Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ncokLXClKvDD4EiQq1AGCPYW7JU.roa
File: ncokLXClKvDD4EiQq1AGCPYW7JU.roa (raw, json)
Hash identifier: jtRC/9JDZW8kHaZjEd2sF44wW0/pjpUDTEjVakONsQU=
Subject key identifier: 9D:CA:24:2D:70:A5:2A:F0:C3:E0:48:90:AB:50:06:08:F6:16:EC:95
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 018B18AF7C71CADD890CB00BFB2B84E78473
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ncokLXClKvDD4EiQq1AGCPYW7JU.roa
Signing time: Tue 10 Oct 2023 08:23:55 +0000
ROA not before: Tue 10 Oct 2023 08:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216222
IP address blocks: 2a13:cc87:fc01::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:af:7c:71:ca:dd:89:0c:b0:0b:fb:2b:84:e7:84:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Oct 10 08:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dca242d70a52af0c3e04890ab500608f616ec95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:16:ce:31:ed:fb:1f:bb:5d:ff:a5:c2:bc:
c2:6f:90:dc:5e:51:15:25:14:a2:79:8a:49:9b:04:
d6:76:3e:ad:99:81:90:16:25:c4:1c:59:20:85:ac:
6a:71:4b:60:28:cb:88:f0:fa:6a:d3:2a:04:eb:8e:
cf:dc:16:dc:6d:65:6e:82:e9:1f:7a:16:1c:36:e1:
2e:46:aa:95:ee:08:56:b3:45:0a:2e:db:6e:43:ab:
77:0c:ac:31:1d:af:26:a9:6e:dd:3b:05:54:16:6d:
22:ce:df:a8:18:80:a9:6a:ff:d9:45:76:6c:d1:84:
01:d0:51:37:e5:8b:5a:5b:58:5d:e7:83:32:9d:9c:
fd:b7:69:fd:75:50:1d:38:95:69:21:c3:56:a8:41:
4f:99:d4:4a:27:04:f9:92:15:6d:ec:5f:f9:3f:54:
3c:ac:cf:ba:6d:90:a2:15:b5:57:c8:2d:8c:40:82:
36:31:c7:5e:8f:f8:bc:ec:11:0c:95:28:0e:81:2c:
8d:de:4e:3b:00:21:9a:ce:35:8f:b5:5d:62:57:94:
ce:bf:0b:e2:44:ce:b3:16:8e:8e:8b:21:7d:66:a7:
62:c2:aa:a9:d0:76:de:52:8a:5b:df:83:4e:43:7c:
78:9f:5b:03:f9:5e:ac:5c:ab:69:ab:c9:6a:14:48:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CA:24:2D:70:A5:2A:F0:C3:E0:48:90:AB:50:06:08:F6:16:EC:95
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ncokLXClKvDD4EiQq1AGCPYW7JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cc87:fc01::/48
Signature Algorithm: sha256WithRSAEncryption
02:72:3d:29:33:e4:02:cd:a4:ba:f5:60:e5:40:8f:26:0c:1f:
ac:6c:28:0c:6a:28:61:32:76:39:36:d0:15:a9:9f:26:93:c5:
59:db:fe:ac:95:e4:56:35:40:3f:3c:2d:4b:6c:c5:25:59:be:
73:1d:f2:05:49:83:9d:55:77:b0:52:0b:08:8e:99:35:02:18:
1e:96:c3:89:1b:26:f4:e9:69:86:68:c8:ed:ba:aa:d1:2f:cb:
3d:56:79:90:35:8d:b3:d9:38:0c:f7:01:12:dc:a5:f7:64:36:
a9:8d:53:d1:2f:b6:3e:67:01:59:07:5a:4e:ba:02:9c:17:ba:
aa:af:a4:16:19:45:01:7d:30:2f:d1:4b:97:7a:18:22:40:cf:
23:05:d2:27:a1:fd:6d:83:c9:0c:28:ba:0f:74:bf:59:96:c1:
3e:8a:80:0b:9a:a2:5f:49:c9:96:1a:bb:0b:32:c4:fa:42:c0:
35:ef:44:dc:a1:c1:e0:a5:e6:0b:2e:d3:48:0a:b2:9f:44:60:
58:af:ad:99:95:a4:0e:71:a1:16:e2:bb:16:c4:c9:d9:0d:0f:
78:db:85:27:43:c4:8e:8b:eb:fc:af:56:f3:13:27:77:23:43:
3b:47:ca:3c:77:e5:f2:86:b3:4e:22:8e:0a:29:22:44:54:31:
69:6c:a8:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYsYr3xxyt2JDLAL+yuE54RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjMxMDEwMDgyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNhMjQyZDcwYTUyYWYwYzNlMDQ4OTBhYjUwMDYwOGY2MTZlYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqIWzjHt+x+7Xf+lwrzCb5DcXlEV
JRSieYpJmwTWdj6tmYGQFiXEHFkghaxqcUtgKMuI8Ppq0yoE647P3BbcbWVugukf
ehYcNuEuRqqV7ghWs0UKLttuQ6t3DKwxHa8mqW7dOwVUFm0izt+oGICpav/ZRXZs
0YQB0FE35YtaW1hd54MynZz9t2n9dVAdOJVpIcNWqEFPmdRKJwT5khVt7F/5P1Q8
rM+6bZCiFbVXyC2MQII2Mcdej/i87BEMlSgOgSyN3k47ACGazjWPtV1iV5TOvwvi
RM6zFo6OiyF9Zqdiwqqp0HbeUopb34NOQ3x4n1sD+V6sXKtpq8lqFEjyBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3KJC1wpSrww+BIkKtQBgj2FuyVMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvbmNva0xYQ2xLdkRENEVpUXExQUdDUFlXN0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPMh/wB
MA0GCSqGSIb3DQEBCwUAA4IBAQACcj0pM+QCzaS69WDlQI8mDB+sbCgMaihhMnY5
NtAVqZ8mk8VZ2/6sleRWNUA/PC1LbMUlWb5zHfIFSYOdVXewUgsIjpk1AhgelsOJ
Gyb06WmGaMjtuqrRL8s9VnmQNY2z2TgM9wES3KX3ZDapjVPRL7Y+ZwFZB1pOugKc
F7qqr6QWGUUBfTAv0UuXehgiQM8jBdInof1tg8kMKLoPdL9ZlsE+ioALmqJfScmW
GrsLMsT6QsA170TcocHgpeYLLtNICrKfRGBYr62ZlaQOcaEW4rsWxMnZDQ9424Un
Q8SOi+v8r1bzEyd3I0M7R8o8d+XyhrNOIo4KKSJEVDFpbKgM
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:11:00 2024 by rpki-client on console.sobornost.net