Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/NyKahJrxyZKeQjiXg66ULyhbtMg.roa
File: NyKahJrxyZKeQjiXg66ULyhbtMg.roa (raw, json)
Hash identifier: DHszuMx8LMiShVBMOcC7bVVv0qJmJSoP+ivIBO+azpI=
Subject key identifier: 37:22:9A:84:9A:F1:C9:92:9E:42:38:97:83:AE:94:2F:28:5B:B4:C8
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 01868A6D56A123EF2DA592AF92A83D713AB9
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/NyKahJrxyZKeQjiXg66ULyhbtMg.roa
Signing time: Sat 25 Feb 2023 21:14:26 +0000
ROA not before: Sat 25 Feb 2023 21:14:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200056
IP address blocks: 2a13:79c7:1700::/40 maxlen: 40
2a13:79c7:17a0::/46 maxlen: 46
Validation: Failed, certificate revoked on Sat 25 Feb 2023 21:17:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8a:6d:56:a1:23:ef:2d:a5:92:af:92:a8:3d:71:3a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: Feb 25 21:14:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37229a849af1c9929e42389783ae942f285bb4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:59:97:08:76:f2:16:e4:a6:c8:fd:72:aa:d4:
3c:04:66:b2:7e:3c:ac:f3:40:e8:66:04:9d:26:26:
1f:59:d3:a4:d2:d2:5b:1f:b6:da:21:ab:1e:16:8e:
fb:62:7f:01:91:63:d4:ba:66:9b:ba:f7:a3:e8:80:
14:83:42:0b:92:0d:70:82:e0:dd:2e:78:79:5b:44:
79:93:16:8f:f6:b0:dd:8a:d1:9d:8b:8b:f2:27:68:
1d:33:d0:43:cb:a8:80:dc:78:e2:06:17:b7:b9:a8:
88:90:1e:4f:db:e4:db:e1:2f:87:30:72:e0:a9:f9:
59:b4:da:14:6f:df:26:e7:16:b1:c0:a4:a9:b3:73:
5a:3b:a9:a0:f6:f7:40:2e:84:9b:1e:8b:52:17:7f:
a7:b4:3c:e1:94:f8:29:79:e9:81:b4:a8:a7:f4:f7:
1a:28:dc:93:74:10:1f:96:33:8b:fd:ed:c5:8e:70:
58:08:ea:2a:d8:c8:6f:ce:f4:08:26:bd:15:b1:be:
4b:a7:fe:be:00:b5:57:95:2e:f6:9b:00:62:68:a1:
0a:71:9c:c6:d5:22:b2:1b:62:8e:db:9d:f5:f5:63:
07:f8:78:8c:93:6a:f8:4f:f4:f7:f8:db:c1:55:b4:
b2:46:8b:22:7b:8d:f6:59:65:b7:35:d9:8b:18:88:
54:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:22:9A:84:9A:F1:C9:92:9E:42:38:97:83:AE:94:2F:28:5B:B4:C8
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/NyKahJrxyZKeQjiXg66ULyhbtMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:79c7:1700::/40
Signature Algorithm: sha256WithRSAEncryption
e2:b7:c7:4a:45:98:47:8b:40:cc:dc:d7:32:14:81:49:b2:2c:
91:07:94:95:c5:4d:96:c8:24:5c:5f:d0:e0:aa:70:3f:54:5a:
5f:be:72:20:7d:dc:f5:40:0f:46:bc:ee:e8:06:bc:92:f5:7c:
14:a3:87:4e:b4:6c:ac:8c:d9:60:15:0c:e5:f6:7c:29:ec:87:
40:b2:50:4f:de:b0:4a:69:b9:57:25:85:dc:17:de:5c:8b:c7:
d6:17:ee:d9:12:d3:6e:20:3e:10:de:55:29:a1:5c:f8:e4:fa:
a7:04:fc:cf:c3:ff:df:11:81:3b:94:b1:cd:0a:0c:aa:f5:98:
26:63:4a:d9:91:39:70:5a:e6:7d:b0:19:09:69:44:85:57:79:
cd:ec:6e:bd:a4:f8:24:f2:19:29:30:d0:49:fb:99:1f:88:c7:
34:47:58:c7:38:4a:35:db:40:bd:26:c4:6f:4b:c1:c3:b0:31:
08:06:6b:48:ff:60:16:fd:e9:eb:c5:a6:be:85:c7:f5:a0:43:
19:11:d9:2f:aa:bb:b4:e3:0f:22:b7:36:62:86:89:f5:96:75:
21:20:28:48:18:47:79:f0:ef:39:13:84:2e:2a:02:63:9e:2f:
71:64:e5:64:bf:4c:97:1b:4a:69:05:06:d6:f3:ac:3c:5c:bd:
48:17:7a:72
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaKbVahI+8tpZKvkqg9cTq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMjI1MjExNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIyOWE4NDlhZjFjOTkyOWU0MjM4OTc4M2FlOTQyZjI4NWJiNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1mXCHbyFuSmyP1yqtQ8BGayfjys
80DoZgSdJiYfWdOk0tJbH7baIaseFo77Yn8BkWPUumabuvej6IAUg0ILkg1wguDd
Lnh5W0R5kxaP9rDditGdi4vyJ2gdM9BDy6iA3HjiBhe3uaiIkB5P2+Tb4S+HMHLg
qflZtNoUb98m5xaxwKSps3NaO6mg9vdALoSbHotSF3+ntDzhlPgpeemBtKin9Pca
KNyTdBAfljOL/e3FjnBYCOoq2MhvzvQIJr0Vsb5Lp/6+ALVXlS72mwBiaKEKcZzG
1SKyG2KO25319WMH+HiMk2r4T/T3+NvBVbSyRosie432WWW3NdmLGIhU+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDcimoSa8cmSnkI4l4OulC8oW7TIMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvTnlLYWhKcnh5WktlUWppWGc2NlVMeWhidE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5xxcw
DQYJKoZIhvcNAQELBQADggEBAOK3x0pFmEeLQMzc1zIUgUmyLJEHlJXFTZbIJFxf
0OCqcD9UWl++ciB93PVAD0a87ugGvJL1fBSjh060bKyM2WAVDOX2fCnsh0CyUE/e
sEppuVclhdwX3lyLx9YX7tkS024gPhDeVSmhXPjk+qcE/M/D/98RgTuUsc0KDKr1
mCZjStmROXBa5n2wGQlpRIVXec3sbr2k+CTyGSkw0En7mR+IxzRHWMc4SjXbQL0m
xG9LwcOwMQgGa0j/YBb96evFpr6Fx/WgQxkR2S+qu7TjDyK3NmKGifWWdSEgKEgY
R3nw7zkThC4qAmOeL3Fk5WS/TJcbSmkFBtbzrDxcvUgXenI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org