Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/Nk1AS_txa-Me2VAbEHDQbBVfyqE.roa
File: Nk1AS_txa-Me2VAbEHDQbBVfyqE.roa (raw, json)
Hash identifier: chtTFKf2SsrDh/htoqJNZILJufFAjZ4UbwdMhpwAjU0=
Subject key identifier: 36:4D:40:4B:FB:71:6B:E3:1E:D9:50:1B:10:70:D0:6C:15:5F:CA:A1
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 01915824EA46EA26689C10A46E828A09F02A
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/Nk1AS_txa-Me2VAbEHDQbBVfyqE.roa
Signing time: Thu 15 Aug 2024 22:24:59 +0000
ROA not before: Thu 15 Aug 2024 22:24:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395747
IP address blocks: 2a06:98c0:1c00::/48 maxlen: 48
2a06:98c0:1c01::/48 maxlen: 48
2a06:98c0:1c0b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Sep 2024 10:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:58:24:ea:46:ea:26:68:9c:10:a4:6e:82:8a:09:f0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Aug 15 22:24:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=364d404bfb716be31ed9501b1070d06c155fcaa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:10:3f:38:4a:2c:bf:a1:28:5e:20:04:81:ba:
da:e7:11:a9:9a:fc:c6:ca:66:e3:27:b9:c7:a7:d4:
66:a2:e3:4a:e5:88:e2:cf:1c:36:d0:20:be:57:80:
85:f2:b1:12:43:5f:5d:c2:a0:dc:58:2d:a1:95:0b:
08:e1:5e:a8:55:71:af:35:c1:a7:bc:4a:fc:1b:e7:
3e:b3:00:b7:8e:b2:95:62:ee:c7:6c:d6:2d:9a:99:
49:ec:d1:22:75:4b:b7:7d:4b:ae:ad:5a:54:26:08:
82:b7:0c:c5:37:19:3f:17:19:c4:6e:67:31:57:75:
d3:09:e5:2d:f4:b3:68:9e:c8:3b:fd:57:b8:f0:50:
86:49:d2:f1:3f:bb:27:eb:d6:40:47:bf:8e:18:d2:
0a:05:ca:09:68:6d:e3:8b:a2:8b:6d:dc:d5:47:e0:
cd:73:49:8f:de:0b:04:7b:65:80:58:86:78:38:89:
c9:02:ef:1f:19:5a:0e:b0:94:0a:07:fb:58:e2:52:
d5:18:70:4a:a5:e7:d4:01:d6:4c:59:f1:a0:6c:b1:
95:44:59:bb:40:4b:bc:26:c5:b7:36:35:02:09:fc:
d2:7d:d6:3b:e9:2d:0b:11:2b:7a:66:5c:22:74:bb:
11:d4:44:5e:c8:e6:ee:77:75:ae:69:cc:d2:2a:72:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4D:40:4B:FB:71:6B:E3:1E:D9:50:1B:10:70:D0:6C:15:5F:CA:A1
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/Nk1AS_txa-Me2VAbEHDQbBVfyqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:98c0:1c00::/47
2a06:98c0:1c0b::/48
Signature Algorithm: sha256WithRSAEncryption
3c:32:db:79:66:db:ec:cb:ad:8c:5f:69:11:1f:2d:fe:56:3e:
4d:0e:22:05:c7:61:14:38:85:27:7b:46:da:85:48:e3:50:b5:
1a:ae:d6:e2:c7:27:b2:3b:56:51:77:70:6b:af:5f:43:5f:4e:
5e:b1:e4:c7:14:d5:13:01:55:d9:1e:f5:0f:27:b4:3f:6a:11:
01:26:a4:57:b1:42:2f:87:4c:f3:50:a9:64:8b:8e:e1:f6:7b:
09:01:65:c8:a3:21:c6:34:1f:25:e5:4d:8b:55:cf:0d:a9:14:
d7:eb:32:6a:23:ce:89:69:4a:96:8b:15:db:3a:4c:ac:0f:4b:
65:57:a4:41:5c:60:17:03:01:8e:00:e8:a7:85:b0:5c:27:69:
f2:51:3b:97:31:f0:31:65:f1:95:03:c6:f8:21:84:35:3f:0a:
de:06:1c:09:7b:dc:c6:6f:98:e4:28:5d:a2:5d:a6:a3:cd:79:
20:93:2c:5a:6a:f7:fd:4b:4c:45:54:eb:4d:0a:89:c3:23:b6:
86:c9:92:68:c2:3e:d1:14:1a:69:7d:8b:eb:a3:a5:08:fb:21:
c6:52:d0:2a:bf:09:c3:69:ac:1e:7b:a3:33:c4:13:9a:9c:bb:
47:36:43:5f:9c:93:c0:a7:1e:31:89:14:b5:2b:52:9c:d2:78:
c0:72:5f:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFYJOpG6iZonBCkboKKCfAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjQwODE1MjIyNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRkNDA0YmZiNzE2YmUzMWVkOTUwMWIxMDcwZDA2YzE1NWZjYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhA/OEosv6EoXiAEgbra5xGpmvzG
ymbjJ7nHp9RmouNK5Yjizxw20CC+V4CF8rESQ19dwqDcWC2hlQsI4V6oVXGvNcGn
vEr8G+c+swC3jrKVYu7HbNYtmplJ7NEidUu3fUuurVpUJgiCtwzFNxk/FxnEbmcx
V3XTCeUt9LNonsg7/Ve48FCGSdLxP7sn69ZAR7+OGNIKBcoJaG3ji6KLbdzVR+DN
c0mP3gsEe2WAWIZ4OInJAu8fGVoOsJQKB/tY4lLVGHBKpefUAdZMWfGgbLGVRFm7
QEu8JsW3NjUCCfzSfdY76S0LESt6ZlwidLsR1EReyObud3WuaczSKnLGQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZNQEv7cWvjHtlQGxBw0GwVX8qhMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvTmsxQVNfdHhhLU1lMlZBYkVIRFFiQlZmeXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgaYwBwA
AwcAKgaYwBwLMA0GCSqGSIb3DQEBCwUAA4IBAQA8Mtt5Ztvsy62MX2kRHy3+Vj5N
DiIFx2EUOIUne0bahUjjULUartbixyeyO1ZRd3Brr19DX05eseTHFNUTAVXZHvUP
J7Q/ahEBJqRXsUIvh0zzUKlki47h9nsJAWXIoyHGNB8l5U2LVc8NqRTX6zJqI86J
aUqWixXbOkysD0tlV6RBXGAXAwGOAOinhbBcJ2nyUTuXMfAxZfGVA8b4IYQ1Pwre
BhwJe9zGb5jkKF2iXaajzXkgkyxaavf9S0xFVOtNConDI7aGyZJowj7RFBppfYvr
o6UI+yHGUtAqvwnDaawee6MzxBOanLtHNkNfnJPApx4xiRS1K1Kc0njAcl8C
-----END CERTIFICATE-----
Generated at Thu Sep 5 13:05:01 2024 by rpki-client on console-fra.rpki-client.org