Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/nc1EUOdOXAbEzEcm5DVxb8Qn4eE.roa
File: nc1EUOdOXAbEzEcm5DVxb8Qn4eE.roa (raw, json)
Hash identifier: hpxSSi6NV+EFTHfAjyPf02mdeNSe+Duvelv3N183z9s=
Subject key identifier: 9D:CD:44:50:E7:4E:5C:06:C4:CC:47:26:E4:35:71:6F:C4:27:E1:E1
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01856FCBBFE645523694EC44F4EC4BC38E02
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/nc1EUOdOXAbEzEcm5DVxb8Qn4eE.roa
Signing time: Mon 02 Jan 2023 00:05:02 +0000
ROA not before: Mon 02 Jan 2023 00:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212971
IP address blocks: 2a0e:e704:44::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:bf:e6:45:52:36:94:ec:44:f4:ec:4b:c3:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 2 00:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dcd4450e74e5c06c4cc4726e435716fc427e1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:e3:2c:36:4d:65:20:5f:e0:09:e4:46:c8:
0e:e2:df:ab:1c:2d:46:2a:33:04:46:e8:54:d9:0c:
a9:b6:8f:49:48:07:c3:d6:cc:ea:6e:33:f0:c7:2a:
bd:31:08:f1:44:68:9c:03:5e:3b:91:d4:d6:0a:a2:
14:58:41:6e:5a:5b:11:52:ea:bc:82:11:cf:57:3a:
02:49:4b:e5:fb:53:e4:ef:00:36:a0:a1:20:40:d8:
8b:08:5c:22:11:8d:07:99:a3:69:b8:ff:49:6b:62:
1a:64:f4:3f:76:c1:a7:2f:7c:82:99:62:c7:10:f2:
38:9c:0e:b3:98:09:b1:05:58:37:09:76:6e:73:1d:
09:92:ed:50:2f:f4:6d:f0:91:d6:ac:1a:8c:8a:f5:
79:03:36:ba:0a:35:28:94:68:a9:4b:68:a8:88:2b:
21:b0:bf:16:05:6a:fd:80:35:91:d1:8b:c0:28:20:
ea:62:2a:c7:70:5c:10:a7:91:38:70:6b:9d:24:3a:
7a:d8:bd:51:37:97:0b:50:f1:dd:70:bf:e5:25:e7:
5a:3f:dc:42:05:41:bf:62:47:37:8f:2a:7a:4e:78:
17:3c:7f:de:87:9d:c7:e6:1b:d5:8c:dc:cd:44:45:
62:b1:95:59:68:94:01:4d:59:e3:db:73:8c:39:35:
26:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CD:44:50:E7:4E:5C:06:C4:CC:47:26:E4:35:71:6F:C4:27:E1:E1
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/nc1EUOdOXAbEzEcm5DVxb8Qn4eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:44::/48
Signature Algorithm: sha256WithRSAEncryption
89:93:4e:7d:5d:0c:09:46:82:01:08:24:7b:ec:65:5b:97:23:
3d:23:ae:f4:46:7f:a5:48:bc:af:cb:65:7d:99:fe:9e:43:4c:
92:3f:e4:f7:f1:b6:3c:7a:47:87:03:c7:eb:65:4b:7a:89:df:
80:be:77:cf:2c:af:24:13:fa:fd:0a:d1:e9:9d:4e:72:e6:ce:
5a:3e:65:2f:92:e2:db:cf:bb:2c:de:0c:dc:11:53:78:ff:a6:
f0:2f:dc:af:29:4f:9f:83:34:4a:77:a7:60:9e:df:a5:c3:43:
6f:cc:06:3b:8e:20:14:c0:a5:e4:06:31:da:57:da:fa:68:94:
01:3f:01:df:1a:13:05:a8:5f:ac:e4:fd:a5:82:c2:f6:b3:f8:
e1:43:71:e4:d3:dc:e3:48:50:b5:ce:d2:93:0c:45:39:c5:10:
e0:34:5e:10:51:d9:f4:bd:c9:fa:05:d9:54:af:9c:c5:52:99:
85:8c:a1:2d:64:1f:cd:5c:e2:41:51:6d:54:97:70:ee:7d:9d:
14:1b:dc:78:bf:39:4b:a2:eb:09:a7:9f:dc:45:0d:27:d6:b6:
e7:a7:b0:35:80:7e:94:55:35:cc:9c:1f:0e:16:2b:f1:b7:ce:
fe:e6:f8:87:1e:17:df:f6:d9:38:18:3b:9d:64:d6:6e:c3:15:
24:12:04:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvy7/mRVI2lOxE9OxLw44CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjMwMTAyMDAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNkNDQ1MGU3NGU1YzA2YzRjYzQ3MjZlNDM1NzE2ZmM0MjdlMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcTjLDZNZSBf4AnkRsgO4t+rHC1G
KjMERuhU2Qypto9JSAfD1szqbjPwxyq9MQjxRGicA147kdTWCqIUWEFuWlsRUuq8
ghHPVzoCSUvl+1Pk7wA2oKEgQNiLCFwiEY0HmaNpuP9Ja2IaZPQ/dsGnL3yCmWLH
EPI4nA6zmAmxBVg3CXZucx0Jku1QL/Rt8JHWrBqMivV5Aza6CjUolGipS2ioiCsh
sL8WBWr9gDWR0YvAKCDqYirHcFwQp5E4cGudJDp62L1RN5cLUPHdcL/lJedaP9xC
BUG/Ykc3jyp6TngXPH/eh53H5hvVjNzNREVisZVZaJQBTVnj23OMOTUmMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3NRFDnTlwGxMxHJuQ1cW/EJ+HhMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvbmMxRVVPZE9YQWJFekVjbTVEVnhiOFFuNGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABE
MA0GCSqGSIb3DQEBCwUAA4IBAQCJk059XQwJRoIBCCR77GVblyM9I670Rn+lSLyv
y2V9mf6eQ0ySP+T38bY8ekeHA8frZUt6id+AvnfPLK8kE/r9CtHpnU5y5s5aPmUv
kuLbz7ss3gzcEVN4/6bwL9yvKU+fgzRKd6dgnt+lw0NvzAY7jiAUwKXkBjHaV9r6
aJQBPwHfGhMFqF+s5P2lgsL2s/jhQ3Hk09zjSFC1ztKTDEU5xRDgNF4QUdn0vcn6
BdlUr5zFUpmFjKEtZB/NXOJBUW1Ul3DufZ0UG9x4vzlLousJp5/cRQ0n1rbnp7A1
gH6UVTXMnB8OFivxt87+5viHHhff9tk4GDudZNZuwxUkEgR4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:13 2024 by rpki-client on console-fra.rpki-client.org