Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/ncL41ahM5lQlS0gQq1zunaKhsFo.roa
File: ncL41ahM5lQlS0gQq1zunaKhsFo.roa (raw, json)
Hash identifier: oZ8NlEb8R5Qe/GS4RiMs2yyDgF3LL5b46Ge0PNben88=
Subject key identifier: 9D:C2:F8:D5:A8:4C:E6:54:25:4B:48:10:AB:5C:EE:9D:A2:A1:B0:5A
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 01856C6F0091F43CEB1E697DAF55D7C5BAE4
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/ncL41ahM5lQlS0gQq1zunaKhsFo.roa
Signing time: Sun 01 Jan 2023 08:24:52 +0000
ROA not before: Sun 01 Jan 2023 08:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 2a0e:46c4:1447::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:00:91:f4:3c:eb:1e:69:7d:af:55:d7:c5:ba:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 08:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dc2f8d5a84ce654254b4810ab5cee9da2a1b05a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9e:45:a2:ef:10:d3:42:23:a3:7a:81:3c:61:
8d:fb:57:20:e8:da:da:5c:d4:3f:65:e1:bb:d8:1c:
c8:5e:d2:af:78:bc:43:f6:a4:ce:88:5b:e5:0a:fd:
cc:a3:68:d1:e5:49:ba:24:bc:0b:9a:9a:6e:9d:c1:
3c:2f:be:88:bd:3f:db:d4:04:17:bf:25:62:89:38:
48:a0:3b:0d:79:db:99:1c:dd:83:74:f4:07:84:ff:
b2:25:aa:21:77:f7:ae:1b:bc:a1:c1:14:36:04:35:
b6:59:98:3c:6e:b9:87:cf:fb:00:29:c6:4d:dc:96:
c8:94:df:f7:3c:86:ce:df:70:4c:8a:d4:b1:0a:3f:
c8:e1:9e:77:a8:3a:42:4b:6a:80:a1:d8:e2:12:b5:
1a:9d:b0:af:48:9f:f4:75:6e:e7:b0:37:2f:a5:ac:
7e:e9:ef:7c:95:9b:81:77:2d:28:6f:fa:31:f5:f6:
a6:ab:4a:61:0e:d3:d8:2e:bf:df:eb:e6:11:d2:ba:
ce:64:0d:3e:00:dd:a6:6b:0f:00:d7:71:de:51:7d:
70:d0:c0:6c:2f:60:07:e3:7f:fa:84:38:ee:b0:fb:
0b:3c:87:a7:15:4b:1c:eb:ae:11:2b:4c:82:7b:51:
5c:04:1e:83:d9:d8:06:a4:2b:99:06:ef:bc:88:a7:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C2:F8:D5:A8:4C:E6:54:25:4B:48:10:AB:5C:EE:9D:A2:A1:B0:5A
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/ncL41ahM5lQlS0gQq1zunaKhsFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:1447::/48
Signature Algorithm: sha256WithRSAEncryption
7c:2f:d2:0f:9d:32:3a:50:96:42:b3:15:ce:43:67:e1:a3:da:
3e:a3:1c:2f:bf:31:49:72:73:bb:c9:11:52:b9:f2:56:a6:c0:
cb:a8:c0:c2:c4:ae:65:fe:9c:52:de:5e:67:00:c1:57:83:1f:
d6:c4:95:e5:18:0d:e5:9e:ee:97:56:8b:68:9c:a1:45:c8:45:
a9:f3:02:f6:53:35:bb:a2:28:d4:ed:fc:20:de:3f:f5:ba:65:
18:b5:54:77:92:c2:12:41:2a:19:f1:db:ea:bc:63:d0:6d:8e:
0c:11:e4:50:62:7c:3f:87:67:86:40:34:4d:8e:9f:88:a8:d7:
17:97:b6:ba:8e:21:e8:ef:44:34:10:b6:c5:f4:d2:e1:13:ff:
1f:f3:48:65:4b:fd:21:59:69:aa:a2:d6:21:09:13:d5:ee:c8:
12:79:a3:40:d6:8e:5b:5b:dd:4d:a6:89:50:79:81:11:7c:46:
58:14:11:23:7b:2c:c6:6a:c4:fd:bb:81:aa:86:f8:48:9b:ec:
02:f7:c7:1c:54:bb:56:13:5b:7c:b7:fa:55:64:f6:ae:4b:7a:
dd:9e:6a:0f:b6:bd:71:46:21:2e:3f:d1:80:ba:ff:56:75:59:
c1:75:b7:96:de:1e:4a:94:1c:48:de:2d:49:25:cf:b0:7c:23:
f8:e3:93:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbwCR9DzrHml9r1XXxbrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMyZjhkNWE4NGNlNjU0MjU0YjQ4MTBhYjVjZWU5ZGEyYTFiMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ5Fou8Q00Ijo3qBPGGN+1cg6Nra
XNQ/ZeG72BzIXtKveLxD9qTOiFvlCv3Mo2jR5Um6JLwLmppuncE8L76IvT/b1AQX
vyViiThIoDsNeduZHN2DdPQHhP+yJaohd/euG7yhwRQ2BDW2WZg8brmHz/sAKcZN
3JbIlN/3PIbO33BMitSxCj/I4Z53qDpCS2qAodjiErUanbCvSJ/0dW7nsDcvpax+
6e98lZuBdy0ob/ox9famq0phDtPYLr/f6+YR0rrOZA0+AN2maw8A13HeUX1w0MBs
L2AH43/6hDjusPsLPIenFUsc664RK0yCe1FcBB6D2dgGpCuZBu+8iKfvtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3C+NWoTOZUJUtIEKtc7p2iobBaMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvbmNMNDFhaE01bFFsUzBnUXExenVuYUtoc0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg5GxBRH
MA0GCSqGSIb3DQEBCwUAA4IBAQB8L9IPnTI6UJZCsxXOQ2fho9o+oxwvvzFJcnO7
yRFSufJWpsDLqMDCxK5l/pxS3l5nAMFXgx/WxJXlGA3lnu6XVotonKFFyEWp8wL2
UzW7oijU7fwg3j/1umUYtVR3ksISQSoZ8dvqvGPQbY4MEeRQYnw/h2eGQDRNjp+I
qNcXl7a6jiHo70Q0ELbF9NLhE/8f80hlS/0hWWmqotYhCRPV7sgSeaNA1o5bW91N
polQeYERfEZYFBEjeyzGasT9u4GqhvhIm+wC98ccVLtWE1t8t/pVZPauS3rdnmoP
tr1xRiEuP9GAuv9WdVnBdbeW3h5KlBxI3i1JJc+wfCP445Pa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:15 2024 by rpki-client on console-fra.rpki-client.org