf2Cysb3EkPtJK
-----END CERTIFICATE-----
Generated at Mon Oct 28 12:17:12 2024 by rpki-client on console-ams.rpki-client.org