Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/NRfGQyfNOaD5lGk1c4v8_eyUPoM.roa
File: NRfGQyfNOaD5lGk1c4v8_eyUPoM.roa (raw, json)
Hash identifier: 5qVvHdLmA+TqW1rDwNAnOssnQCsMDxGtQ1EZ4cTls/c=
Subject key identifier: 35:17:C6:43:27:CD:39:A0:F9:94:69:35:73:8B:FC:FD:EC:94:3E:83
Certificate issuer: /CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71
Certificate serial: 0185708CC633CEBA2E1C1CD7ED8F4DA23446
Authority key identifier: 5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/NRfGQyfNOaD5lGk1c4v8_eyUPoM.roa
Signing time: Mon 02 Jan 2023 03:35:52 +0000
ROA not before: Mon 02 Jan 2023 03:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204617
IP address blocks: 2001:67c:a0c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c6:33:ce:ba:2e:1c:1c:d7:ed:8f:4d:a2:34:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71
Validity
Not Before: Jan 2 03:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3517c64327cd39a0f9946935738bfcfdec943e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b4:7a:e3:fc:5c:e6:84:ae:54:4e:58:5a:43:
e8:af:ca:dc:19:4b:81:34:d7:e8:98:47:48:05:41:
bf:d4:ee:2c:4e:89:41:cc:e0:cd:67:d3:4a:bd:3c:
48:22:dd:d7:98:d2:3f:b7:1f:da:05:8b:e8:11:f4:
c9:ba:35:a0:d2:40:cb:b5:d6:47:74:47:c9:de:6e:
77:23:e3:7d:82:6d:19:c3:d2:8f:2e:75:dd:74:8d:
9c:1f:c2:04:7f:82:eb:86:7e:c1:b7:5b:bf:9d:fa:
26:47:86:d7:1e:de:97:5d:16:7b:2b:a9:8b:79:7a:
81:20:22:a8:8e:08:f3:9b:c6:6a:5f:ce:4f:28:ff:
52:c8:8d:30:28:1d:5d:0f:51:5c:ba:72:56:91:f5:
31:75:20:4e:9e:79:0a:97:63:16:66:74:90:b0:8a:
0c:3e:d8:fc:27:19:67:36:20:e8:ba:8e:a0:7c:c1:
cb:07:b4:08:67:ef:e9:e7:41:5e:34:bc:04:da:5d:
6a:ca:6e:e8:b7:16:df:ce:b0:2b:dd:a2:b7:05:cb:
df:d5:ed:47:f0:05:a7:ea:41:86:41:20:94:cf:8d:
14:fc:f4:87:56:67:8d:67:ba:62:8d:38:de:ce:c6:
a3:23:b7:51:d9:2b:c1:25:23:24:95:ff:09:34:d3:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:17:C6:43:27:CD:39:A0:F9:94:69:35:73:8B:FC:FD:EC:94:3E:83
X509v3 Authority Key Identifier:
keyid:5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/NRfGQyfNOaD5lGk1c4v8_eyUPoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/W0tFLb_UxwS9qcwqTpFfRxkqf3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a0c::/48
Signature Algorithm: sha256WithRSAEncryption
c3:6d:06:e3:ee:52:af:1b:8f:17:b2:10:5d:60:f7:e0:d8:a7:
24:98:0e:8a:4a:eb:18:b6:66:8d:22:ae:a9:cc:89:22:02:44:
be:f3:44:74:ac:7c:69:f9:04:52:5b:3f:90:ed:53:5b:5d:11:
1b:55:51:77:45:fe:50:7e:32:52:16:63:aa:03:80:40:ae:00:
5a:30:24:01:f4:5b:a2:15:32:97:35:05:a1:22:8d:51:31:0f:
96:bc:3b:56:37:db:a5:ee:10:d1:ed:5c:08:a3:cf:ab:ab:23:
62:2e:02:af:22:fb:71:1d:5a:be:c1:4b:5a:3d:05:3f:89:8c:
9e:2c:54:79:19:70:d8:e7:20:71:dd:7e:78:ea:cd:f6:6d:a2:
cd:67:62:28:e8:77:3b:ed:db:00:78:66:69:be:6a:22:92:ae:
fb:47:82:ae:bd:65:f1:ed:1d:46:f8:98:39:a0:6a:a4:e8:a0:
1e:78:56:16:01:8f:68:4a:c6:a1:96:b2:a3:f0:2d:57:4b:50:
31:a8:c3:e2:b5:d4:17:89:29:8b:10:05:f7:08:bc:40:6c:eb:
aa:e0:86:b7:99:f6:26:a7:4d:7d:ef:2c:8b:bd:f5:66:4d:c5:
d7:bd:61:0a:a2:f1:b7:76:bf:75:25:a1:af:99:5f:c7:c4:dc:
c3:bb:c5:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwjMYzzrouHBzX7Y9NojRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNGI0NTJkYmZkNGM3MDRiZGE5Y2MyYTRlOTE1ZjQ3MTky
YTdmNzEwHhcNMjMwMTAyMDMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE3YzY0MzI3Y2QzOWEwZjk5NDY5MzU3MzhiZmNmZGVjOTQzZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLR64/xc5oSuVE5YWkPor8rcGUuB
NNfomEdIBUG/1O4sTolBzODNZ9NKvTxIIt3XmNI/tx/aBYvoEfTJujWg0kDLtdZH
dEfJ3m53I+N9gm0Zw9KPLnXddI2cH8IEf4Lrhn7Bt1u/nfomR4bXHt6XXRZ7K6mL
eXqBICKojgjzm8ZqX85PKP9SyI0wKB1dD1FcunJWkfUxdSBOnnkKl2MWZnSQsIoM
Ptj8JxlnNiDouo6gfMHLB7QIZ+/p50FeNLwE2l1qym7otxbfzrAr3aK3Bcvf1e1H
8AWn6kGGQSCUz40U/PSHVmeNZ7pijTjezsajI7dR2SvBJSMklf8JNNMQVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDUXxkMnzTmg+ZRpNXOL/P3slD6DMB8GA1UdIwQY
MBaAFFtLRS2/1McEvanMKk6RX0cZKn9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgt
ZTU4ZWRjNDJmMDRjLzEvTlJmR1F5Zk5PYUQ1bEdrMWM0djhfZXlVUG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgtZTU4ZWRjNDJmMDRj
LzEvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoM
MA0GCSqGSIb3DQEBCwUAA4IBAQDDbQbj7lKvG48XshBdYPfg2KckmA6KSusYtmaN
Iq6pzIkiAkS+80R0rHxp+QRSWz+Q7VNbXREbVVF3Rf5QfjJSFmOqA4BArgBaMCQB
9FuiFTKXNQWhIo1RMQ+WvDtWN9ul7hDR7VwIo8+rqyNiLgKvIvtxHVq+wUtaPQU/
iYyeLFR5GXDY5yBx3X546s32baLNZ2Io6Hc77dsAeGZpvmoikq77R4KuvWXx7R1G
+Jg5oGqk6KAeeFYWAY9oSsahlrKj8C1XS1AxqMPitdQXiSmLEAX3CLxAbOuq4Ia3
mfYmp0197yyLvfVmTcXXvWEKovG3dr91JaGvmV/HxNzDu8XE
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:33 2024 by rpki-client on console-fra.rpki-client.org