Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nsmzXhHb8dLxL1OVO684CBjZMcg.roa
File: nsmzXhHb8dLxL1OVO684CBjZMcg.roa (raw, json)
Hash identifier: a3UCprj4zq6BlhIjttawqdV8fpCAfcj2zkpXnHZFzDw=
Subject key identifier: 9E:C9:B3:5E:11:DB:F1:D2:F1:2F:53:95:3B:AF:38:08:18:D9:31:C8
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01878EDC18EA8728D686CE6E677066BF114B
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nsmzXhHb8dLxL1OVO684CBjZMcg.roa
Signing time: Mon 17 Apr 2023 10:56:41 +0000
ROA not before: Mon 17 Apr 2023 10:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4651
IP address blocks: 163.171.105.0/24 maxlen: 24
163.171.108.0/24 maxlen: 24
163.171.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 05:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:dc:18:ea:87:28:d6:86:ce:6e:67:70:66:bf:11:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 17 10:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ec9b35e11dbf1d2f12f53953baf380818d931c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:27:de:6a:5e:59:26:11:31:52:08:97:07:c2:
79:6d:ae:41:ff:cc:61:45:41:db:47:1f:9d:c8:c7:
59:2e:0a:93:83:05:26:ff:57:c9:40:ce:ea:5c:ed:
7b:e2:d7:a0:5e:70:9f:7b:3f:88:b1:01:68:79:fb:
fd:14:fe:52:94:67:63:71:a1:7d:d0:f8:90:26:48:
a6:63:d9:8c:7c:31:8e:b9:c9:42:c1:fc:bb:ec:a3:
41:20:07:69:d3:71:30:5d:27:5b:17:b7:f2:4c:6a:
90:16:9c:f0:24:58:66:78:02:0f:4e:69:c4:7f:da:
42:23:94:bc:a1:85:25:a2:82:84:f0:ab:49:4a:2c:
dc:6c:a7:81:9b:cb:02:c2:be:09:85:39:63:16:34:
3f:6f:a1:d1:05:06:e6:d0:84:43:b2:12:72:c4:9e:
66:e9:ab:e5:7f:46:7b:94:a7:1e:d6:11:8d:43:1b:
be:0e:62:31:09:41:a6:f4:52:2a:d5:d1:74:16:54:
fd:00:97:30:ff:0d:b4:6a:61:38:a1:88:c5:5e:88:
e4:1c:7f:72:db:00:14:20:d9:ab:12:af:9c:7c:c2:
0d:39:db:7a:68:c0:62:c5:41:fb:f5:70:57:97:2e:
4d:ce:23:a4:ab:bd:16:05:d2:0e:ed:0b:49:78:ad:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C9:B3:5E:11:DB:F1:D2:F1:2F:53:95:3B:AF:38:08:18:D9:31:C8
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nsmzXhHb8dLxL1OVO684CBjZMcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.105.0-163.171.106.255
163.171.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:80:f1:3c:8d:61:5a:ed:cd:49:d0:1e:73:6a:aa:82:a1:20:
50:7b:24:aa:24:76:4b:fd:f0:b0:3a:b4:54:1c:ac:52:27:a7:
7c:d8:51:80:72:fc:15:87:d3:6c:04:5b:7f:fa:5d:2d:b0:71:
64:13:67:6b:d0:3a:93:9e:af:ff:a0:98:d8:3b:91:81:03:7a:
15:95:68:f2:f3:fe:38:02:42:c8:5c:b7:95:70:44:ac:ae:12:
d8:d8:e9:01:cd:fc:5b:91:52:55:90:5c:89:b0:57:5d:12:f8:
d8:44:26:15:4d:85:a9:bf:ef:39:08:5e:84:21:a2:50:af:e3:
a5:ea:46:25:22:0e:95:85:13:d6:8f:a0:49:1a:3b:8a:fe:3e:
0a:61:27:0e:24:9e:c1:fe:be:2d:97:2a:90:be:99:e0:52:05:
ce:8d:a7:34:71:3c:2d:b5:73:12:a4:e8:ca:e3:a5:08:71:9b:
a1:2c:cd:68:ae:59:49:ab:b1:f5:b4:eb:2d:49:44:71:74:68:
2a:66:da:92:27:8f:e9:21:a0:c9:16:81:d4:bd:43:d2:36:fc:
11:b7:59:a6:c3:6b:28:41:90:09:3c:25:1b:5b:52:21:76:c6:
a1:b7:39:b7:7e:ee:62:38:0b:c2:16:84:11:d3:7f:76:59:01:
c0:88:8f:b6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYeO3BjqhyjWhs5uZ3BmvxFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNDE3MTA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM5YjM1ZTExZGJmMWQyZjEyZjUzOTUzYmFmMzgwODE4ZDkzMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhifeal5ZJhExUgiXB8J5ba5B/8xh
RUHbRx+dyMdZLgqTgwUm/1fJQM7qXO174tegXnCfez+IsQFoefv9FP5SlGdjcaF9
0PiQJkimY9mMfDGOuclCwfy77KNBIAdp03EwXSdbF7fyTGqQFpzwJFhmeAIPTmnE
f9pCI5S8oYUlooKE8KtJSizcbKeBm8sCwr4JhTljFjQ/b6HRBQbm0IRDshJyxJ5m
6avlf0Z7lKce1hGNQxu+DmIxCUGm9FIq1dF0FlT9AJcw/w20amE4oYjFXojkHH9y
2wAUINmrEq+cfMINOdt6aMBixUH79XBXly5NziOkq70WBdIO7QtJeK2r3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ7Js14R2/HS8S9TlTuvOAgY2THIMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvbnNtelhoSGI4ZEx4TDFPVk82ODRDQmpaTWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACjq2kD
BACjq2oDBACjq2wwDQYJKoZIhvcNAQELBQADggEBAF6A8TyNYVrtzUnQHnNqqoKh
IFB7JKokdkv98LA6tFQcrFInp3zYUYBy/BWH02wEW3/6XS2wcWQTZ2vQOpOer/+g
mNg7kYEDehWVaPLz/jgCQshct5VwRKyuEtjY6QHN/FuRUlWQXImwV10S+NhEJhVN
ham/7zkIXoQholCv46XqRiUiDpWFE9aPoEkaO4r+PgphJw4knsH+vi2XKpC+meBS
Bc6NpzRxPC21cxKk6MrjpQhxm6EszWiuWUmrsfW06y1JRHF0aCpm2pInj+khoMkW
gdS9Q9I2/BG3WabDayhBkAk8JRtbUiF2xqG3Obd+7mI4C8IWhBHTf3ZZAcCIj7Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org