Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nUZ-pvF-xnx8gB6IkfbqJez7qyM.roa
File: nUZ-pvF-xnx8gB6IkfbqJez7qyM.roa (raw, json)
Hash identifier: m5hdlADd3idjY7Ts/dkroXyrOsVL70LIcyuMN0DFO/E=
Subject key identifier: 9D:46:7E:A6:F1:7E:C6:7C:7C:80:1E:88:91:F6:EA:25:EC:FB:AB:23
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC22DE6B45376B928C72EAC5B180B0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nUZ-pvF-xnx8gB6IkfbqJez7qyM.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32489
IP address blocks: 2a13:cf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 07:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:22:de:6b:45:37:6b:92:8c:72:ea:c5:b1:80:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d467ea6f17ec67c7c801e8891f6ea25ecfbab23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2d:33:4c:e5:ff:60:34:99:0f:a0:ca:7b:d5:
0e:9f:3f:ba:72:73:6d:46:e5:21:be:59:f8:9a:8e:
ba:2a:39:d9:5f:b5:79:10:19:b8:dc:3c:b5:aa:02:
49:9b:d6:5d:a0:b5:fd:de:5b:17:c9:c8:d2:4a:3a:
ae:5a:6d:89:0b:d9:cf:b4:53:75:57:a0:17:28:c9:
ac:63:cf:e1:6e:82:fa:9a:34:08:4b:3a:84:a6:e4:
98:c4:d0:f4:ff:14:b7:33:16:32:39:e8:79:61:6b:
46:ad:41:11:4b:94:91:c4:27:0a:6a:1d:60:f3:e8:
5d:b5:5a:34:7a:90:b5:04:c8:43:5f:34:fb:28:08:
58:93:b3:6d:b8:45:f2:f0:23:40:be:1d:27:b2:82:
39:69:08:0f:db:3c:35:69:70:7d:64:bc:cf:bb:11:
2a:3b:34:14:1b:39:ae:17:1d:ad:fd:24:52:fe:8d:
98:57:6b:ef:60:e3:ad:6f:da:74:66:ef:e9:8d:d6:
9c:c4:3b:05:9a:83:97:b0:35:69:91:36:8a:45:d7:
85:e2:87:81:f8:64:b0:a7:d1:2d:87:08:f4:2e:18:
51:8f:85:fd:3f:25:6f:b0:66:ce:6d:59:1d:ab:a6:
da:2f:7f:79:e3:a5:54:d1:c9:72:a2:d9:d7:0a:a1:
a4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:46:7E:A6:F1:7E:C6:7C:7C:80:1E:88:91:F6:EA:25:EC:FB:AB:23
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nUZ-pvF-xnx8gB6IkfbqJez7qyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
3c:42:90:62:47:92:86:40:a0:7e:c8:39:18:7e:8b:72:cd:6a:
94:7b:9c:dc:f2:a9:fb:02:3f:5a:53:6e:c0:a8:ae:86:bb:ae:
e3:cb:e1:7a:c4:08:9c:45:9e:27:c9:92:59:e8:62:31:6f:51:
e2:5f:68:81:fd:3a:77:bf:4a:aa:4d:69:25:36:b1:4e:74:c9:
12:59:6e:21:b7:bf:68:92:8c:e3:47:70:b2:72:63:46:4e:e8:
7d:cb:0e:42:97:85:1e:47:21:5f:6f:25:cb:b1:db:50:29:70:
df:c4:95:7f:b8:5d:fc:f5:66:d8:7c:35:59:bf:09:26:47:20:
36:08:fb:60:f4:69:76:6c:e8:aa:72:89:94:53:7a:57:cc:9e:
e5:e6:ae:fc:10:a2:da:0d:79:55:4c:f8:a8:6f:7f:6f:52:c8:
37:01:7f:36:98:67:e7:1f:1d:92:fd:ee:4f:27:79:13:0f:70:
48:e5:b6:73:5c:12:8e:1f:29:b6:3a:b9:6c:ec:0b:10:9e:d8:
e5:b0:6b:a2:55:c0:77:00:57:ec:e5:34:5d:a6:87:e3:25:02:
50:f5:96:cf:0e:a8:e3:58:8e:0b:c2:ba:d0:7b:43:a7:7c:fc:
df:50:44:50:e4:c7:01:e6:b5:ce:cd:3d:88:01:14:85:a8:19:
d0:b0:28:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvCLea0U3a5KMcurFsYCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ2N2VhNmYxN2VjNjdjN2M4MDFlODg5MWY2ZWEyNWVjZmJhYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyS0zTOX/YDSZD6DKe9UOnz+6cnNt
RuUhvln4mo66KjnZX7V5EBm43Dy1qgJJm9ZdoLX93lsXycjSSjquWm2JC9nPtFN1
V6AXKMmsY8/hboL6mjQISzqEpuSYxND0/xS3MxYyOeh5YWtGrUERS5SRxCcKah1g
8+hdtVo0epC1BMhDXzT7KAhYk7NtuEXy8CNAvh0nsoI5aQgP2zw1aXB9ZLzPuxEq
OzQUGzmuFx2t/SRS/o2YV2vvYOOtb9p0Zu/pjdacxDsFmoOXsDVpkTaKRdeF4oeB
+GSwp9Ethwj0LhhRj4X9PyVvsGbObVkdq6baL39546VU0clyotnXCqGkywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ1GfqbxfsZ8fIAeiJH26iXs+6sjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvblVaLXB2Ri14bng4Z0I2SWtmYnFKZXo3cXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPPADAN
BgkqhkiG9w0BAQsFAAOCAQEAPEKQYkeShkCgfsg5GH6Lcs1qlHuc3PKp+wI/WlNu
wKiuhruu48vhesQInEWeJ8mSWehiMW9R4l9ogf06d79Kqk1pJTaxTnTJElluIbe/
aJKM40dwsnJjRk7ofcsOQpeFHkchX28ly7HbUClw38SVf7hd/PVm2Hw1Wb8JJkcg
Ngj7YPRpdmzoqnKJlFN6V8ye5eau/BCi2g15VUz4qG9/b1LINwF/Nphn5x8dkv3u
Tyd5Ew9wSOW2c1wSjh8ptjq5bOwLEJ7Y5bBrolXAdwBX7OU0XaaH4yUCUPWWzw6o
41iOC8K60HtDp3z831BEUOTHAea1zs09iAEUhagZ0LAo7g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:51 2025 by rpki-client