Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nM6MsTxu0yHz75YWr25OH45gNWo.roa
File: nM6MsTxu0yHz75YWr25OH45gNWo.roa (raw, json)
Hash identifier: iAn6snfMwMFB+2VpW0NIHz89NQCFWBEWdyLDTJDBIa4=
Subject key identifier: 9C:CE:8C:B1:3C:6E:D3:21:F3:EF:96:16:AF:6E:4E:1F:8E:60:35:6A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018AF4257C6AA58D9D1E2C5F63D596B09A78
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nM6MsTxu0yHz75YWr25OH45gNWo.roa
Signing time: Tue 03 Oct 2023 06:06:51 +0000
ROA not before: Tue 03 Oct 2023 06:06:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.8.0/22 maxlen: 24
188.253.12.0/22 maxlen: 22
103.25.84.0/22 maxlen: 24
82.115.0.0/21 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 01:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:25:7c:6a:a5:8d:9d:1e:2c:5f:63:d5:96:b0:9a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 3 06:06:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cce8cb13c6ed321f3ef9616af6e4e1f8e60356a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:68:01:6b:c8:ee:a9:9d:1d:b5:5d:9e:13:e5:
c9:d0:78:79:60:5f:8f:ea:b4:ae:a3:63:e9:e4:1c:
35:e8:fd:65:ce:29:a1:46:98:77:4f:e9:02:b0:45:
ce:ae:58:a2:59:bc:23:0d:e7:41:0b:f8:7e:23:7c:
b5:7f:46:f2:ee:18:b7:85:c4:a5:04:1d:09:74:bd:
d0:b9:22:04:81:fd:da:3b:7b:81:d9:3f:02:08:8a:
df:d9:0e:a9:9e:be:9c:73:22:9b:f8:91:c1:ee:99:
04:93:7a:2f:c2:3d:35:77:45:be:63:32:9d:32:51:
69:72:ff:fd:7b:a0:12:aa:dc:01:ca:1c:55:8f:26:
23:60:f8:3a:02:d8:b0:8b:ab:58:ee:7d:6f:e9:2c:
0d:d4:e4:4f:1b:77:c1:08:69:91:b8:5f:91:33:5c:
a7:28:41:72:b2:94:82:32:50:bf:0c:be:d9:70:5f:
7e:43:95:29:c7:a1:58:19:90:7d:ae:70:93:0d:f1:
bc:06:3f:ed:dd:74:ef:ab:33:aa:e2:66:d7:4d:f0:
0c:02:e4:c9:4d:e3:7d:b6:d8:98:64:4d:21:89:80:
ba:c1:67:be:56:40:ff:04:17:ae:68:c1:b4:54:af:
0d:61:30:8c:2f:75:30:f0:91:1c:f8:ad:80:07:a0:
f7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CE:8C:B1:3C:6E:D3:21:F3:EF:96:16:AF:6E:4E:1F:8E:60:35:6A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nM6MsTxu0yHz75YWr25OH45gNWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
103.25.84.0/22
159.255.32.0/21
188.214.236.0/22
188.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:d3:99:09:8f:fd:2b:33:f1:6c:92:b5:40:8b:d2:5d:38:7b:
35:d3:7f:fc:65:b0:c4:f4:00:e1:1c:61:4b:f9:44:00:c6:55:
db:d1:5a:45:dc:10:24:18:c9:ef:5b:ad:5e:1a:ad:96:53:1c:
f3:87:1f:23:92:45:b0:d3:ca:81:b0:5b:a8:50:52:0f:03:76:
c9:dd:7c:f0:18:11:8b:2b:97:60:cb:de:20:0b:7d:f8:ec:00:
50:53:de:29:f3:c2:29:1f:49:85:e4:a6:1e:31:35:a6:77:3e:
51:0f:42:54:95:7f:0f:7a:89:0f:e6:72:e4:11:b0:5d:56:c0:
05:bc:c9:a0:e4:09:25:64:10:40:09:17:1a:57:8a:4f:d6:cd:
15:2a:d0:6a:54:7c:69:b4:ac:e6:af:ae:af:37:4b:d3:f0:7a:
4e:64:d6:ab:8a:0d:ce:a1:c3:45:37:d0:d0:a5:34:f2:a2:4f:
32:97:83:85:db:bf:9c:bf:a6:28:24:ef:26:cb:bf:e7:0a:a7:
c9:9b:60:79:ca:c9:5a:21:27:25:02:25:a2:45:f0:38:a0:fb:
62:67:82:81:18:be:04:b1:b7:ed:7f:65:f4:bb:3e:82:86:e3:
21:95:c3:8a:f2:d2:82:c3:eb:f5:b7:3e:3c:16:b6:3f:60:7b:
9a:73:e5:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr0JXxqpY2dHixfY9WWsJp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDAzMDYwNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NlOGNiMTNjNmVkMzIxZjNlZjk2MTZhZjZlNGUxZjhlNjAzNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGgBa8juqZ0dtV2eE+XJ0Hh5YF+P
6rSuo2Pp5Bw16P1lzimhRph3T+kCsEXOrliiWbwjDedBC/h+I3y1f0by7hi3hcSl
BB0JdL3QuSIEgf3aO3uB2T8CCIrf2Q6pnr6ccyKb+JHB7pkEk3ovwj01d0W+YzKd
MlFpcv/9e6ASqtwByhxVjyYjYPg6Atiwi6tY7n1v6SwN1ORPG3fBCGmRuF+RM1yn
KEFyspSCMlC/DL7ZcF9+Q5Upx6FYGZB9rnCTDfG8Bj/t3XTvqzOq4mbXTfAMAuTJ
TeN9ttiYZE0hiYC6wWe+VkD/BBeuaMG0VK8NYTCML3Uw8JEc+K2AB6D3+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJzOjLE8btMh8++WFq9uTh+OYDVqMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbk02TXNUeHUweUh6NzVZV3IyNU9INDVnTldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUnMAAwQC
ZxlUAwQDn/8gAwQCvNbsAwQDvP0IMA0GCSqGSIb3DQEBCwUAA4IBAQB605kJj/0r
M/FskrVAi9JdOHs103/8ZbDE9ADhHGFL+UQAxlXb0VpF3BAkGMnvW61eGq2WUxzz
hx8jkkWw08qBsFuoUFIPA3bJ3XzwGBGLK5dgy94gC3347ABQU94p88IpH0mF5KYe
MTWmdz5RD0JUlX8PeokP5nLkEbBdVsAFvMmg5AklZBBACRcaV4pP1s0VKtBqVHxp
tKzmr66vN0vT8HpOZNarig3OocNFN9DQpTTyok8yl4OF27+cv6YoJO8my7/nCqfJ
m2B5yslaISclAiWiRfA4oPtiZ4KBGL4Esbftf2X0uz6ChuMhlcOK8tKCw+v1tz48
FrY/YHuac+XY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org