Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nTKWPpHUZsp6OIleiABwnZLpb20.roa
File: nTKWPpHUZsp6OIleiABwnZLpb20.roa (raw, json)
Hash identifier: ibufJZcPhCDgsztlpcRcxYoT96AR+denZ8pR/1weX5g=
Subject key identifier: 9D:32:96:3E:91:D4:66:CA:7A:38:89:5E:88:00:70:9D:92:E9:6F:6D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F9F4971D68E3EB928076B2750CB08FBE6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nTKWPpHUZsp6OIleiABwnZLpb20.roa
Signing time: Wed 22 May 2024 07:52:21 +0000
ROA not before: Wed 22 May 2024 07:52:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a11:efc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 May 2024 10:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:49:71:d6:8e:3e:b9:28:07:6b:27:50:cb:08:fb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 22 07:52:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d32963e91d466ca7a38895e8800709d92e96f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:23:29:e9:b9:49:45:0c:5e:92:78:2b:ef:
44:30:e3:a9:93:62:21:df:8b:58:0e:ac:a4:47:cc:
b4:55:5e:f7:6b:14:51:ef:25:68:2e:0e:6c:fc:83:
ce:0b:79:af:29:12:81:68:74:4c:fb:5d:41:ce:3c:
cf:c1:3c:1a:3a:f6:4f:d0:67:56:ca:40:8a:79:e2:
45:0b:d1:6b:93:8a:ee:16:9a:08:08:e4:9e:15:ea:
91:aa:15:b0:30:bb:7e:98:19:36:16:1e:1a:ec:7b:
fc:18:dd:5e:fe:7f:68:11:67:cb:9e:e9:76:17:2f:
d6:1c:0a:70:70:99:b2:fa:9e:03:15:c0:85:ef:d5:
0e:ee:5b:ea:0c:ae:c7:00:d5:a2:eb:3e:0d:2f:95:
cc:5f:45:9a:97:52:44:9a:cc:19:1e:b2:77:ca:73:
cc:3a:00:b2:07:31:4e:d1:51:17:47:7e:45:07:34:
e2:78:e5:b7:40:3b:a1:f8:b8:90:45:a5:04:72:8c:
51:cf:a1:dd:20:8b:43:94:d5:62:b0:bc:21:e3:41:
7b:16:13:28:28:5e:ba:59:0f:08:70:c5:5a:45:3e:
28:f8:3b:5e:cb:86:73:f7:14:79:c2:2d:f4:a2:b5:
eb:e5:59:8e:ba:f9:51:f5:29:23:78:d4:91:3c:7e:
2f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:32:96:3E:91:D4:66:CA:7A:38:89:5E:88:00:70:9D:92:E9:6F:6D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nTKWPpHUZsp6OIleiABwnZLpb20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:efc0::/29
Signature Algorithm: sha256WithRSAEncryption
58:29:f2:68:4f:50:37:55:c4:1b:3c:fe:8c:45:c3:50:3e:1b:
aa:69:99:2a:a3:82:b6:51:28:91:24:62:56:a6:5e:89:a8:19:
05:7e:54:26:9d:e3:8a:8b:bb:a1:5c:3c:ef:28:6a:b3:d3:9f:
fb:28:d2:bf:f2:44:32:d9:6f:0d:3d:0b:82:45:d7:88:23:03:
7f:a2:32:f9:50:e2:9d:aa:48:68:d9:9a:c8:b7:fa:1e:47:c4:
fd:b7:ae:a7:14:d9:f6:28:fe:e5:5c:ab:df:ca:e9:84:b4:07:
27:83:54:47:2b:b2:af:d0:ba:fd:23:e1:33:14:36:98:b4:2c:
5b:63:7e:08:96:13:77:bc:73:d7:fd:84:e9:00:bf:cc:15:bb:
05:1c:3e:b4:c6:1c:50:40:22:31:46:70:42:4c:f4:23:05:5f:
29:e3:a0:ef:b3:6d:b3:2c:6e:5d:83:ea:c3:bb:47:63:9d:98:
28:02:d1:23:c2:b7:8e:69:c4:4b:fa:85:76:11:86:d1:45:93:
76:bf:a0:32:ab:fa:16:b6:e5:b6:ea:34:87:5d:94:fc:24:3c:
7f:b6:30:74:cb:ef:64:36:40:83:1d:9f:ef:bf:f2:d6:ba:2b:
d4:00:69:71:a1:cb:7e:d9:0e:a7:db:ad:c5:8e:83:97:72:a0:
45:7f:d7:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+fSXHWjj65KAdrJ1DLCPvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTIyMDc1MjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMyOTYzZTkxZDQ2NmNhN2EzODg5NWU4ODAwNzA5ZDkyZTk2ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5cjKem5SUUMXpJ4K+9EMOOpk2Ih
34tYDqykR8y0VV73axRR7yVoLg5s/IPOC3mvKRKBaHRM+11BzjzPwTwaOvZP0GdW
ykCKeeJFC9Frk4ruFpoICOSeFeqRqhWwMLt+mBk2Fh4a7Hv8GN1e/n9oEWfLnul2
Fy/WHApwcJmy+p4DFcCF79UO7lvqDK7HANWi6z4NL5XMX0Wal1JEmswZHrJ3ynPM
OgCyBzFO0VEXR35FBzTieOW3QDuh+LiQRaUEcoxRz6HdIItDlNVisLwh40F7FhMo
KF66WQ8IcMVaRT4o+Dtey4Zz9xR5wi30orXr5VmOuvlR9SkjeNSRPH4vNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ0ylj6R1GbKejiJXogAcJ2S6W9tMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvblRLV1BwSFVac3A2T0lsZWlBQnduWkxwYjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHvwDAN
BgkqhkiG9w0BAQsFAAOCAQEAWCnyaE9QN1XEGzz+jEXDUD4bqmmZKqOCtlEokSRi
VqZeiagZBX5UJp3jiou7oVw87yhqs9Of+yjSv/JEMtlvDT0LgkXXiCMDf6Iy+VDi
napIaNmayLf6HkfE/beupxTZ9ij+5Vyr38rphLQHJ4NURyuyr9C6/SPhMxQ2mLQs
W2N+CJYTd7xz1/2E6QC/zBW7BRw+tMYcUEAiMUZwQkz0IwVfKeOg77NtsyxuXYPq
w7tHY52YKALRI8K3jmnES/qFdhGG0UWTdr+gMqv6Frbltuo0h12U/CQ8f7YwdMvv
ZDZAgx2f77/y1ror1ABpcaHLftkOp9utxY6Dl3KgRX/Xqg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:18 2025 by rpki-client