Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/NfEtDwHTMD-7IF87JINMYiHkIQo.roa
File: NfEtDwHTMD-7IF87JINMYiHkIQo.roa (raw, json)
Hash identifier: WfZhwsFn3hWY8MnLE9B+TK77Xmrv3mJwV4/VN5hJkWE=
Subject key identifier: 35:F1:2D:0F:01:D3:30:3F:BB:20:5F:3B:24:83:4C:62:21:E4:21:0A
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186370C73256BBCCBCA1A5D24DD0DD773A0
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/NfEtDwHTMD-7IF87JINMYiHkIQo.roa
Signing time: Thu 09 Feb 2023 16:40:08 +0000
ROA not before: Thu 09 Feb 2023 16:40:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208022
IP address blocks: 2a12:ef40::/32 maxlen: 32
2a12:ef45::/32 maxlen: 32
2a12:ef42::/32 maxlen: 32
2a12:ef46::/32 maxlen: 32
2a12:ef41::/32 maxlen: 32
2a12:ef44::/32 maxlen: 32
2a12:ef43::/32 maxlen: 32
2a12:ef47::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:0c:73:25:6b:bc:cb:ca:1a:5d:24:dd:0d:d7:73:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Feb 9 16:40:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35f12d0f01d3303fbb205f3b24834c6221e4210a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:bd:21:71:bd:73:52:04:67:04:12:b1:d3:
62:1e:00:26:d1:a0:05:75:a8:68:e6:d2:09:29:9e:
88:e2:d4:a4:f9:13:bb:a5:e5:a0:34:c3:f6:98:fe:
a3:c2:c0:5e:31:e0:24:5c:20:80:c9:f9:43:6b:aa:
87:07:ae:58:8b:65:a2:00:34:43:8c:4f:cb:26:29:
68:0e:d0:d8:c8:4c:eb:09:b6:3f:17:93:a5:ea:ec:
db:9d:52:d1:0b:94:85:ba:09:65:ca:c3:98:de:59:
69:c7:3b:17:0c:ea:27:d5:d6:0e:b9:e4:25:93:52:
ca:23:0a:db:26:ce:cc:ef:ac:c4:63:90:57:3a:65:
41:b7:44:8e:7e:a2:4e:a6:b6:c1:02:14:a7:16:1b:
de:68:b2:ee:94:09:f1:5c:b4:d5:57:b8:ad:0c:64:
37:6e:8d:e2:5d:d2:ea:bc:ff:7e:e3:b1:ba:a7:a5:
3d:31:aa:84:1a:ce:a1:60:ac:82:cb:0e:6b:ba:46:
af:9e:d2:63:3b:7e:7e:64:e0:fb:aa:a7:f5:0f:97:
2d:f0:12:e5:6a:1c:9a:7b:57:f9:e1:57:7a:69:f4:
f8:fe:2b:26:65:13:88:57:c4:07:e1:26:6e:93:d9:
b3:76:38:fd:52:c8:67:fe:95:68:3a:d2:d7:fe:c1:
69:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F1:2D:0F:01:D3:30:3F:BB:20:5F:3B:24:83:4C:62:21:E4:21:0A
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/NfEtDwHTMD-7IF87JINMYiHkIQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
09:3b:b8:a2:b8:b8:dc:09:fb:8c:a4:97:4d:06:f1:e1:5d:5d:
ca:ce:da:69:50:1b:18:5f:a7:42:4a:9c:15:2c:09:bd:3a:19:
1f:cb:ec:58:01:26:f2:41:3d:3d:40:b9:0a:9f:83:c1:91:a1:
8f:e8:47:a6:4f:11:b6:6b:9a:ea:8e:9f:b4:ba:1f:30:5f:04:
0e:b3:e9:91:d8:6e:bd:d1:b2:d8:ac:89:8e:c1:be:f5:ca:ea:
57:2f:64:ef:d1:9c:5d:5a:04:ec:49:1c:26:fc:08:0e:fa:50:
66:83:10:25:36:4e:83:d8:b3:f8:4e:92:02:9b:ac:3b:5a:f4:
cd:ea:36:7a:42:ac:f6:77:74:69:4c:35:a4:3b:3c:dd:e9:09:
7e:49:8e:4c:ed:14:5d:40:48:f5:c2:41:5e:dc:de:81:95:e8:
b4:ee:d9:8f:ff:29:a3:9e:bd:40:dd:b7:2b:60:fb:11:66:06:
62:1c:3f:d4:a0:12:7f:77:6b:c6:c5:3f:95:ab:12:65:d6:4b:
f8:46:c4:ad:26:bd:ed:21:c0:c6:31:0b:bb:e7:3c:de:36:dd:
55:9b:74:2b:ef:5d:b0:91:c2:6a:78:5e:e7:cd:44:06:b2:3b:
24:7a:e9:f6:eb:7d:84:3a:e7:a2:d7:3d:71:8e:39:22:a9:6b:
5b:ac:fb:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYY3DHMla7zLyhpdJN0N13OgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMjA5MTY0MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYxMmQwZjAxZDMzMDNmYmIyMDVmM2IyNDgzNGM2MjIxZTQyMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzu9IXG9c1IEZwQSsdNiHgAm0aAF
daho5tIJKZ6I4tSk+RO7peWgNMP2mP6jwsBeMeAkXCCAyflDa6qHB65Yi2WiADRD
jE/LJiloDtDYyEzrCbY/F5Ol6uzbnVLRC5SFugllysOY3llpxzsXDOon1dYOueQl
k1LKIwrbJs7M76zEY5BXOmVBt0SOfqJOprbBAhSnFhveaLLulAnxXLTVV7itDGQ3
bo3iXdLqvP9+47G6p6U9MaqEGs6hYKyCyw5rukavntJjO35+ZOD7qqf1D5ct8BLl
ahyae1f54Vd6afT4/ismZROIV8QH4SZuk9mzdjj9Ushn/pVoOtLX/sFpiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDXxLQ8B0zA/uyBfOySDTGIh5CEKMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvTmZFdER3SFRNRC03SUY4N0pJTk1ZaUhrSVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLvQDAN
BgkqhkiG9w0BAQsFAAOCAQEACTu4ori43An7jKSXTQbx4V1dys7aaVAbGF+nQkqc
FSwJvToZH8vsWAEm8kE9PUC5Cp+DwZGhj+hHpk8Rtmua6o6ftLofMF8EDrPpkdhu
vdGy2KyJjsG+9crqVy9k79GcXVoE7EkcJvwIDvpQZoMQJTZOg9iz+E6SApusO1r0
zeo2ekKs9nd0aUw1pDs83ekJfkmOTO0UXUBI9cJBXtzegZXotO7Zj/8po569QN23
K2D7EWYGYhw/1KASf3drxsU/lasSZdZL+EbErSa97SHAxjELu+c83jbdVZt0K+9d
sJHCanhe581EBrI7JHrp9ut9hDrnotc9cY45IqlrW6z7PQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net