Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/u-NbuhGGTbbPrAXDzcriTE5Qu3A.roa
File: u-NbuhGGTbbPrAXDzcriTE5Qu3A.roa (raw, json)
Hash identifier: lFp/f0ZrUUUP3v7c7fKI8e4ATjX4A0qkzhvcy+1PRgY=
Subject key identifier: BB:E3:5B:BA:11:86:4D:B6:CF:AC:05:C3:CD:CA:E2:4C:4E:50:BB:70
Certificate issuer: /CN=090d50ab0f67887c5f5ed1e887e78dd2f35926fd
Certificate serial: 01856DD3ECD58F566F3C21DC154C8670211A
Authority key identifier: 09:0D:50:AB:0F:67:88:7C:5F:5E:D1:E8:87:E7:8D:D2:F3:59:26:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/u-NbuhGGTbbPrAXDzcriTE5Qu3A.roa
Signing time: Sun 01 Jan 2023 14:54:43 +0000
ROA not before: Sun 01 Jan 2023 14:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57795
IP address blocks: 2a04:1c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:ec:d5:8f:56:6f:3c:21:dc:15:4c:86:70:21:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090d50ab0f67887c5f5ed1e887e78dd2f35926fd
Validity
Not Before: Jan 1 14:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbe35bba11864db6cfac05c3cdcae24c4e50bb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a8:e4:eb:5a:0e:3e:5c:9a:20:64:34:3d:4b:
97:54:ac:82:31:b2:5b:8f:42:d2:7c:73:77:35:8e:
c0:75:3d:f0:e3:05:fe:c5:44:8d:55:d4:ca:6e:86:
4a:9f:a3:1a:7d:51:9c:27:b4:0d:9f:bc:03:20:4f:
e9:c9:1b:2c:43:c8:77:91:9c:1b:a3:4f:f4:07:99:
f6:53:84:0f:47:54:08:0d:3a:cc:5e:33:d1:7a:62:
03:47:c9:e9:61:de:e3:ff:61:41:05:0d:6f:87:ab:
e6:4e:d9:15:aa:f0:2e:71:13:d3:34:1c:9a:6c:c5:
41:87:d5:d2:4a:52:bd:55:62:79:9a:60:39:7f:5d:
18:78:75:7e:66:8a:4e:9d:9f:83:3d:bc:aa:2d:77:
a3:ad:05:12:90:f1:5b:da:b9:1c:20:1b:73:20:a8:
71:32:1f:b0:af:79:04:03:39:1f:ec:42:fe:05:31:
96:03:73:2d:6d:fa:d0:c6:79:c0:7f:db:f7:1e:0f:
30:e7:96:c1:8b:fe:14:01:da:58:3b:5b:f1:15:ea:
89:e8:62:3d:d4:68:d9:ad:43:b4:53:28:1c:33:b3:
b1:00:88:c7:e7:d4:01:c7:07:4a:fd:c6:de:83:0d:
e1:49:09:2d:63:d1:60:c9:97:56:ac:3c:d9:6a:93:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E3:5B:BA:11:86:4D:B6:CF:AC:05:C3:CD:CA:E2:4C:4E:50:BB:70
X509v3 Authority Key Identifier:
keyid:09:0D:50:AB:0F:67:88:7C:5F:5E:D1:E8:87:E7:8D:D2:F3:59:26:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/u-NbuhGGTbbPrAXDzcriTE5Qu3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b0:4a:0a:66:41:19:10:bc:3e:3e:e7:f8:a9:f8:68:03:62:
86:c3:4c:f9:52:c3:8d:40:af:52:45:f3:51:1c:93:fe:01:14:
e4:c0:3e:6c:4c:f8:af:ff:c2:db:70:4e:6a:bf:23:53:17:9f:
b7:48:89:9e:68:37:b4:7c:48:6d:41:99:09:10:11:97:d9:39:
c1:86:06:70:f6:2d:31:b8:66:70:71:be:a8:cb:78:25:68:77:
52:8b:b8:38:d0:10:3b:b9:27:92:57:d6:72:14:6b:ee:d5:57:
7b:f4:9d:50:f2:be:3d:0e:05:5d:3d:18:58:bb:36:7a:3d:a9:
c9:e4:c9:50:3a:03:93:7a:10:b3:d5:c5:d5:c5:d5:e8:48:b4:
b3:3a:b7:11:fa:c9:5f:49:94:1f:f4:f0:0c:5b:6b:c2:e7:9f:
f6:17:97:94:46:69:90:c3:f3:0d:d1:65:d5:f8:dc:e5:81:f0:
00:8d:fb:6e:be:36:42:02:e6:ca:de:f8:48:ec:0c:46:e9:96:
88:92:96:7c:96:de:d8:d4:5f:4c:44:48:e8:14:1d:58:06:db:
ac:dc:18:66:29:68:09:f2:00:b1:e2:a3:fe:c7:85:21:63:ed:
ee:5a:46:91:62:2c:98:a0:b4:36:42:c2:1d:7b:83:e5:14:e0:
3c:5c:e9:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVt0+zVj1ZvPCHcFUyGcCEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGQ1MGFiMGY2Nzg4N2M1ZjVlZDFlODg3ZTc4ZGQyZjM1
OTI2ZmQwHhcNMjMwMTAxMTQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmUzNWJiYTExODY0ZGI2Y2ZhYzA1YzNjZGNhZTI0YzRlNTBiYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6jk61oOPlyaIGQ0PUuXVKyCMbJb
j0LSfHN3NY7AdT3w4wX+xUSNVdTKboZKn6MafVGcJ7QNn7wDIE/pyRssQ8h3kZwb
o0/0B5n2U4QPR1QIDTrMXjPRemIDR8npYd7j/2FBBQ1vh6vmTtkVqvAucRPTNBya
bMVBh9XSSlK9VWJ5mmA5f10YeHV+ZopOnZ+DPbyqLXejrQUSkPFb2rkcIBtzIKhx
Mh+wr3kEAzkf7EL+BTGWA3MtbfrQxnnAf9v3Hg8w55bBi/4UAdpYO1vxFeqJ6GI9
1GjZrUO0UygcM7OxAIjH59QBxwdK/cbegw3hSQktY9FgyZdWrDzZapOHUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLvjW7oRhk22z6wFw83K4kxOULtwMB8GA1UdIwQY
MBaAFAkNUKsPZ4h8X17R6IfnjdLzWSb9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ExUXF3OW5pSHhmWHRIb2gtZU4wdk5aSnYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83ZWZjZGMtZjg2Yi00MWZkLWFkOTMt
YWQxMzc4Mjg5YTEzLzEvdS1OYnVoR0dUYmJQckFYRHpjcmlURTVRdTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83ZWZjZGMtZjg2Yi00MWZkLWFkOTMtYWQxMzc4Mjg5YTEz
LzEvQ1ExUXF3OW5pSHhmWHRIb2gtZU4wdk5aSnYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQBwDAN
BgkqhkiG9w0BAQsFAAOCAQEAO7BKCmZBGRC8Pj7n+Kn4aANihsNM+VLDjUCvUkXz
URyT/gEU5MA+bEz4r//C23BOar8jUxeft0iJnmg3tHxIbUGZCRARl9k5wYYGcPYt
MbhmcHG+qMt4JWh3Uou4ONAQO7knklfWchRr7tVXe/SdUPK+PQ4FXT0YWLs2ej2p
yeTJUDoDk3oQs9XF1cXV6Ei0szq3EfrJX0mUH/TwDFtrwuef9heXlEZpkMPzDdFl
1fjc5YHwAI37br42QgLmyt74SOwMRumWiJKWfJbe2NRfTERI6BQdWAbbrNwYZilo
CfIAseKj/seFIWPt7lpGkWIsmKC0NkLCHXuD5RTgPFzpKg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:05 2024 by rpki-client on console.sobornost.net