Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/ni49h6o-xT6yVFne08yxrIoQOSk.roa
File: ni49h6o-xT6yVFne08yxrIoQOSk.roa (raw, json)
Hash identifier: RSAiPGQuuzVSptQSuSGYeChBQAY7mo4sZy+JWYyt0nc=
Subject key identifier: 9E:2E:3D:87:AA:3E:C5:3E:B2:54:59:DE:D3:CC:B1:AC:8A:10:39:29
Certificate issuer: /CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Certificate serial: 01856F14E4F7FCE9CFCC58D0C5ACB1171327
Authority key identifier: 9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/ni49h6o-xT6yVFne08yxrIoQOSk.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398559
IP address blocks: 2a0f:103::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Jan 2023 17:45:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e4:f7:fc:e9:cf:cc:58:d0:c5:ac:b1:17:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2e3d87aa3ec53eb25459ded3ccb1ac8a103929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d6:de:10:e1:ff:f6:0c:74:0c:84:b9:ce:c4:
a1:fe:19:ac:cf:ed:9f:aa:49:b9:a9:f5:36:c6:54:
b0:d4:4a:3f:79:3e:a9:21:04:bf:4a:a6:e6:d3:56:
fe:97:69:f1:cb:28:74:63:d0:8a:f1:bd:1b:48:d9:
fe:27:65:ea:5d:87:3e:99:51:b6:0a:bb:39:80:97:
32:32:0f:59:ac:5c:4e:b1:b3:0b:1c:97:24:ab:4b:
50:07:0b:9b:71:fd:c4:7d:bd:85:9e:cd:54:21:2f:
2a:62:ed:be:d4:3c:cd:ee:88:5e:f9:65:bc:d7:c9:
89:d5:fe:94:fd:f7:0f:06:90:f8:ee:e8:b1:12:0d:
ee:41:29:43:d1:80:44:64:85:92:00:47:c0:3a:63:
ea:83:8d:8c:cd:6a:16:13:55:dd:36:04:20:1a:0f:
de:ff:bb:32:1d:9a:fe:5d:22:ea:c2:bd:6e:28:04:
1e:ef:35:5b:15:ea:8a:ee:1d:d6:bf:60:98:d6:7d:
00:59:a2:9b:c4:81:b2:65:c1:53:54:d2:c9:39:ea:
2c:08:de:43:7e:08:3d:5b:03:6f:39:b6:ca:26:17:
44:0c:65:33:92:20:35:58:95:c9:d1:07:92:3d:c4:
2c:63:2b:54:02:a0:15:22:59:99:71:e6:ba:0c:28:
33:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2E:3D:87:AA:3E:C5:3E:B2:54:59:DE:D3:CC:B1:AC:8A:10:39:29
X509v3 Authority Key Identifier:
keyid:9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/ni49h6o-xT6yVFne08yxrIoQOSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/nuw0uvkiAow0Mvj48ivaavhrd7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:103::/32
Signature Algorithm: sha256WithRSAEncryption
68:37:0e:34:bd:6d:fe:f8:9b:4a:d4:6d:29:17:20:b2:07:e0:
fd:4c:8e:fe:7a:9c:70:28:30:6d:26:97:ef:db:c4:96:d3:a6:
6f:3b:a3:84:28:cc:e5:59:ec:e4:0a:24:3b:e9:20:d9:bf:56:
cd:92:8b:f8:8b:c4:88:ab:b9:c9:9c:05:fd:40:10:bd:5a:78:
2d:87:86:4b:17:0a:82:84:c3:1c:60:0b:86:c0:35:a1:f1:37:
17:19:63:88:b5:e1:47:3b:c3:94:6e:8c:77:5d:c6:32:20:14:
bd:82:54:da:79:13:7f:d5:2f:b9:c5:a4:08:a5:12:db:7e:c8:
83:51:33:fd:33:8a:f6:37:7d:78:60:35:30:75:5a:45:f4:e6:
d5:f3:94:f8:fc:42:62:cb:30:79:03:62:61:80:fa:59:f6:31:
33:fc:c3:11:d7:ab:5e:c7:b4:90:f8:80:f5:20:13:fe:5a:59:
f2:c6:d4:14:3e:9c:86:54:a5:f4:96:8d:fb:21:60:77:a7:a0:
8a:bf:c6:f9:9a:eb:93:fe:6e:98:95:4a:ba:8c:fe:ad:3b:95:
d7:66:2f:2e:41:ed:88:48:46:46:7f:e1:cd:5a:8b:25:d5:01:
5c:d9:94:39:0f:a5:ee:4f:67:6b:ea:3d:c0:95:8f:b9:7b:bb:
3c:36:d3:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvFOT3/OnPzFjQxayxFxMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWMzNGJhZjkyMjAyOGMzNDMyZjhmOGYyMmJkYTZhZjg2
Yjc3YjIwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJlM2Q4N2FhM2VjNTNlYjI1NDU5ZGVkM2NjYjFhYzhhMTAzOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9beEOH/9gx0DIS5zsSh/hmsz+2f
qkm5qfU2xlSw1Eo/eT6pIQS/Sqbm01b+l2nxyyh0Y9CK8b0bSNn+J2XqXYc+mVG2
Crs5gJcyMg9ZrFxOsbMLHJckq0tQBwubcf3Efb2Fns1UIS8qYu2+1DzN7ohe+WW8
18mJ1f6U/fcPBpD47uixEg3uQSlD0YBEZIWSAEfAOmPqg42MzWoWE1XdNgQgGg/e
/7syHZr+XSLqwr1uKAQe7zVbFeqK7h3Wv2CY1n0AWaKbxIGyZcFTVNLJOeosCN5D
fgg9WwNvObbKJhdEDGUzkiA1WJXJ0QeSPcQsYytUAqAVIlmZcea6DCgzmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ4uPYeqPsU+slRZ3tPMsayKEDkpMB8GA1UdIwQY
MBaAFJ7sNLr5IgKMNDL4+PIr2mr4a3eyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzkt
YWM4NzE3MWY0ZTVjLzEvbmk0OWg2by14VDZ5VkZuZTA4eXhySW9RT1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzktYWM4NzE3MWY0ZTVj
LzEvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg8BAzAN
BgkqhkiG9w0BAQsFAAOCAQEAaDcONL1t/vibStRtKRcgsgfg/UyO/nqccCgwbSaX
79vEltOmbzujhCjM5Vns5AokO+kg2b9WzZKL+IvEiKu5yZwF/UAQvVp4LYeGSxcK
goTDHGALhsA1ofE3FxljiLXhRzvDlG6Md13GMiAUvYJU2nkTf9UvucWkCKUS237I
g1Ez/TOK9jd9eGA1MHVaRfTm1fOU+PxCYssweQNiYYD6WfYxM/zDEderXse0kPiA
9SAT/lpZ8sbUFD6chlSl9JaN+yFgd6egir/G+Zrrk/5umJVKuoz+rTuV12YvLkHt
iEhGRn/hzVqLJdUBXNmUOQ+l7k9na+o9wJWPuXu7PDbTag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org