Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/nqgatL2ZpCI96Jk4nnSO6F3pVfk.roa
File: nqgatL2ZpCI96Jk4nnSO6F3pVfk.roa (raw, json)
Hash identifier: Qz+YM8O9uZUxnfwhIpnijSFK5j3lK8//23GaxCIBTs0=
Subject key identifier: 9E:A8:1A:B4:BD:99:A4:22:3D:E8:99:38:9E:74:8E:E8:5D:E9:55:F9
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 01856E2F804DDF11B877A75A9C3EEEBF8636
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/nqgatL2ZpCI96Jk4nnSO6F3pVfk.roa
Signing time: Sun 01 Jan 2023 16:34:44 +0000
ROA not before: Sun 01 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 94.159.96.0/24 maxlen: 24
94.159.97.0/24 maxlen: 24
94.159.98.0/24 maxlen: 24
94.159.93.0/24 maxlen: 24
94.159.94.0/24 maxlen: 24
94.159.95.0/24 maxlen: 24
94.159.103.0/24 maxlen: 24
94.159.104.0/24 maxlen: 24
94.159.105.0/24 maxlen: 24
94.159.100.0/24 maxlen: 24
94.159.101.0/24 maxlen: 24
94.159.102.0/24 maxlen: 24
94.159.99.0/24 maxlen: 24
94.159.107.0/24 maxlen: 24
94.159.108.0/24 maxlen: 24
94.159.106.0/24 maxlen: 24
94.159.71.0/24 maxlen: 24
94.159.84.0/24 maxlen: 24
94.159.81.0/24 maxlen: 24
94.159.86.0/24 maxlen: 24
94.159.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:80:4d:df:11:b8:77:a7:5a:9c:3e:ee:bf:86:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Jan 1 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ea81ab4bd99a4223de899389e748ee85de955f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:5e:33:bb:be:f7:3e:db:3b:7c:bf:a4:b6:
ec:85:8c:87:95:5e:81:12:ac:ce:4d:0c:4c:b6:83:
dd:c0:1a:dd:4e:71:f6:5a:ef:3a:9d:c3:d8:45:9c:
4e:0f:81:e8:ce:36:34:a8:2e:27:f7:d3:19:03:96:
00:46:8d:5c:3f:fd:dc:64:4b:11:85:8a:99:e3:a4:
e9:4e:3a:28:47:ea:73:1c:0a:a7:d7:65:46:e4:b4:
94:21:67:b5:89:3f:65:ec:4c:cc:11:03:b6:09:7c:
db:1b:71:28:32:e0:e0:2f:cf:74:fe:2b:32:92:19:
87:20:cc:e7:c0:43:ba:8a:c3:66:79:ca:4d:83:0c:
37:40:54:52:eb:d0:7d:d8:12:89:bd:01:c5:f7:ff:
06:8d:87:86:9b:8a:c7:8d:6c:71:cd:a3:35:5e:2b:
26:a6:68:a2:7c:d5:3a:ff:05:01:36:22:3a:2c:9c:
2f:c0:1a:8f:17:1d:61:75:cd:56:f5:6a:53:5a:a2:
58:48:94:0e:7e:6d:92:55:29:23:53:75:59:c5:fa:
fc:30:12:66:55:bc:ec:02:ec:cc:5c:62:bb:7e:28:
b5:69:2e:47:99:b7:f4:ae:08:ee:8f:4c:c4:c1:f1:
52:c9:8e:70:db:a1:c5:61:82:ec:0d:df:a0:93:53:
aa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A8:1A:B4:BD:99:A4:22:3D:E8:99:38:9E:74:8E:E8:5D:E9:55:F9
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/nqgatL2ZpCI96Jk4nnSO6F3pVfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.71.0/24
94.159.81.0/24
94.159.84.0/24
94.159.86.0/23
94.159.93.0-94.159.108.255
Signature Algorithm: sha256WithRSAEncryption
b3:48:ef:d1:60:4e:fc:9d:8c:1e:38:eb:1a:9c:d6:99:5d:e7:
72:9a:1c:d9:12:c0:1c:bf:b4:ee:c4:80:b5:43:15:4d:29:36:
22:9f:8c:34:0c:b3:28:f7:b2:6d:d2:8b:1d:44:6d:fa:02:39:
6b:14:8d:7f:9e:77:94:69:cf:11:73:24:9c:cd:08:58:29:44:
ad:67:78:6e:41:89:d2:b3:06:44:f3:18:60:d8:f0:2f:ef:e8:
c4:31:ca:90:eb:65:33:df:97:60:53:1b:98:b1:15:78:3b:eb:
72:a1:55:12:b9:88:89:91:81:81:ea:ff:24:67:c3:b0:a0:d8:
7d:22:a0:f8:44:07:43:12:bc:05:81:68:49:d4:44:c7:41:a1:
a4:10:19:71:ae:b0:ac:38:f6:f4:5a:08:b3:d1:5b:37:ea:61:
ae:24:a6:66:02:90:2b:e3:09:4a:61:5e:53:54:3d:af:b6:6c:
d1:ca:ef:30:12:3e:8b:fc:c0:f6:65:30:d5:f8:90:4b:b6:13:
3e:77:e7:ac:dd:54:1d:36:16:be:a2:dc:50:ae:fd:2c:ef:c8:
e4:ba:b3:53:f9:df:0e:2e:90:6a:13:5b:e9:3e:2c:f1:f4:6b:
d5:2f:90:fa:4b:d9:12:f8:ef:3e:08:fd:ef:77:38:8d:ca:5a:
4a:f5:e1:94
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuL4BN3xG4d6danD7uv4Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjMwMTAxMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE4MWFiNGJkOTlhNDIyM2RlODk5Mzg5ZTc0OGVlODVkZTk1NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU1eM7u+9z7bO3y/pLbshYyHlV6B
EqzOTQxMtoPdwBrdTnH2Wu86ncPYRZxOD4HozjY0qC4n99MZA5YARo1cP/3cZEsR
hYqZ46TpTjooR+pzHAqn12VG5LSUIWe1iT9l7EzMEQO2CXzbG3EoMuDgL890/isy
khmHIMznwEO6isNmecpNgww3QFRS69B92BKJvQHF9/8GjYeGm4rHjWxxzaM1Xism
pmiifNU6/wUBNiI6LJwvwBqPFx1hdc1W9WpTWqJYSJQOfm2SVSkjU3VZxfr8MBJm
VbzsAuzMXGK7fii1aS5Hmbf0rgjuj0zEwfFSyY5w26HFYYLsDd+gk1OqDwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ6oGrS9maQiPeiZOJ50juhd6VX5MB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvbnFnYXRMMlpwQ0k5NkprNG5uU082RjNwVmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXp9HAwQA
Xp9RAwQAXp9UAwQBXp9WMAwDBABen10DBABen2wwDQYJKoZIhvcNAQELBQADggEB
ALNI79FgTvydjB446xqc1pld53KaHNkSwBy/tO7EgLVDFU0pNiKfjDQMsyj3sm3S
ix1EbfoCOWsUjX+ed5RpzxFzJJzNCFgpRK1neG5BidKzBkTzGGDY8C/v6MQxypDr
ZTPfl2BTG5ixFXg763KhVRK5iImRgYHq/yRnw7Cg2H0ioPhEB0MSvAWBaEnURMdB
oaQQGXGusKw49vRaCLPRWzfqYa4kpmYCkCvjCUphXlNUPa+2bNHK7zASPov8wPZl
MNX4kEu2Ez5356zdVB02Fr6i3FCu/SzvyOS6s1P53w4ukGoTW+k+LPH0a9UvkPpL
2RL47z4I/e93OI3KWkr14ZQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:27 2024 by rpki-client on console-ams.rpki-client.org