Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/nFjpZ8tyoDho4W7jIKMOVPxKE3U.roa
File: nFjpZ8tyoDho4W7jIKMOVPxKE3U.roa (raw, json)
Hash identifier: VUWfhfpYIewaeuImTVR3MsdUzOK4TdRNfeWaC7nyJcI=
Subject key identifier: 9C:58:E9:67:CB:72:A0:38:68:E1:6E:E3:20:A3:0E:54:FC:4A:13:75
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018571D7CB2FCC9620C82DFFD55BD9E00921
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/nFjpZ8tyoDho4W7jIKMOVPxKE3U.roa
Signing time: Mon 02 Jan 2023 09:37:25 +0000
ROA not before: Mon 02 Jan 2023 09:37:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37153
IP address blocks: 2a11:840:32::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:cb:2f:cc:96:20:c8:2d:ff:d5:5b:d9:e0:09:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 09:37:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c58e967cb72a03868e16ee320a30e54fc4a1375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:f1:fe:c2:ce:97:74:35:a7:24:9b:b7:4f:
f1:8a:38:29:e3:32:03:63:92:99:6f:4e:dc:3a:a5:
e6:67:db:d5:33:56:45:9c:e1:1d:f1:67:03:eb:4e:
a6:ac:f2:67:06:52:36:5c:ef:2e:ed:36:8b:94:9c:
78:eb:42:94:41:fe:c4:a7:cd:a9:82:94:b1:55:f3:
fa:8e:c8:ef:b7:c0:84:e1:09:00:36:8f:09:86:20:
d6:2f:88:d8:9d:06:0e:a0:1a:76:5b:8a:f2:49:54:
cb:19:d0:4b:ac:0b:49:78:b9:f8:bb:27:57:35:d5:
97:88:b2:05:9d:d8:b5:90:64:d1:8a:f6:70:4f:a2:
14:23:d7:a9:73:41:6a:b1:fa:66:5b:84:23:f1:fd:
16:d3:e4:83:9a:32:50:a7:a7:ad:6d:1c:7a:ba:c3:
72:9a:18:52:17:ff:9c:4b:da:49:e9:d4:3a:ec:d5:
d1:78:52:4f:3c:b6:ec:47:a9:05:54:3c:c5:35:fa:
dc:d6:44:86:d1:0b:72:9e:65:38:b1:df:e8:aa:a0:
99:af:e8:3f:50:44:5d:a1:43:65:5a:f6:07:20:0e:
39:65:c5:a7:f0:00:e7:cc:e1:0c:e0:00:ef:a0:85:
1c:22:78:78:31:c2:07:75:6b:8a:80:db:13:1d:7e:
cf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:58:E9:67:CB:72:A0:38:68:E1:6E:E3:20:A3:0E:54:FC:4A:13:75
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/nFjpZ8tyoDho4W7jIKMOVPxKE3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:32::/48
Signature Algorithm: sha256WithRSAEncryption
40:33:ae:71:a0:a5:2c:90:36:2f:20:4c:08:1e:81:80:f1:01:
1d:a0:85:f0:14:ab:3c:cc:4d:c4:e3:f3:74:3e:a1:c0:dc:de:
39:52:e9:4f:4e:a7:23:9f:69:13:9c:21:03:7f:19:e6:46:21:
61:0d:6c:55:96:db:ff:93:d0:18:57:ee:a3:94:8f:98:f2:6b:
f8:57:84:ff:63:33:8f:e8:3d:cc:5c:37:75:98:7e:8c:9c:6f:
8f:d7:93:aa:26:5a:89:09:4e:6a:1e:3b:f6:fd:fb:2e:c4:bb:
24:6e:ff:18:8d:75:64:05:19:2b:bb:72:03:42:c7:e0:ce:91:
cc:45:de:0b:5a:05:a1:bd:bd:fb:8c:86:37:65:fb:bb:ad:d5:
0f:f0:00:a5:72:13:96:75:40:ec:fd:73:ae:3a:a2:13:ab:f3:
46:c4:30:a9:3a:63:f9:50:3e:1a:7e:cf:2a:13:a8:cb:87:4e:
52:2b:97:a3:19:13:61:05:3e:1e:dd:c5:2b:dd:a7:3c:9b:d2:
b1:2a:5e:3d:fb:b6:85:a3:76:3b:54:79:fa:17:dc:7a:85:12:
e4:9e:86:ae:a8:9e:fc:46:cb:4a:a3:9a:a6:e2:d5:d5:f1:bc:
fe:da:47:ed:38:7f:20:74:1e:30:5f:50:af:72:c2:ab:92:bc:
dc:de:13:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx18svzJYgyC3/1VvZ4AkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwMTAyMDkzNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU4ZTk2N2NiNzJhMDM4NjhlMTZlZTMyMGEzMGU1NGZjNGExMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq/x/sLOl3Q1pySbt0/xijgp4zID
Y5KZb07cOqXmZ9vVM1ZFnOEd8WcD606mrPJnBlI2XO8u7TaLlJx460KUQf7Ep82p
gpSxVfP6jsjvt8CE4QkANo8JhiDWL4jYnQYOoBp2W4rySVTLGdBLrAtJeLn4uydX
NdWXiLIFndi1kGTRivZwT6IUI9epc0FqsfpmW4Qj8f0W0+SDmjJQp6etbRx6usNy
mhhSF/+cS9pJ6dQ67NXReFJPPLbsR6kFVDzFNfrc1kSG0QtynmU4sd/oqqCZr+g/
UERdoUNlWvYHIA45ZcWn8ADnzOEM4ADvoIUcInh4McIHdWuKgNsTHX7P+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJxY6WfLcqA4aOFu4yCjDlT8ShN1MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvbkZqcFo4dHlvRGhvNFc3aklLTU9WUHhLRTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAy
MA0GCSqGSIb3DQEBCwUAA4IBAQBAM65xoKUskDYvIEwIHoGA8QEdoIXwFKs8zE3E
4/N0PqHA3N45UulPTqcjn2kTnCEDfxnmRiFhDWxVltv/k9AYV+6jlI+Y8mv4V4T/
YzOP6D3MXDd1mH6MnG+P15OqJlqJCU5qHjv2/fsuxLskbv8YjXVkBRkru3IDQsfg
zpHMRd4LWgWhvb37jIY3Zfu7rdUP8AClchOWdUDs/XOuOqITq/NGxDCpOmP5UD4a
fs8qE6jLh05SK5ejGRNhBT4e3cUr3ac8m9KxKl49+7aFo3Y7VHn6F9x6hRLknoau
qJ78RstKo5qm4tXV8bz+2kftOH8gdB4wX1CvcsKrkrzc3hPo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org