Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQklfGi_zhml43xu_9xUz9cydCA.roa
File: NQklfGi_zhml43xu_9xUz9cydCA.roa (raw, json)
Hash identifier: EZl4ronrQ0iKDPE+fHUy1cHtLw7au7L0EzVM3icJbbo=
Subject key identifier: 35:09:25:7C:68:BF:CE:19:A5:E3:7C:6E:FF:DC:54:CF:D7:32:74:20
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191550E0D0426977CE75F34B8347A6F2402
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQklfGi_zhml43xu_9xUz9cydCA.roa
Signing time: Thu 15 Aug 2024 08:01:09 +0000
ROA not before: Thu 15 Aug 2024 08:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15353
IP address blocks: 2a12:ecc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Aug 2024 06:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:0e:0d:04:26:97:7c:e7:5f:34:b8:34:7a:6f:24:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 15 08:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3509257c68bfce19a5e37c6effdc54cfd7327420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:71:22:e4:28:6f:d1:ec:64:f1:04:f7:79:e3:
22:0f:96:d1:ca:c7:25:46:81:56:5b:86:00:dd:98:
52:80:7b:8c:be:ac:6f:d1:b6:44:1f:70:43:7c:61:
db:38:f4:e1:f7:ed:2c:e4:6d:50:dd:ae:9f:91:37:
20:c3:36:c9:4a:4d:ee:f3:fe:f6:45:20:81:d0:0f:
f9:eb:6e:03:88:14:6e:5d:f7:19:a7:c0:93:6d:cf:
05:ee:31:df:6d:ac:62:f7:6f:b3:d5:76:f0:2b:98:
08:76:3d:21:27:fa:93:4f:97:fb:49:57:e7:2b:66:
a1:6a:d6:6d:37:d0:42:55:cb:9a:a3:8f:bf:8d:e8:
6b:39:7b:2e:f2:a0:9b:5f:b4:73:bd:b3:53:7b:59:
ef:d5:2c:94:77:ae:98:89:62:b2:88:d6:1a:e5:2c:
04:90:02:6f:95:83:4f:fc:b0:dc:41:a6:1b:90:d6:
2b:74:f7:81:02:c0:bb:ff:f6:c4:e3:ec:aa:7b:76:
fe:7c:9f:0f:1c:a0:b3:c2:4f:b0:9b:24:87:52:58:
3b:a4:dd:0f:8a:d7:7d:56:be:24:11:ec:b9:19:8d:
74:56:71:a9:20:01:a4:81:69:5a:cc:23:93:49:ea:
2e:70:74:5b:c6:cd:d9:c6:3b:c9:2c:d4:fa:0d:61:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:09:25:7C:68:BF:CE:19:A5:E3:7C:6E:FF:DC:54:CF:D7:32:74:20
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQklfGi_zhml43xu_9xUz9cydCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ecc2::/32
Signature Algorithm: sha256WithRSAEncryption
26:f6:19:38:f3:50:a5:59:65:52:ce:32:c2:8f:26:bf:2d:ef:
0e:97:20:69:00:4d:70:b0:74:c0:cf:46:63:73:d9:06:11:7c:
5a:a6:f8:e3:3c:ae:73:81:a7:ec:f0:64:d9:63:4e:68:85:fe:
3d:30:fd:52:4e:78:74:49:9b:e6:7d:43:6f:67:ea:40:a5:1f:
94:3d:7b:e8:a8:1a:2b:d9:40:78:26:5b:4a:ce:79:2a:40:6e:
93:ba:14:70:64:cd:eb:f0:b5:cf:f0:d2:ad:2b:9b:fb:5d:b6:
bd:07:b3:b3:f5:a2:56:13:f7:fe:30:26:90:b2:ae:fd:71:b0:
52:b7:6a:34:36:77:1f:57:4f:0a:7b:c8:9e:3e:f7:42:87:d9:
54:91:b2:56:88:ba:81:d5:c5:51:23:eb:83:5e:3d:7d:37:7d:
eb:56:b2:e6:11:2a:04:ac:a5:1b:9b:2e:b4:77:95:39:d2:63:
d7:50:69:a4:55:6d:2c:1f:17:d7:4d:06:22:a2:46:84:b3:c2:
c7:c8:cc:15:bd:a6:e3:ce:9b:85:b8:1f:90:42:53:ad:03:1c:
bb:17:04:b6:99:4a:df:d2:ee:4b:89:b6:8e:b5:96:06:05:37:
eb:45:8f:ac:2a:cf:e2:67:62:d8:de:71:02:fb:97:4d:ba:5d:
e3:64:36:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFVDg0EJpd85180uDR6byQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE1MDgwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTA5MjU3YzY4YmZjZTE5YTVlMzdjNmVmZmRjNTRjZmQ3MzI3NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3Ei5Chv0exk8QT3eeMiD5bRyscl
RoFWW4YA3ZhSgHuMvqxv0bZEH3BDfGHbOPTh9+0s5G1Q3a6fkTcgwzbJSk3u8/72
RSCB0A/5624DiBRuXfcZp8CTbc8F7jHfbaxi92+z1XbwK5gIdj0hJ/qTT5f7SVfn
K2ahatZtN9BCVcuao4+/jehrOXsu8qCbX7RzvbNTe1nv1SyUd66YiWKyiNYa5SwE
kAJvlYNP/LDcQaYbkNYrdPeBAsC7//bE4+yqe3b+fJ8PHKCzwk+wmySHUlg7pN0P
itd9Vr4kEey5GY10VnGpIAGkgWlazCOTSeoucHRbxs3ZxjvJLNT6DWG/cwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDUJJXxov84ZpeN8bv/cVM/XMnQgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTlFrbGZHaV96aG1sNDN4dV85eFV6OWN5ZENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhLswjAN
BgkqhkiG9w0BAQsFAAOCAQEAJvYZOPNQpVllUs4ywo8mvy3vDpcgaQBNcLB0wM9G
Y3PZBhF8Wqb44zyuc4Gn7PBk2WNOaIX+PTD9Uk54dEmb5n1Db2fqQKUflD176Kga
K9lAeCZbSs55KkBuk7oUcGTN6/C1z/DSrSub+122vQezs/WiVhP3/jAmkLKu/XGw
UrdqNDZ3H1dPCnvInj73QofZVJGyVoi6gdXFUSPrg149fTd961ay5hEqBKylG5su
tHeVOdJj11BppFVtLB8X100GIqJGhLPCx8jMFb2m486bhbgfkEJTrQMcuxcEtplK
39LuS4m2jrWWBgU360WPrCrP4mdi2N5xAvuXTbpd42Q2wQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:46:23 2025 by rpki-client