Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/NZzhmsqw9ZmuCVNEySYlMLFSvig.roa
File: NZzhmsqw9ZmuCVNEySYlMLFSvig.roa (raw, json)
Hash identifier: pDZrME1UAf38FIl1RkTzTV2tVKkJaSQSIe65LTZmkR8=
Subject key identifier: 35:9C:E1:9A:CA:B0:F5:99:AE:09:53:44:C9:26:25:30:B1:52:BE:28
Certificate issuer: /CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Certificate serial: 01856D6F8405BADECE2D4088CE18991FCF7B
Authority key identifier: 7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/NZzhmsqw9ZmuCVNEySYlMLFSvig.roa
Signing time: Sun 01 Jan 2023 13:05:02 +0000
ROA not before: Sun 01 Jan 2023 13:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29319
IP address blocks: 84.23.32.0/20 maxlen: 32
217.70.16.0/20 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Oct 2023 18:02:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:84:05:ba:de:ce:2d:40:88:ce:18:99:1f:cf:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Validity
Not Before: Jan 1 13:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359ce19acab0f599ae095344c9262530b152be28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:92:43:01:6c:85:af:34:89:4a:10:47:4f:8b:
1b:28:fe:4b:f3:0b:ca:03:72:ac:e6:cb:06:f0:da:
de:b0:c4:b0:3d:0b:b0:38:0b:f1:e0:57:55:26:7e:
59:99:0e:a9:38:91:25:66:6d:58:0a:99:42:2a:e9:
4d:5b:1c:ea:46:c6:82:2c:ae:19:2e:c0:b8:6a:e7:
26:6f:0f:ba:4e:ca:5c:ee:89:80:ed:de:26:85:50:
e1:62:5a:a1:65:0a:5f:9e:6a:a7:8b:90:fe:7a:bd:
b2:b9:ac:31:1f:84:6d:71:1e:23:45:45:d3:c1:b7:
e4:56:72:a2:25:2b:f4:08:3b:98:2b:61:b2:fc:2d:
fa:d1:db:09:d3:b9:87:d6:24:1f:80:f5:69:19:5e:
a5:68:a4:59:7f:3e:05:ac:3f:51:89:7c:ec:62:fa:
94:10:cc:3b:bc:4d:fd:8a:d7:1d:63:06:02:b2:ae:
1a:fa:26:11:55:95:53:ff:2e:4c:60:74:87:17:05:
5d:c9:df:8d:94:cc:bc:60:ee:ef:ae:d5:ad:d6:fd:
12:79:60:f1:dc:28:de:70:d0:93:db:19:a9:0f:96:
80:3b:2b:1e:1b:6b:18:50:0c:6d:bc:c8:80:d2:9c:
b5:d3:3b:c9:79:ae:a1:d9:6a:bd:92:25:05:46:6e:
fa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9C:E1:9A:CA:B0:F5:99:AE:09:53:44:C9:26:25:30:B1:52:BE:28
X509v3 Authority Key Identifier:
keyid:7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/NZzhmsqw9ZmuCVNEySYlMLFSvig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.23.32.0/20
217.70.16.0/20
Signature Algorithm: sha256WithRSAEncryption
47:d5:7a:78:e9:a2:06:f2:82:6a:f9:a9:a5:0d:b8:47:1a:08:
de:2b:3b:6f:53:83:12:82:3f:c3:44:aa:1b:c9:b7:88:cf:0a:
8a:c1:42:f3:08:8a:52:d2:94:0b:3c:45:71:35:f8:82:2c:67:
73:a0:fd:21:2d:1f:15:e2:7e:8d:d0:3a:96:c3:4a:21:1f:e2:
ff:7a:89:59:90:f2:d0:fb:1c:94:f5:95:a4:cf:eb:59:5a:cd:
6c:57:2a:2f:1c:8e:37:4d:83:3f:23:35:bf:85:77:fd:de:02:
ba:6d:0d:17:ae:60:ef:df:17:e8:74:2b:4c:ed:85:5c:57:92:
0c:3b:33:0d:68:84:17:7b:3a:f9:3f:1a:0b:55:f8:6d:85:05:
5c:47:ea:ee:b0:0d:e9:67:ac:39:e2:a3:5d:a3:e8:3f:b5:7c:
82:fc:44:1b:58:b4:05:d4:06:3e:58:c3:17:e7:d2:ec:21:07:
8e:42:31:db:fb:73:c4:51:b4:a7:1d:a9:8a:c5:a4:8d:97:d4:
24:16:63:72:56:45:6c:8c:b3:9d:25:17:af:58:d8:c3:13:ad:
1f:ca:e9:be:24:d3:95:7d:30:c1:20:81:fa:02:36:be:af:d7:
92:85:41:11:21:de:81:7f:75:69:85:3e:db:e6:80:08:b1:bc:
c5:be:7f:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtb4QFut7OLUCIzhiZH897MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGJjZGVlOGNlODM5YzRkMjA0MTNjODYyNDIzY2NhMDRm
ZGM2MGEwHhcNMjMwMTAxMTMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTljZTE5YWNhYjBmNTk5YWUwOTUzNDRjOTI2MjUzMGIxNTJiZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJJDAWyFrzSJShBHT4sbKP5L8wvK
A3Ks5ssG8NresMSwPQuwOAvx4FdVJn5ZmQ6pOJElZm1YCplCKulNWxzqRsaCLK4Z
LsC4aucmbw+6Tspc7omA7d4mhVDhYlqhZQpfnmqni5D+er2yuawxH4RtcR4jRUXT
wbfkVnKiJSv0CDuYK2Gy/C360dsJ07mH1iQfgPVpGV6laKRZfz4FrD9RiXzsYvqU
EMw7vE39itcdYwYCsq4a+iYRVZVT/y5MYHSHFwVdyd+NlMy8YO7vrtWt1v0SeWDx
3CjecNCT2xmpD5aAOyseG2sYUAxtvMiA0py10zvJea6h2Wq9kiUFRm76KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWc4ZrKsPWZrglTRMkmJTCxUr4oMB8GA1UdIwQY
MBaAFHoLze6M6DnE0gQTyGJCPMoE/cYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMt
NGRlZjU3MzY1MTY5LzEvTlp6aG1zcXc5Wm11Q1ZORXlTWWxNTEZTdmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMtNGRlZjU3MzY1MTY5
LzEvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVBcgAwQE
2UYQMA0GCSqGSIb3DQEBCwUAA4IBAQBH1Xp46aIG8oJq+amlDbhHGgjeKztvU4MS
gj/DRKobybeIzwqKwULzCIpS0pQLPEVxNfiCLGdzoP0hLR8V4n6N0DqWw0ohH+L/
eolZkPLQ+xyU9ZWkz+tZWs1sVyovHI43TYM/IzW/hXf93gK6bQ0XrmDv3xfodCtM
7YVcV5IMOzMNaIQXezr5PxoLVfhthQVcR+rusA3pZ6w54qNdo+g/tXyC/EQbWLQF
1AY+WMMX59LsIQeOQjHb+3PEUbSnHamKxaSNl9QkFmNyVkVsjLOdJRevWNjDE60f
yum+JNOVfTDBIIH6Aja+r9eShUERId6Bf3VphT7b5oAIsbzFvn8D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:48 2024 by rpki-client on console-fra.rpki-client.org