Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/NIkD1EmOHCwVBv7JiHptDSbdTJY.roa
File: NIkD1EmOHCwVBv7JiHptDSbdTJY.roa (raw, json)
Hash identifier: k5zL+hZWO4IFJsdSguKzoNPsfkjxsjsmyrv/XK1V+aE=
Subject key identifier: 34:89:03:D4:49:8E:1C:2C:15:06:FE:C9:88:7A:6D:0D:26:DD:4C:96
Certificate issuer: /CN=d4336d5e74f1f8b7db1329f00bb857241ae74d19
Certificate serial: 01917A80BB02E21AC926382F67C03E4843FD
Authority key identifier: D4:33:6D:5E:74:F1:F8:B7:DB:13:29:F0:0B:B8:57:24:1A:E7:4D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DNtXnTx-LfbEynwC7hXJBrnTRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/NIkD1EmOHCwVBv7JiHptDSbdTJY.roa
Signing time: Thu 22 Aug 2024 14:32:22 +0000
ROA not before: Thu 22 Aug 2024 14:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214319
IP address blocks: 2a01:e680::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 12:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:80:bb:02:e2:1a:c9:26:38:2f:67:c0:3e:48:43:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4336d5e74f1f8b7db1329f00bb857241ae74d19
Validity
Not Before: Aug 22 14:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=348903d4498e1c2c1506fec9887a6d0d26dd4c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9c:9a:b4:2a:23:3f:2a:25:97:00:e5:9c:91:
b9:6a:81:78:26:d7:f7:95:53:2a:0e:96:17:f0:f7:
af:4f:2d:a8:9c:27:4c:2e:de:ff:96:d7:3f:9d:17:
77:b4:ca:b4:f7:8a:ea:0a:26:03:e7:5e:ee:ce:70:
5f:b9:9c:bc:f1:49:d6:6e:30:d3:fe:f4:09:8c:6e:
72:71:a3:c9:e9:f9:1d:7c:2c:39:58:bc:64:37:e3:
3f:10:f9:07:1f:06:6e:cc:58:d7:b5:61:b8:aa:1e:
fe:f9:d6:62:59:ff:e3:b9:62:0f:0e:96:c2:1a:9e:
95:e6:12:c8:37:e1:7b:49:ca:27:ad:e9:71:30:f6:
87:62:7c:57:57:d6:04:3a:13:cb:c0:4d:ca:83:c9:
68:b9:47:56:db:61:2e:df:a6:7a:2e:40:d6:ee:43:
d7:89:2b:a2:f3:ee:24:ba:7e:00:38:9e:2a:57:b4:
fc:96:80:60:0d:80:a6:c0:20:d1:5d:e0:d1:90:74:
38:b0:ef:80:2b:f0:88:1f:e3:f1:20:0b:b1:57:01:
e2:ce:ca:f7:6f:c1:32:da:25:ef:e5:05:6e:ec:f3:
9e:40:87:a9:40:7c:c8:b1:d9:db:05:2d:32:76:ae:
09:f3:1e:b0:d2:cf:68:49:7e:24:1d:16:4c:64:b2:
a8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:89:03:D4:49:8E:1C:2C:15:06:FE:C9:88:7A:6D:0D:26:DD:4C:96
X509v3 Authority Key Identifier:
keyid:D4:33:6D:5E:74:F1:F8:B7:DB:13:29:F0:0B:B8:57:24:1A:E7:4D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DNtXnTx-LfbEynwC7hXJBrnTRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/NIkD1EmOHCwVBv7JiHptDSbdTJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/1DNtXnTx-LfbEynwC7hXJBrnTRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e680::/29
Signature Algorithm: sha256WithRSAEncryption
78:bc:f9:90:1e:b9:23:e2:c2:16:1a:6d:71:cd:f0:25:1b:3e:
58:ac:33:a4:c7:df:f8:c0:89:77:ea:e6:40:c2:b2:fc:f6:25:
ad:07:75:93:e4:87:a0:c4:e0:9f:ec:c7:70:d0:15:af:c1:29:
c1:65:e5:48:6c:1e:0a:74:55:8b:12:b9:4d:14:d6:2b:37:12:
e3:dd:ff:1b:a4:ce:99:2e:67:0b:06:8d:9c:b2:eb:9b:01:37:
0b:03:c2:e1:ae:39:3c:d9:ce:ba:a7:c4:bc:46:fa:cd:59:19:
a5:67:f7:21:63:4f:3a:25:4e:7b:dc:a0:c0:85:56:57:c8:27:
e5:ad:c9:6a:d2:74:17:fe:17:6a:a1:be:1d:df:0c:d8:52:41:
4c:ba:c0:0c:d5:ee:9b:dd:1f:8c:26:ee:69:44:af:82:d4:50:
17:a5:57:48:d1:3f:d8:8d:8a:25:6a:a8:4a:b9:21:15:00:17:
91:ca:53:89:2b:88:75:7a:24:e7:b7:6f:14:f4:24:de:8b:08:
3f:ee:86:5d:35:83:68:95:39:65:b2:8f:50:c0:04:da:4d:ab:
73:45:b8:72:ac:3f:90:f8:cb:6e:ef:f1:8e:2f:93:19:55:3b:
56:1a:21:0d:f6:e4:98:61:25:c2:1f:38:3c:d7:a5:b3:3d:b9:
77:f7:7e:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZF6gLsC4hrJJjgvZ8A+SEP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzM2ZDVlNzRmMWY4YjdkYjEzMjlmMDBiYjg1NzI0MWFl
NzRkMTkwHhcNMjQwODIyMTQzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDg5MDNkNDQ5OGUxYzJjMTUwNmZlYzk4ODdhNmQwZDI2ZGQ0Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJyatCojPyollwDlnJG5aoF4Jtf3
lVMqDpYX8PevTy2onCdMLt7/ltc/nRd3tMq094rqCiYD517uznBfuZy88UnWbjDT
/vQJjG5ycaPJ6fkdfCw5WLxkN+M/EPkHHwZuzFjXtWG4qh7++dZiWf/juWIPDpbC
Gp6V5hLIN+F7SconrelxMPaHYnxXV9YEOhPLwE3Kg8louUdW22Eu36Z6LkDW7kPX
iSui8+4kun4AOJ4qV7T8loBgDYCmwCDRXeDRkHQ4sO+AK/CIH+PxIAuxVwHizsr3
b8Ey2iXv5QVu7POeQIepQHzIsdnbBS0ydq4J8x6w0s9oSX4kHRZMZLKocwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDSJA9RJjhwsFQb+yYh6bQ0m3UyWMB8GA1UdIwQY
MBaAFNQzbV508fi32xMp8Au4VyQa500ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUROdFhuVHgtTGZiRXlud0M3aFhKQnJuVFJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYTZiZGQtMGQzYy00YTBkLThkYjYt
MmRkMjUxODRiMGQwLzEvTklrRDFFbU9IQ3dWQnY3SmlIcHREU2JkVEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zYTZiZGQtMGQzYy00YTBkLThkYjYtMmRkMjUxODRiMGQw
LzEvMUROdFhuVHgtTGZiRXlud0M3aFhKQnJuVFJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHmgDAN
BgkqhkiG9w0BAQsFAAOCAQEAeLz5kB65I+LCFhptcc3wJRs+WKwzpMff+MCJd+rm
QMKy/PYlrQd1k+SHoMTgn+zHcNAVr8EpwWXlSGweCnRVixK5TRTWKzcS493/G6TO
mS5nCwaNnLLrmwE3CwPC4a45PNnOuqfEvEb6zVkZpWf3IWNPOiVOe9ygwIVWV8gn
5a3JatJ0F/4XaqG+Hd8M2FJBTLrADNXum90fjCbuaUSvgtRQF6VXSNE/2I2KJWqo
SrkhFQAXkcpTiSuIdXok57dvFPQk3osIP+6GXTWDaJU5ZbKPUMAE2k2rc0W4cqw/
kPjLbu/xji+TGVU7VhohDfbkmGElwh84PNelsz25d/d+hA==
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:03:38 2024 by rpki-client on console-ams.rpki-client.org