Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NnjjnHY3J3lOO-PRRnX80EM7v18.roa
File: NnjjnHY3J3lOO-PRRnX80EM7v18.roa (raw, json)
Hash identifier: hXqaxK1BIX1sfWkJuOfEq6UosCgyLi36a10roAHJunE=
Subject key identifier: 36:78:E3:9C:76:37:27:79:4E:3B:E3:D1:46:75:FC:D0:43:3B:BF:5F
Certificate issuer: /CN=525b705a91dbc30ed10eb7222b7797b834e01863
Certificate serial: 01856E38B337DD8487B6516BE43C2BECEB43
Authority key identifier: 52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NnjjnHY3J3lOO-PRRnX80EM7v18.roa
Signing time: Sun 01 Jan 2023 16:44:47 +0000
ROA not before: Sun 01 Jan 2023 16:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209673
IP address blocks: 2a0d:eb04:4::/46 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:b3:37:dd:84:87:b6:51:6b:e4:3c:2b:ec:eb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525b705a91dbc30ed10eb7222b7797b834e01863
Validity
Not Before: Jan 1 16:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3678e39c763727794e3be3d14675fcd0433bbf5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6f:64:19:0d:d3:a2:23:7f:4e:ab:11:d0:d1:
d9:24:d5:bf:84:cd:10:86:db:b4:21:8f:e6:f0:86:
50:dd:f8:d1:a1:eb:d5:41:58:55:ad:4f:1b:f9:7b:
de:bd:34:81:44:fb:81:b2:1b:f8:e6:18:21:a8:1c:
a0:a5:52:4b:d1:b8:d2:18:aa:35:18:08:be:c5:fc:
b7:c5:2f:5e:8b:59:4f:96:b4:d3:4c:6e:c7:46:2d:
a7:70:c6:b8:c7:0f:aa:6e:8c:bc:15:1c:35:31:af:
f7:30:b0:70:5c:ce:11:41:a5:c6:af:65:58:ab:b2:
ff:fa:82:d6:9c:28:0f:a0:50:d8:54:b5:d5:62:57:
44:11:7a:3d:93:ee:f5:53:c9:94:5b:4b:63:58:de:
2f:a5:ca:6a:64:aa:38:2a:3d:a1:cf:47:ac:bc:13:
47:75:07:5c:97:b3:9a:ec:e9:53:a8:27:39:ca:6a:
35:d7:35:d7:63:9a:a8:8f:b5:fc:87:d8:0b:a2:dc:
c1:14:11:c8:f3:b2:49:d1:c7:9a:e9:23:d5:cd:23:
c5:25:3b:30:85:77:aa:bd:5e:95:de:23:f7:f7:da:
7f:19:00:13:e3:20:36:c4:88:b6:e0:51:93:66:94:
46:27:31:eb:53:c6:bd:41:5f:9e:df:e5:02:28:66:
d3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:78:E3:9C:76:37:27:79:4E:3B:E3:D1:46:75:FC:D0:43:3B:BF:5F
X509v3 Authority Key Identifier:
keyid:52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NnjjnHY3J3lOO-PRRnX80EM7v18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:eb04:4::/46
Signature Algorithm: sha256WithRSAEncryption
93:6d:31:91:ba:54:e6:70:b3:a9:a5:63:ee:af:16:f1:e0:eb:
93:42:5d:fd:0f:cc:0c:ac:e6:4d:aa:32:9b:5f:4a:82:05:e2:
e4:c0:35:98:3c:64:d1:d9:96:b4:59:4c:bc:e3:7b:39:6e:06:
7a:1e:6a:53:e5:7c:b0:8f:78:b5:bb:1e:ff:51:4f:0e:67:29:
c1:3c:5f:f1:f6:d4:04:31:73:97:be:8f:58:f6:b1:32:78:12:
28:d8:01:4c:ec:c2:3e:61:2e:f2:55:a5:58:b4:d6:d6:cb:98:
c2:17:72:0d:18:a8:f9:8f:3a:7a:19:d8:c1:b1:d6:c3:c8:1d:
49:c3:65:df:dd:49:dd:34:b2:10:fd:7b:34:c6:fc:fe:92:23:
2d:31:7e:0b:55:72:48:6d:98:5b:ff:f3:58:9a:eb:56:1b:bf:
2e:47:bb:0c:96:0d:0a:75:ff:6b:88:63:79:56:88:26:7b:a1:
ed:5f:16:ac:2a:89:1d:a1:9a:37:92:95:46:7a:aa:79:55:4f:
ce:3b:69:80:f6:cc:dd:bf:a1:9f:d4:f5:48:44:3a:35:4a:a7:
01:8e:5c:22:dc:75:43:2a:5b:7c:5b:0c:4e:c9:90:d6:21:22:
0d:d1:25:4e:c7:ab:88:8f:b6:c6:72:5b:6c:50:63:01:fd:76:
83:aa:ce:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuOLM33YSHtlFr5Dwr7OtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNWI3MDVhOTFkYmMzMGVkMTBlYjcyMjJiNzc5N2I4MzRl
MDE4NjMwHhcNMjMwMTAxMTY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc4ZTM5Yzc2MzcyNzc5NGUzYmUzZDE0Njc1ZmNkMDQzM2JiZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm9kGQ3ToiN/TqsR0NHZJNW/hM0Q
htu0IY/m8IZQ3fjRoevVQVhVrU8b+XvevTSBRPuBshv45hghqBygpVJL0bjSGKo1
GAi+xfy3xS9ei1lPlrTTTG7HRi2ncMa4xw+qboy8FRw1Ma/3MLBwXM4RQaXGr2VY
q7L/+oLWnCgPoFDYVLXVYldEEXo9k+71U8mUW0tjWN4vpcpqZKo4Kj2hz0esvBNH
dQdcl7Oa7OlTqCc5ymo11zXXY5qoj7X8h9gLotzBFBHI87JJ0cea6SPVzSPFJTsw
hXeqvV6V3iP399p/GQAT4yA2xIi24FGTZpRGJzHrU8a9QV+e3+UCKGbTVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDZ445x2Nyd5Tjvj0UZ1/NBDO79fMB8GA1UdIwQY
MBaAFFJbcFqR28MO0Q63Iit3l7g04BhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQt
ZjQ2ODg3ZGY5ODYzLzEvTm5qam5IWTNKM2xPTy1QUlJuWDgwRU03djE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQtZjQ2ODg3ZGY5ODYz
LzEvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg3rBAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCTbTGRulTmcLOppWPurxbx4OuTQl39D8wMrOZN
qjKbX0qCBeLkwDWYPGTR2Za0WUy843s5bgZ6HmpT5Xywj3i1ux7/UU8OZynBPF/x
9tQEMXOXvo9Y9rEyeBIo2AFM7MI+YS7yVaVYtNbWy5jCF3INGKj5jzp6GdjBsdbD
yB1Jw2Xf3UndNLIQ/Xs0xvz+kiMtMX4LVXJIbZhb//NYmutWG78uR7sMlg0Kdf9r
iGN5Vogme6HtXxasKokdoZo3kpVGeqp5VU/OO2mA9szdv6Gf1PVIRDo1SqcBjlwi
3HVDKlt8WwxOyZDWISIN0SVOx6uIj7bGcltsUGMB/XaDqs6f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:54 2024 by rpki-client on console-ams.rpki-client.org