Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/Ng00FthQIvMcqu6FBTljFmOOL1M.roa
File: Ng00FthQIvMcqu6FBTljFmOOL1M.roa (raw, json)
Hash identifier: 1AeYxIaNlJbCpMGaqSoU95LNOvwfCgBpXGFknhXKws0=
Subject key identifier: 36:0D:34:16:D8:50:22:F3:1C:AA:EE:85:05:39:63:16:63:8E:2F:53
Certificate issuer: /CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Certificate serial: 018CDFF44E7C8625C2B2C86F3C1C83B58F5D
Authority key identifier: AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/Ng00FthQIvMcqu6FBTljFmOOL1M.roa
Signing time: Sat 06 Jan 2024 18:06:19 +0000
ROA not before: Sat 06 Jan 2024 18:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199471
IP address blocks: 2a13:fc80::/32 maxlen: 48
2001:67c:c48::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 08:55:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:f4:4e:7c:86:25:c2:b2:c8:6f:3c:1c:83:b5:8f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Validity
Not Before: Jan 6 18:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=360d3416d85022f31caaee8505396316638e2f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f5:13:7a:05:eb:89:c2:65:10:c9:9b:e6:2f:
a8:08:4c:d7:d1:db:19:33:e5:5a:b7:b3:36:54:58:
31:d8:11:d8:49:e3:40:97:97:d5:ea:80:f3:87:51:
95:2f:b4:65:9c:86:dd:db:77:46:f0:04:0b:00:b0:
32:12:56:4b:d3:12:30:d7:b8:3a:d6:4e:36:17:22:
5e:f6:94:6e:07:0c:15:3f:0a:fa:2d:29:4c:86:8c:
df:68:4b:49:d1:f0:14:4b:28:77:aa:84:30:84:04:
28:3d:99:cf:d6:27:97:53:0d:25:31:f9:ed:a4:60:
ad:79:6b:b5:91:da:84:ee:fb:c5:36:4f:75:00:a5:
a8:4c:eb:c7:6b:c0:a2:ba:e8:c3:01:b6:08:66:7d:
3d:70:fb:d4:dc:ab:f2:23:b5:c2:5f:4d:f7:0a:bb:
b8:bc:9e:e1:4a:72:93:76:76:82:aa:8c:f8:47:64:
41:3c:d0:83:dc:b7:76:c0:b2:e6:b9:84:ff:da:f0:
17:c2:bb:14:52:40:03:74:64:04:a1:0b:e7:ff:89:
65:39:72:34:a0:37:08:d5:f6:f3:8a:a7:ec:c8:a4:
0e:27:38:16:aa:86:59:65:18:13:ed:81:1e:26:99:
60:23:36:7d:9f:f8:d2:48:1e:53:64:1a:9c:e3:e8:
0b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0D:34:16:D8:50:22:F3:1C:AA:EE:85:05:39:63:16:63:8E:2F:53
X509v3 Authority Key Identifier:
keyid:AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/Ng00FthQIvMcqu6FBTljFmOOL1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c48::/48
2a13:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
1f:64:9d:57:b5:c1:92:4b:d5:c7:8f:61:fe:6c:b6:b6:5e:05:
4d:7c:77:ae:3e:98:fb:df:c1:5d:d0:be:32:77:d2:97:de:95:
7b:76:df:54:72:54:3d:c9:af:c8:29:6e:ce:54:93:d5:37:4d:
1d:ab:48:de:9b:0b:2a:aa:f3:79:36:32:17:4b:41:11:0e:06:
8a:3b:5f:03:36:17:d7:2d:ab:c5:65:eb:14:c0:3e:49:2a:65:
99:c7:36:5e:4a:c4:03:38:bf:b4:84:41:a7:d9:b4:f7:66:02:
95:72:37:1f:86:43:88:8b:2b:e1:d3:76:78:29:ad:13:0f:5d:
54:ae:e4:4d:e3:65:34:41:35:ed:c0:d9:8f:20:cc:16:d7:d9:
89:be:16:4c:7b:bd:c5:a2:96:53:f7:13:2b:c0:d9:e9:1e:fa:
5c:b5:c6:68:57:1f:79:e9:64:07:27:95:dd:58:1c:1e:b2:f6:
ce:bd:58:b4:ae:e0:f8:26:a3:e3:81:7c:b4:31:05:32:0e:29:
26:e0:42:13:f5:78:87:c0:2b:d2:44:cf:b5:99:95:2b:eb:c3:
b5:f0:ff:cd:05:c0:f0:61:01:dd:62:c5:98:a7:cb:8a:47:f2:
9d:ae:19:3b:d9:b5:31:32:00:ba:29:9e:a0:6c:38:59:27:44:
4f:db:f9:2a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzf9E58hiXCsshvPByDtY9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjdhYjNmMWE5M2U3MTRmMzA3NGEwNWQ4NmZjY2UyMjA2
MzA1YTgwHhcNMjQwMTA2MTgwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBkMzQxNmQ4NTAyMmYzMWNhYWVlODUwNTM5NjMxNjYzOGUyZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvUTegXricJlEMmb5i+oCEzX0dsZ
M+Vat7M2VFgx2BHYSeNAl5fV6oDzh1GVL7RlnIbd23dG8AQLALAyElZL0xIw17g6
1k42FyJe9pRuBwwVPwr6LSlMhozfaEtJ0fAUSyh3qoQwhAQoPZnP1ieXUw0lMfnt
pGCteWu1kdqE7vvFNk91AKWoTOvHa8CiuujDAbYIZn09cPvU3KvyI7XCX033Cru4
vJ7hSnKTdnaCqoz4R2RBPNCD3Ld2wLLmuYT/2vAXwrsUUkADdGQEoQvn/4llOXI0
oDcI1fbziqfsyKQOJzgWqoZZZRgT7YEeJplgIzZ9n/jSSB5TZBqc4+gLbQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDYNNBbYUCLzHKruhQU5YxZjji9TMB8GA1UdIwQY
MBaAFKz3qz8ak+cU8wdKBdhvzOIgYwWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMt
YWQ0M2NjZDdhYWU4LzEvTmcwMEZ0aFFJdk1jcXU2RkJUbGpGbU9PTDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMtYWQ0M2NjZDdhYWU4
LzEvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEGfAxI
AwUAKhP8gDANBgkqhkiG9w0BAQsFAAOCAQEAH2SdV7XBkkvVx49h/my2tl4FTXx3
rj6Y+9/BXdC+MnfSl96Ve3bfVHJUPcmvyCluzlST1TdNHatI3psLKqrzeTYyF0tB
EQ4GijtfAzYX1y2rxWXrFMA+SSplmcc2XkrEAzi/tIRBp9m092YClXI3H4ZDiIsr
4dN2eCmtEw9dVK7kTeNlNEE17cDZjyDMFtfZib4WTHu9xaKWU/cTK8DZ6R76XLXG
aFcfeelkByeV3VgcHrL2zr1YtK7g+Caj44F8tDEFMg4pJuBCE/V4h8Ar0kTPtZmV
K+vDtfD/zQXA8GEB3WLFmKfLikfyna4ZO9m1MTIAuimeoGw4WSdET9v5Kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:47 2024 by rpki-client on console-fra.rpki-client.org