Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/neXBFfTdSfogNqtuQzW9QgT7tbY.roa
File: neXBFfTdSfogNqtuQzW9QgT7tbY.roa (raw, json)
Hash identifier: KmrvjXrC0qRgk2aeqWAVHOOGBc2QjuR7082ArpBzyzs=
Subject key identifier: 9D:E5:C1:15:F4:DD:49:FA:20:36:AB:6E:43:35:BD:42:04:FB:B5:B6
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 01856BEEAF57612A3E0B87362D6ACC7C5B66
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/neXBFfTdSfogNqtuQzW9QgT7tbY.roa
Signing time: Sun 01 Jan 2023 06:04:42 +0000
ROA not before: Sun 01 Jan 2023 06:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12968
IP address blocks: 93.159.0.0/18 maxlen: 18
62.111.128.0/17 maxlen: 17
85.128.0.0/17 maxlen: 17
89.171.0.0/16 maxlen: 16
193.91.16.0/20 maxlen: 20
62.181.160.0/19 maxlen: 19
2001:16b0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:af:57:61:2a:3e:0b:87:36:2d:6a:cc:7c:5b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 06:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9de5c115f4dd49fa2036ab6e4335bd4204fbb5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cf:64:1a:35:6b:0a:b7:b3:c1:c8:3b:f0:da:
ff:5c:c9:cb:cb:f4:9e:b6:0a:53:a5:0d:58:a4:52:
24:9c:e0:88:c5:e8:23:29:ba:85:40:1c:d0:40:1c:
a1:d5:f8:ca:d2:d8:1c:03:62:f8:7b:b3:5d:9a:43:
39:e9:72:88:4f:66:7e:04:ec:1c:ab:ca:18:ef:02:
2a:4c:9e:d2:a0:35:0b:d0:d0:db:d7:35:84:6e:00:
62:47:df:36:4e:3d:43:9a:cb:e7:fc:64:b4:aa:68:
69:01:d1:16:27:07:af:ec:37:7a:c4:be:e1:0e:6f:
bd:56:47:61:8a:cf:a9:99:e9:99:7b:53:7a:84:05:
a0:3d:35:5f:30:54:e3:3c:68:04:81:cf:65:33:6e:
54:6b:d1:b3:c7:6f:e6:63:a5:3c:d0:5b:fd:e7:de:
ce:28:97:19:f2:09:13:2b:0a:4e:06:85:a8:81:fe:
82:31:1a:67:78:0e:bc:2a:ab:38:ad:57:3e:fc:1e:
e6:16:b6:96:6b:3b:6e:64:6e:cf:e3:25:92:eb:3a:
f1:42:2e:f0:ba:30:29:8a:01:a7:f8:b3:5d:3e:48:
6a:0f:bd:85:84:28:36:e9:8c:ca:8b:33:fc:ec:28:
77:29:55:eb:42:ce:7b:80:d2:f9:b0:7a:e5:72:15:
52:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E5:C1:15:F4:DD:49:FA:20:36:AB:6E:43:35:BD:42:04:FB:B5:B6
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/neXBFfTdSfogNqtuQzW9QgT7tbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.111.128.0/17
62.181.160.0/19
85.128.0.0/17
89.171.0.0/16
93.159.0.0/18
193.91.16.0/20
IPv6:
2001:16b0::/32
Signature Algorithm: sha256WithRSAEncryption
11:d1:56:29:f7:c7:a7:ed:a9:32:5f:32:20:6d:d7:e3:b7:e0:
0b:3a:32:e8:a1:26:4b:88:a7:8a:de:4e:9b:83:5a:44:27:d7:
2d:ff:8c:b1:15:a1:e0:86:df:f7:2c:52:85:74:cf:d2:7a:3e:
b5:8c:1e:ac:c5:8a:81:29:92:2e:a8:14:94:29:d1:a1:28:c0:
cb:67:40:e4:77:5e:b9:6e:d4:53:87:85:49:0c:f6:90:25:7e:
e6:38:6a:5f:7c:f6:f1:87:7c:ca:4c:ad:53:93:59:ed:9c:f0:
e9:6a:b6:ee:91:b1:e3:9a:e4:95:80:1d:58:ad:84:d1:3e:44:
b9:8b:a3:31:c8:9f:1c:85:73:df:e3:3a:0d:c4:5b:55:52:cd:
de:fd:71:c7:61:e7:68:ce:b1:c8:3a:81:8b:6c:2b:a2:36:fe:
d7:86:f5:8c:d0:11:17:8b:60:3a:be:03:c8:8e:58:77:67:c2:
e8:10:45:e0:4d:5e:23:b4:a4:28:b0:35:72:9c:09:2a:2a:01:
7f:f7:3c:dd:fb:8a:e9:4c:33:f5:63:fc:4a:c6:ee:77:79:c7:
1a:35:2e:64:63:0d:31:54:f0:60:33:64:81:6a:37:6b:47:11:
47:ad:19:9a:8c:37:4d:9e:4f:e0:ac:05:31:3e:19:87:7d:7b:
e0:8b:ed:cc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVr7q9XYSo+C4c2LWrMfFtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU1YzExNWY0ZGQ0OWZhMjAzNmFiNmU0MzM1YmQ0MjA0ZmJiNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs9kGjVrCrezwcg78Nr/XMnLy/Se
tgpTpQ1YpFIknOCIxegjKbqFQBzQQByh1fjK0tgcA2L4e7NdmkM56XKIT2Z+BOwc
q8oY7wIqTJ7SoDUL0NDb1zWEbgBiR982Tj1Dmsvn/GS0qmhpAdEWJwev7Dd6xL7h
Dm+9Vkdhis+pmemZe1N6hAWgPTVfMFTjPGgEgc9lM25Ua9Gzx2/mY6U80Fv9597O
KJcZ8gkTKwpOBoWogf6CMRpneA68Kqs4rVc+/B7mFraWaztuZG7P4yWS6zrxQi7w
ujApigGn+LNdPkhqD72FhCg26YzKizP87Ch3KVXrQs57gNL5sHrlchVSkwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJ3lwRX03Un6IDarbkM1vUIE+7W2MB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvbmVYQkZmVGRTZm9nTnF0dVF6VzlRZ1Q3dGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQHPm+AAwQF
PrWgAwQHVYAAAwMAWasDBAZdnwADBATBWxAwDQQCAAIwBwMFACABFrAwDQYJKoZI
hvcNAQELBQADggEBABHRVin3x6ftqTJfMiBt1+O34As6MuihJkuIp4reTpuDWkQn
1y3/jLEVoeCG3/csUoV0z9J6PrWMHqzFioEpki6oFJQp0aEowMtnQOR3Xrlu1FOH
hUkM9pAlfuY4al989vGHfMpMrVOTWe2c8Olqtu6RseOa5JWAHVithNE+RLmLozHI
nxyFc9/jOg3EW1VSzd79ccdh52jOscg6gYtsK6I2/teG9YzQEReLYDq+A8iOWHdn
wugQReBNXiO0pCiwNXKcCSoqAX/3PN37iulMM/Vj/ErG7nd5xxo1LmRjDTFU8GAz
ZIFqN2tHEUetGZqMN02eT+CsBTE+GYd9e+CL7cw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org