Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/NaaBw28Lw5Pi4xf0b9FrGrxf60A.roa
File: NaaBw28Lw5Pi4xf0b9FrGrxf60A.roa (raw, json)
Hash identifier: qiVhs0S0hOupPuuXCjXY6pFHdmaqCbZb26TkOVMeh6k=
Subject key identifier: 35:A6:81:C3:6F:0B:C3:93:E2:E3:17:F4:6F:D1:6B:1A:BC:5F:EB:40
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 01856B80E810AC0665B7C05E52042DFB9648
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/NaaBw28Lw5Pi4xf0b9FrGrxf60A.roa
Signing time: Sun 01 Jan 2023 04:04:48 +0000
ROA not before: Sun 01 Jan 2023 04:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56527
IP address blocks: 217.66.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:e8:10:ac:06:65:b7:c0:5e:52:04:2d:fb:96:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 04:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35a681c36f0bc393e2e317f46fd16b1abc5feb40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:4b:bd:c7:3e:83:7a:06:9d:fa:c7:f9:5a:
c5:b1:84:ea:3f:e5:c8:a5:60:1f:30:f4:ed:9c:0b:
0b:14:83:6e:87:f3:c7:3f:e6:62:b4:16:de:3c:8d:
6f:9d:11:d9:fb:71:a7:ee:75:f6:ca:95:7b:02:c2:
4f:47:60:bf:03:b0:77:da:21:49:23:8c:4f:4e:ec:
d8:5d:81:13:96:cd:7f:73:5c:ac:53:6f:06:5e:f5:
72:30:1b:36:12:26:90:37:2e:e7:e1:c0:26:f4:4c:
61:3a:6a:b7:00:6f:01:fd:9b:0c:d4:fd:57:9e:6c:
06:a5:42:ec:05:84:c6:dd:d6:63:a1:72:6f:e2:19:
c3:42:39:9b:3e:2b:3a:03:55:6d:1c:43:48:74:6d:
f3:62:90:48:df:ec:02:8f:1e:37:00:af:9b:b7:da:
f2:2b:d3:42:b8:e6:9f:2e:a9:09:68:69:ca:89:a9:
55:48:78:2e:f9:3a:1b:bd:55:44:03:0e:56:c9:ae:
a3:20:cd:ee:c5:71:53:78:83:1e:ea:c3:16:6c:62:
16:45:c0:1c:88:f2:a0:11:9b:42:39:16:28:fa:ee:
b5:c2:9a:d8:b1:aa:55:0c:50:d6:14:7a:2d:dc:95:
80:9a:e3:de:2a:6a:5f:6f:40:32:8d:9d:b4:8f:6b:
85:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A6:81:C3:6F:0B:C3:93:E2:E3:17:F4:6F:D1:6B:1A:BC:5F:EB:40
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/NaaBw28Lw5Pi4xf0b9FrGrxf60A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.96.0/22
Signature Algorithm: sha256WithRSAEncryption
53:35:a0:f8:97:46:2c:66:68:de:e0:80:46:30:a9:5a:32:00:
0d:57:e4:2f:95:08:53:f5:48:7e:7b:f8:7c:c8:9e:2e:6f:8a:
16:b2:91:ef:b8:3a:83:09:35:6f:c4:26:6f:bd:08:d9:dd:09:
a2:d1:e8:32:81:11:bf:22:7c:09:22:5a:b3:17:29:6b:98:86:
ad:13:ad:6c:0e:bc:02:58:88:8a:8a:4a:1f:53:4f:b6:56:e6:
f6:d7:0e:6a:1b:eb:c3:93:b3:27:81:57:e9:5b:8c:ba:c8:65:
09:08:d0:3a:14:58:f8:8d:ff:27:cb:b1:2f:b1:e6:22:78:cc:
72:ec:e5:48:5d:6d:a1:a3:b1:72:70:f1:98:14:67:27:31:2c:
86:4b:a7:f7:5c:ef:62:d6:47:90:bd:1a:96:9a:79:6f:fd:13:
95:84:c3:2b:3e:f7:cd:41:dd:ae:7b:53:fa:c9:ba:1f:b8:80:
45:25:5f:b3:d6:0f:72:40:47:e5:d7:d7:93:f1:33:dd:16:5e:
9c:90:ef:0b:37:6d:a7:55:de:56:c6:54:5e:4e:99:aa:ff:85:
c0:e5:10:2c:d8:31:1f:1a:a9:aa:ec:c4:3e:22:62:5a:0d:e6:
b0:c7:78:7b:fc:64:a7:b7:90:b5:fd:28:e7:9e:f3:71:8d:12:
6e:0f:18:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgOgQrAZlt8BeUgQt+5ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjMwMTAxMDQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWE2ODFjMzZmMGJjMzkzZTJlMzE3ZjQ2ZmQxNmIxYWJjNWZlYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBFLvcc+g3oGnfrH+VrFsYTqP+XI
pWAfMPTtnAsLFINuh/PHP+ZitBbePI1vnRHZ+3Gn7nX2ypV7AsJPR2C/A7B32iFJ
I4xPTuzYXYETls1/c1ysU28GXvVyMBs2EiaQNy7n4cAm9ExhOmq3AG8B/ZsM1P1X
nmwGpULsBYTG3dZjoXJv4hnDQjmbPis6A1VtHENIdG3zYpBI3+wCjx43AK+bt9ry
K9NCuOafLqkJaGnKialVSHgu+TobvVVEAw5Wya6jIM3uxXFTeIMe6sMWbGIWRcAc
iPKgEZtCORYo+u61wprYsapVDFDWFHot3JWAmuPeKmpfb0AyjZ20j2uFoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWmgcNvC8OT4uMX9G/Raxq8X+tAMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvTmFhQncyOEx3NVBpNHhmMGI5RnJHcnhmNjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2UtZGUyZGUxNWY5MGVk
LzEvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UJgMA0G
CSqGSIb3DQEBCwUAA4IBAQBTNaD4l0YsZmje4IBGMKlaMgANV+QvlQhT9Uh+e/h8
yJ4ub4oWspHvuDqDCTVvxCZvvQjZ3Qmi0egygRG/InwJIlqzFylrmIatE61sDrwC
WIiKikofU0+2Vub21w5qG+vDk7MngVfpW4y6yGUJCNA6FFj4jf8ny7EvseYieMxy
7OVIXW2ho7FycPGYFGcnMSyGS6f3XO9i1keQvRqWmnlv/ROVhMMrPvfNQd2ue1P6
ybofuIBFJV+z1g9yQEfl19eT8TPdFl6ckO8LN22nVd5WxlReTpmq/4XA5RAs2DEf
Gqmq7MQ+ImJaDeawx3h7/GSnt5C1/SjnnvNxjRJuDxg3
-----END CERTIFICATE-----
Generated at Mon Sep 11 11:40:43 2023 by rpki-client on console-ams.rpki-client.org