Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/NFhst_i9NfGoldxGr9yA55b9UCE.roa
File: NFhst_i9NfGoldxGr9yA55b9UCE.roa (raw, json)
Hash identifier: xch9n9yYwsE/NZm67edw8o/qwpC6gfrFK0EHlZdzgqg=
Subject key identifier: 34:58:6C:B7:F8:BD:35:F1:A8:95:DC:46:AF:DC:80:E7:96:FD:50:21
Certificate issuer: /CN=875fc80242d2e69ebd0f22b5e3cc457594ae90ac
Certificate serial: 018D1A420829D4879BF6B7C854FCD3D17CCC
Authority key identifier: 87:5F:C8:02:42:D2:E6:9E:BD:0F:22:B5:E3:CC:45:75:94:AE:90:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1_IAkLS5p69DyK148xFdZSukKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/NFhst_i9NfGoldxGr9yA55b9UCE.roa
Signing time: Thu 18 Jan 2024 01:49:11 +0000
ROA not before: Thu 18 Jan 2024 01:49:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.169.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 14:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1a:42:08:29:d4:87:9b:f6:b7:c8:54:fc:d3:d1:7c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=875fc80242d2e69ebd0f22b5e3cc457594ae90ac
Validity
Not Before: Jan 18 01:49:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34586cb7f8bd35f1a895dc46afdc80e796fd5021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:1c:63:97:86:78:7a:25:4c:98:38:ad:27:
25:b4:d9:f5:48:3d:41:0f:96:e4:b0:34:77:d6:bc:
f8:e1:fd:2a:ba:0e:9c:d3:15:e4:88:74:69:71:89:
f5:78:d4:5d:08:60:68:2e:34:d4:c3:7b:37:41:27:
c4:d1:68:89:4d:27:76:0c:bf:3a:25:41:f6:cb:60:
12:ec:39:5a:60:36:ae:c6:d3:11:a6:1a:23:c3:89:
33:fc:1c:fc:78:92:37:1e:e7:08:4b:17:2e:85:a4:
49:74:79:65:50:e4:5d:26:83:b9:c9:55:42:e5:c5:
6e:ad:fe:c7:7c:46:c8:ec:f8:b3:2c:e7:01:73:9d:
60:94:69:22:35:fc:17:15:92:e9:9e:af:7b:61:f6:
91:63:4b:28:89:95:67:8a:59:56:b0:ee:a4:a4:4b:
0f:c9:dc:bc:61:8c:aa:be:f1:d2:ca:3e:74:cc:01:
d7:40:4b:00:f9:b9:c9:cd:df:ef:82:51:3c:43:fb:
58:c5:f8:d4:28:85:24:d5:47:18:ec:3e:08:31:3a:
0c:94:2b:3a:7b:da:53:0a:9d:ab:f9:f9:98:a0:3f:
be:da:d8:ee:c9:49:8a:56:70:6a:a8:17:b2:2d:51:
e7:fd:66:4f:44:e0:01:b3:f6:f6:7f:b1:05:e8:f6:
cf:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:58:6C:B7:F8:BD:35:F1:A8:95:DC:46:AF:DC:80:E7:96:FD:50:21
X509v3 Authority Key Identifier:
keyid:87:5F:C8:02:42:D2:E6:9E:BD:0F:22:B5:E3:CC:45:75:94:AE:90:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1_IAkLS5p69DyK148xFdZSukKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/NFhst_i9NfGoldxGr9yA55b9UCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/h1_IAkLS5p69DyK148xFdZSukKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:0a:2d:2c:18:04:cf:34:79:de:6e:a2:24:38:81:de:c6:f1:
8b:6a:3c:ad:3c:09:02:a4:6d:07:b9:70:1a:56:69:58:4b:98:
0a:e8:b1:61:99:f4:48:65:d3:60:1b:67:d8:29:5d:a5:80:ba:
8a:94:da:fc:39:21:a7:59:16:61:b6:a0:0d:fb:5c:98:11:4e:
06:4c:0d:23:d7:e6:d4:71:d6:e0:ab:a4:fb:06:10:7d:ca:f1:
3c:91:2f:b6:de:b9:67:19:e0:80:aa:37:ba:03:a2:a9:94:4d:
9a:19:64:a9:17:6c:ec:f4:d9:a4:15:1f:c1:5a:f8:a4:80:a5:
b8:d9:72:94:b7:9b:8d:57:4e:ff:57:9b:cc:86:3b:f2:3f:58:
12:74:a7:3d:85:7c:dc:bf:80:2c:07:59:32:b6:49:4a:91:b4:
ea:9b:62:0f:f1:b5:1e:04:2f:4f:57:ef:e5:f7:c3:d8:76:76:
4f:c4:1a:d5:4c:c3:d4:63:ff:0c:f4:cb:68:77:60:3a:e9:ff:
95:5c:96:39:b0:c2:44:92:15:14:2e:49:49:63:cd:ff:7f:4f:
15:b1:79:3b:45:88:a1:5e:3b:07:9a:38:39:0d:72:fd:ea:f3:
7f:22:e0:07:17:46:af:f7:bb:f9:81:1c:4f:8a:26:5a:8c:88:
b3:7f:94:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0aQggp1Ieb9rfIVPzT0XzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWZjODAyNDJkMmU2OWViZDBmMjJiNWUzY2M0NTc1OTRh
ZTkwYWMwHhcNMjQwMTE4MDE0OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU4NmNiN2Y4YmQzNWYxYTg5NWRjNDZhZmRjODBlNzk2ZmQ1MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrwcY5eGeHolTJg4rScltNn1SD1B
D5bksDR31rz44f0qug6c0xXkiHRpcYn1eNRdCGBoLjTUw3s3QSfE0WiJTSd2DL86
JUH2y2AS7DlaYDauxtMRphojw4kz/Bz8eJI3HucISxcuhaRJdHllUORdJoO5yVVC
5cVurf7HfEbI7PizLOcBc51glGkiNfwXFZLpnq97YfaRY0soiZVnillWsO6kpEsP
ydy8YYyqvvHSyj50zAHXQEsA+bnJzd/vglE8Q/tYxfjUKIUk1UcY7D4IMToMlCs6
e9pTCp2r+fmYoD++2tjuyUmKVnBqqBeyLVHn/WZPROABs/b2f7EF6PbP/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRYbLf4vTXxqJXcRq/cgOeW/VAhMB8GA1UdIwQY
MBaAFIdfyAJC0uaevQ8itePMRXWUrpCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFfSUFrTFM1cDY5RHlLMTQ4eEZkWlN1a0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi82MTAyNWYtNDNkYS00MzdkLWIwMTAt
Y2M0OWU1MzRkYjAwLzEvTkZoc3RfaTlOZkdvbGR4R3I5eUE1NWI5VUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi82MTAyNWYtNDNkYS00MzdkLWIwMTAtY2M0OWU1MzRkYjAw
LzEvaDFfSUFrTFM1cDY5RHlLMTQ4eEZkWlN1a0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwak7MA0G
CSqGSIb3DQEBCwUAA4IBAQCnCi0sGATPNHnebqIkOIHexvGLajytPAkCpG0HuXAa
VmlYS5gK6LFhmfRIZdNgG2fYKV2lgLqKlNr8OSGnWRZhtqAN+1yYEU4GTA0j1+bU
cdbgq6T7BhB9yvE8kS+23rlnGeCAqje6A6KplE2aGWSpF2zs9NmkFR/BWvikgKW4
2XKUt5uNV07/V5vMhjvyP1gSdKc9hXzcv4AsB1kytklKkbTqm2IP8bUeBC9PV+/l
98PYdnZPxBrVTMPUY/8M9Mtod2A66f+VXJY5sMJEkhUULklJY83/f08VsXk7RYih
XjsHmjg5DXL96vN/IuAHF0av97v5gRxPiiZajIizf5Qo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org