Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/NwCjKXpBMaMgMBrt-AIZz1bWCa4.roa
File: NwCjKXpBMaMgMBrt-AIZz1bWCa4.roa (raw, json)
Hash identifier: w8Ka6vwGw7wgL82KQnGdesWJcmaIK4aEbwPeL8DEpdg=
Subject key identifier: 37:00:A3:29:7A:41:31:A3:20:30:1A:ED:F8:02:19:CF:56:D6:09:AE
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEB65F6073A20E212DED31360C1074
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/NwCjKXpBMaMgMBrt-AIZz1bWCa4.roa
Signing time: Sun 01 Jan 2023 06:04:44 +0000
ROA not before: Sun 01 Jan 2023 06:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3180
IP address blocks: 2a04:ac00:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b6:5f:60:73:a2:0e:21:2d:ed:31:36:0c:10:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3700a3297a4131a320301aedf80219cf56d609ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a2:a5:84:e8:34:f7:44:26:37:83:bd:d5:ce:
18:99:1f:b6:2f:70:1a:78:55:e4:c0:ef:2c:2d:11:
c7:c3:cf:37:b3:b5:5c:20:24:54:bd:a1:42:0b:7e:
8b:a0:fb:65:bd:27:27:d7:2b:2f:be:b4:52:d6:eb:
11:e9:25:50:87:64:6c:5f:6d:9b:31:ce:db:46:e4:
02:36:63:47:db:51:66:8f:3b:41:d9:a3:e1:25:55:
55:f1:95:8c:cd:d0:a5:ae:4b:7d:c1:95:bf:e1:eb:
78:6c:b9:c6:53:ae:b0:53:72:c2:3b:3e:b8:95:1d:
6b:cd:c6:a8:b2:4e:04:4a:7a:c0:50:55:10:b6:df:
de:81:c4:18:89:5a:c4:3e:2b:71:17:bb:02:f7:8e:
35:f6:6c:d4:b6:d5:a3:f8:45:9b:57:d5:fe:15:bc:
f4:e2:f8:ac:b8:3e:0e:86:31:28:e2:37:02:57:02:
17:1d:7d:09:84:b9:e8:ce:f0:7a:29:f2:fe:bc:96:
c2:af:66:fd:e5:c4:7f:34:c2:91:56:b7:dc:09:51:
c7:b3:ba:c6:3c:fe:bf:61:43:1a:a1:be:e8:ad:43:
73:8b:cb:f5:08:57:07:f9:be:32:f0:60:1d:98:87:
78:43:a7:25:68:37:0a:f1:a8:70:e4:d6:6e:3f:03:
52:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:00:A3:29:7A:41:31:A3:20:30:1A:ED:F8:02:19:CF:56:D6:09:AE
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/NwCjKXpBMaMgMBrt-AIZz1bWCa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:b::/48
Signature Algorithm: sha256WithRSAEncryption
3a:99:c4:72:0f:03:e7:b6:29:d7:5a:1c:84:97:2b:1a:5c:b4:
44:f3:f9:49:09:53:d5:30:86:0a:20:a2:b3:60:75:c4:87:4e:
fc:aa:cc:83:4e:15:bd:59:b7:54:35:6b:10:6e:44:38:a3:73:
e7:48:67:87:c6:3e:e2:d9:f6:97:ec:b8:29:f0:44:8d:49:0f:
45:8f:19:70:65:02:a7:7b:3e:50:71:1b:d3:bd:f1:52:6e:ba:
88:33:c6:dc:6a:4f:67:c9:41:3f:a6:04:58:db:39:5b:ef:b6:
29:30:df:0d:dc:c0:57:65:79:c0:6a:54:0c:74:6f:2f:e1:ac:
39:37:e7:a3:5e:ab:d4:53:1e:55:c2:dc:df:c1:91:38:ec:4c:
b8:b9:e9:32:23:d5:81:11:14:27:31:a0:88:07:ac:9a:d5:2e:
47:21:4f:16:9f:77:2c:df:bb:71:1b:c4:3b:22:c3:b2:bb:15:
f3:44:95:f9:a3:95:c9:68:a6:90:98:8c:19:32:2b:b8:23:d1:
d9:30:dc:e3:ac:23:dd:82:f8:34:b7:8c:3a:1a:e7:50:7f:d8:
b2:35:8a:ee:0d:31:23:d6:ac:bc:64:79:0e:20:34:c8:cf:01:
7e:55:d7:e7:bf:ef:4b:71:07:64:00:fa:9a:80:ea:7c:47:57:
e6:de:6c:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr7rZfYHOiDiEt7TE2DBB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAwYTMyOTdhNDEzMWEzMjAzMDFhZWRmODAyMTljZjU2ZDYwOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKKlhOg090QmN4O91c4YmR+2L3Aa
eFXkwO8sLRHHw883s7VcICRUvaFCC36LoPtlvScn1ysvvrRS1usR6SVQh2RsX22b
Mc7bRuQCNmNH21FmjztB2aPhJVVV8ZWMzdClrkt9wZW/4et4bLnGU66wU3LCOz64
lR1rzcaosk4ESnrAUFUQtt/egcQYiVrEPitxF7sC94419mzUttWj+EWbV9X+Fbz0
4visuD4OhjEo4jcCVwIXHX0JhLnozvB6KfL+vJbCr2b95cR/NMKRVrfcCVHHs7rG
PP6/YUMaob7orUNzi8v1CFcH+b4y8GAdmId4Q6claDcK8ahw5NZuPwNSgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDcAoyl6QTGjIDAa7fgCGc9W1gmuMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvTndDaktYcEJNYU1nTUJydC1BSVp6MWJXQ2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgSsAAAL
MA0GCSqGSIb3DQEBCwUAA4IBAQA6mcRyDwPntinXWhyElysaXLRE8/lJCVPVMIYK
IKKzYHXEh078qsyDThW9WbdUNWsQbkQ4o3PnSGeHxj7i2faX7Lgp8ESNSQ9Fjxlw
ZQKnez5QcRvTvfFSbrqIM8bcak9nyUE/pgRY2zlb77YpMN8N3MBXZXnAalQMdG8v
4aw5N+ejXqvUUx5VwtzfwZE47Ey4uekyI9WBERQnMaCIB6ya1S5HIU8Wn3cs37tx
G8Q7IsOyuxXzRJX5o5XJaKaQmIwZMiu4I9HZMNzjrCPdgvg0t4w6GudQf9iyNYru
DTEj1qy8ZHkOIDTIzwF+Vdfnv+9LcQdkAPqagOp8R1fm3mwW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org