Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nn_U1SzG2jlgZzF27RiHsWqRYtw.roa
File: nn_U1SzG2jlgZzF27RiHsWqRYtw.roa (raw, json)
Hash identifier: fhOm8ohtoA0A2oX+UCzCo/7I94VqhOsxOUnOJ1NbLKQ=
Subject key identifier: 9E:7F:D4:D5:2C:C6:DA:39:60:67:31:76:ED:18:87:B1:6A:91:62:DC
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEBF5D7F257AEB42D553335AD441AE
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nn_U1SzG2jlgZzF27RiHsWqRYtw.roa
Signing time: Sun 01 Jan 2023 06:04:46 +0000
ROA not before: Sun 01 Jan 2023 06:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201848
IP address blocks: 2a04:ac00:1::/48 maxlen: 48
2a04:ac00:4::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:bf:5d:7f:25:7a:eb:42:d5:53:33:5a:d4:41:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7fd4d52cc6da3960673176ed1887b16a9162dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:36:08:cb:08:38:6c:03:ca:56:f8:26:4d:90:
90:f7:25:33:a5:96:71:41:6e:05:f6:aa:70:51:f7:
82:f8:f2:04:49:47:53:86:44:b0:ba:14:06:5e:ed:
37:fd:47:06:d4:78:4c:c9:92:1b:98:40:33:07:3b:
d7:40:e1:65:b1:72:4d:71:0d:a4:05:7e:34:a7:28:
6c:e9:1d:43:6b:6e:81:12:48:bd:6a:04:19:d8:2e:
71:05:a8:a3:46:33:f4:e2:01:0b:9a:82:9b:5a:eb:
95:01:2f:99:ef:39:2a:ef:53:f8:a6:36:4f:34:36:
4f:49:ae:2e:02:1e:89:35:dc:6b:31:7e:75:62:ca:
da:cd:c2:b4:7f:f5:cb:5e:f5:bd:08:b1:0e:2c:f4:
20:b4:fc:bd:42:01:ab:2c:90:53:ee:08:6a:f8:56:
74:93:00:87:bb:3a:19:e9:ae:69:b9:66:4d:2f:c5:
d1:c1:8b:23:ec:8b:09:86:15:50:97:47:36:3c:aa:
3e:61:b4:a4:c5:53:12:79:51:f1:83:fb:05:f1:5d:
72:ee:c5:12:ea:21:2f:4b:dc:7b:0e:47:e8:c3:d1:
7d:e9:5b:c7:a7:ba:a0:83:3d:6b:7c:ab:8c:a5:67:
4e:30:34:8c:dc:85:8b:bb:13:a8:ea:e0:cd:8b:4e:
43:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7F:D4:D5:2C:C6:DA:39:60:67:31:76:ED:18:87:B1:6A:91:62:DC
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nn_U1SzG2jlgZzF27RiHsWqRYtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:1::/48
2a04:ac00:4::/48
Signature Algorithm: sha256WithRSAEncryption
52:fa:4f:ca:60:b5:15:3f:22:78:f9:0d:b6:45:ac:20:39:b3:
1d:20:c5:a2:53:09:b2:5f:5a:85:9c:cd:77:09:8e:f5:2f:93:
09:79:27:09:63:8a:a7:b5:e8:1b:32:a1:16:be:70:3f:6c:02:
c2:bc:31:5b:2f:6e:4f:88:38:3d:65:19:ca:e3:4f:55:0f:25:
00:e2:e9:f6:d6:e4:8e:e4:ef:f5:11:53:c8:d8:c8:42:e0:4c:
32:9e:b7:c7:fe:ef:e4:aa:e3:03:c8:68:a8:95:d7:cf:5b:c0:
bb:ea:86:91:41:74:c0:a8:c5:3d:fd:57:09:0e:4e:1f:91:2b:
cb:a2:0c:99:87:68:d1:d2:51:76:be:2e:1a:a0:98:3a:d1:27:
e7:17:56:d5:e0:6d:f2:9e:21:80:f8:ed:9d:92:d7:cd:e2:1c:
20:7b:7c:06:68:a5:17:da:59:e2:d3:71:56:7b:30:10:b4:af:
cd:08:77:e3:64:cd:ed:68:ff:3c:c4:7a:20:8e:62:65:9b:2f:
48:ff:84:24:48:b6:ab:ef:53:d7:f0:16:23:84:59:b5:c2:44:
f2:f8:09:78:4b:66:79:a1:65:b6:23:67:ef:fa:1c:03:7a:53:
91:e6:3b:41:7d:9f:17:cb:cc:2e:d3:92:b8:fb:73:e7:2b:43:
4d:77:4e:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr7r9dfyV660LVUzNa1EGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdmZDRkNTJjYzZkYTM5NjA2NzMxNzZlZDE4ODdiMTZhOTE2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDYIywg4bAPKVvgmTZCQ9yUzpZZx
QW4F9qpwUfeC+PIESUdThkSwuhQGXu03/UcG1HhMyZIbmEAzBzvXQOFlsXJNcQ2k
BX40pyhs6R1Da26BEki9agQZ2C5xBaijRjP04gELmoKbWuuVAS+Z7zkq71P4pjZP
NDZPSa4uAh6JNdxrMX51YsrazcK0f/XLXvW9CLEOLPQgtPy9QgGrLJBT7ghq+FZ0
kwCHuzoZ6a5puWZNL8XRwYsj7IsJhhVQl0c2PKo+YbSkxVMSeVHxg/sF8V1y7sUS
6iEvS9x7Dkfow9F96VvHp7qggz1rfKuMpWdOMDSM3IWLuxOo6uDNi05DQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ5/1NUsxto5YGcxdu0Yh7FqkWLcMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvbm5fVTFTekcyamxnWnpGMjdSaUhzV3FSWXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgSsAAAB
AwcAKgSsAAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBS+k/KYLUVPyJ4+Q22RawgObMd
IMWiUwmyX1qFnM13CY71L5MJeScJY4qntegbMqEWvnA/bALCvDFbL25PiDg9ZRnK
409VDyUA4un21uSO5O/1EVPI2MhC4EwynrfH/u/kquMDyGioldfPW8C76oaRQXTA
qMU9/VcJDk4fkSvLogyZh2jR0lF2vi4aoJg60SfnF1bV4G3yniGA+O2dktfN4hwg
e3wGaKUX2lni03FWezAQtK/NCHfjZM3taP88xHogjmJlmy9I/4QkSLar71PX8BYj
hFm1wkTy+Al4S2Z5oWW2I2fv+hwDelOR5jtBfZ8Xy8wu05K4+3PnK0NNd06T
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:35 2024 by rpki-client on console-ams.rpki-client.org