Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NYDZbFdRy_cXyxE2j72NMDmxeZM.roa
File: NYDZbFdRy_cXyxE2j72NMDmxeZM.roa (raw, json)
Hash identifier: Ex8lP6QVBPRCfWs+2tfzx5Fn1daOfiNwe4WSFwo2ReY=
Subject key identifier: 35:80:D9:6C:57:51:CB:F7:17:CB:11:36:8F:BD:8D:30:39:B1:79:93
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBBFF415655D3A3A11375A61331540
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NYDZbFdRy_cXyxE2j72NMDmxeZM.roa
Signing time: Mon 02 Jan 2023 05:37:04 +0000
ROA not before: Mon 02 Jan 2023 05:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62874
IP address blocks: 2a00:f826:11::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:bf:f4:15:65:5d:3a:3a:11:37:5a:61:33:15:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3580d96c5751cbf717cb11368fbd8d3039b17993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:a2:79:58:d1:c3:49:e5:75:23:06:6b:b0:
dd:e2:4c:2c:de:ef:d3:7d:88:9b:92:bd:6b:d2:12:
23:9e:93:2b:8a:e8:e0:1a:46:5e:49:78:35:d6:4e:
9e:9f:5e:a3:d0:6c:b6:b3:4e:e7:d5:da:61:ab:86:
1e:1a:43:b2:1b:b7:a8:99:42:dd:e7:4e:53:b3:96:
2d:c1:09:32:0b:58:0b:74:2f:e4:6f:2d:1b:95:5e:
19:59:0e:58:50:99:6a:2c:c4:aa:1f:d2:e7:ba:5f:
9d:ec:60:c2:94:11:78:b7:bb:34:d0:72:4e:bb:90:
47:71:10:bc:c1:1a:5e:82:4e:47:c6:1d:57:77:c8:
bf:02:92:64:fe:e2:ac:22:3b:f8:a4:6e:aa:dd:74:
20:ab:ec:b6:f9:e2:6e:50:ec:16:04:f9:16:b0:52:
76:fb:71:cf:08:31:91:80:68:f8:1a:dc:61:8d:77:
70:da:c7:eb:d3:5c:fa:2b:33:6d:03:06:05:ab:ff:
db:f6:80:32:2d:e2:18:64:78:6f:f2:7a:2c:e3:4b:
3e:53:15:12:ba:ab:a4:1d:3a:8a:57:95:56:58:d0:
a8:c8:1e:ed:54:6d:49:34:a8:15:3e:e5:83:28:37:
1e:f5:2b:81:27:b0:31:4c:e9:ec:50:40:1a:d1:ab:
f3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:80:D9:6C:57:51:CB:F7:17:CB:11:36:8F:BD:8D:30:39:B1:79:93
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NYDZbFdRy_cXyxE2j72NMDmxeZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f826:11::/48
Signature Algorithm: sha256WithRSAEncryption
51:2a:73:4f:86:54:fb:2e:6a:11:4f:16:6b:4c:66:09:7e:7b:
d0:8c:57:f1:07:e6:4d:f7:5d:e5:a9:7a:e0:9f:97:37:30:0f:
89:ca:5e:b7:eb:c9:60:22:12:b7:26:88:a1:37:a9:67:a6:2a:
8e:38:c0:e2:bb:5d:26:a3:08:bb:0e:ca:b4:26:66:66:04:dc:
c0:82:61:51:35:f4:fb:ed:ca:58:fa:15:f0:f9:83:22:0e:be:
70:be:67:e9:40:1b:1a:c8:dc:ed:e0:c9:59:7f:d9:62:ed:e6:
84:8d:db:01:96:dc:8c:ef:dc:20:10:4a:5f:21:a2:ad:00:4e:
5c:76:d4:18:41:c9:6a:54:e5:84:b6:fa:07:66:b4:14:8f:d7:
4e:38:ce:4d:c6:69:e6:e9:ca:46:e7:cf:0d:72:5d:01:f7:5a:
57:e7:ce:a7:6f:43:7a:98:37:94:e7:b1:43:3f:f0:4d:58:82:
90:07:e0:40:31:b8:0d:fe:b7:d4:3a:2e:70:30:fd:e4:c6:11:
68:aa:fa:bd:1e:a7:4d:ff:91:93:a8:90:6c:34:e6:c6:0f:d0:
a0:fd:86:df:2f:49:22:9e:2b:e7:eb:e2:71:4c:75:d2:4c:60:
44:c2:c7:15:22:47:52:c5:b1:67:72:92:1e:05:ed:7d:75:0e:
ba:fd:be:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+7/0FWVdOjoRN1phMxVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgwZDk2YzU3NTFjYmY3MTdjYjExMzY4ZmJkOGQzMDM5YjE3OTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwyieVjRw0nldSMGa7Dd4kws3u/T
fYibkr1r0hIjnpMriujgGkZeSXg11k6en16j0Gy2s07n1dphq4YeGkOyG7eomULd
505Ts5YtwQkyC1gLdC/kby0blV4ZWQ5YUJlqLMSqH9Lnul+d7GDClBF4t7s00HJO
u5BHcRC8wRpegk5Hxh1Xd8i/ApJk/uKsIjv4pG6q3XQgq+y2+eJuUOwWBPkWsFJ2
+3HPCDGRgGj4GtxhjXdw2sfr01z6KzNtAwYFq//b9oAyLeIYZHhv8nos40s+UxUS
uqukHTqKV5VWWNCoyB7tVG1JNKgVPuWDKDce9SuBJ7AxTOnsUEAa0avzxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDWA2WxXUcv3F8sRNo+9jTA5sXmTMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTllEWmJGZFJ5X2NYeXhFMmo3Mk5NRG14ZVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD4JgAR
MA0GCSqGSIb3DQEBCwUAA4IBAQBRKnNPhlT7LmoRTxZrTGYJfnvQjFfxB+ZN913l
qXrgn5c3MA+Jyl6368lgIhK3JoihN6lnpiqOOMDiu10mowi7Dsq0JmZmBNzAgmFR
NfT77cpY+hXw+YMiDr5wvmfpQBsayNzt4MlZf9li7eaEjdsBltyM79wgEEpfIaKt
AE5cdtQYQclqVOWEtvoHZrQUj9dOOM5Nxmnm6cpG588Ncl0B91pX586nb0N6mDeU
57FDP/BNWIKQB+BAMbgN/rfUOi5wMP3kxhFoqvq9HqdN/5GTqJBsNObGD9Cg/Ybf
L0kinivn6+JxTHXSTGBEwscVIkdSxbFncpIeBe19dQ66/b5g
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org