Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/naI-_uWFzKwXH3F-CA_zWCPicEo.roa
File: naI-_uWFzKwXH3F-CA_zWCPicEo.roa (raw, json)
Hash identifier: rI3jd5RuGN5kVd6DhH3hZU9kxywMI6jrozEPIGYIPOc=
Subject key identifier: 9D:A2:3E:FE:E5:85:CC:AC:17:1F:71:7E:08:0F:F3:58:23:E2:70:4A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B4D3E651E736E47B3167EAC1CAA4AA31C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/naI-_uWFzKwXH3F-CA_zWCPicEo.roa
Signing time: Fri 20 Oct 2023 13:20:16 +0000
ROA not before: Fri 20 Oct 2023 13:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 212.192.31.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 15:11:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:3e:65:1e:73:6e:47:b3:16:7e:ac:1c:aa:4a:a3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 20 13:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da23efee585ccac171f717e080ff35823e2704a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:27:4a:50:82:98:38:6e:4c:3a:af:ce:59:79:
31:0c:73:09:f8:f9:cc:b4:8c:cd:64:d3:b9:9b:c8:
3e:b6:59:3b:87:eb:32:3b:e1:20:dc:59:17:83:d6:
fc:24:4e:e0:7d:26:37:44:be:99:5a:e1:c9:51:06:
e3:a1:5e:b5:22:e1:59:23:f3:f4:7a:c7:25:87:fc:
b4:b0:ba:51:64:65:ca:12:78:fe:eb:80:56:42:bf:
65:39:58:4f:9f:22:aa:5d:c5:97:56:f2:6a:fb:81:
8a:49:80:fe:09:53:a2:66:48:36:cf:dc:41:e1:c3:
ed:f1:6a:5e:a2:81:91:6b:a2:10:43:89:df:15:c1:
7f:56:90:81:c4:af:3a:e9:61:7f:5b:42:4a:b5:ce:
da:eb:ae:68:08:ab:ad:0b:74:a6:51:63:ca:ed:12:
71:3b:24:cb:23:46:ee:ae:c9:f4:da:38:b3:f9:cc:
bb:94:2f:a4:fd:2e:cf:24:86:90:0b:52:f8:07:05:
af:1d:b2:98:4c:b2:3d:e6:f7:b5:0c:fc:df:c8:8f:
92:6c:92:22:50:bd:ec:20:e5:b4:13:88:fc:27:48:
a8:77:38:39:48:67:87:22:e7:8d:14:3c:38:6b:2d:
61:9e:a6:99:06:62:db:bc:f6:cc:e7:51:c0:7b:87:
ae:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A2:3E:FE:E5:85:CC:AC:17:1F:71:7E:08:0F:F3:58:23:E2:70:4A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/naI-_uWFzKwXH3F-CA_zWCPicEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.199.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:c2:51:f5:c3:94:4c:0b:68:88:62:49:01:d3:10:47:fd:4f:
df:49:91:a6:13:25:55:3d:2e:0b:c1:c4:d3:0d:e0:b7:3e:fe:
b2:b5:61:1e:c7:4b:34:71:e9:86:6e:c0:b3:dc:58:b4:f9:62:
26:6c:cd:cc:f3:e5:45:84:7f:4e:c8:92:0e:30:89:74:90:62:
ad:e3:6b:d1:42:57:1d:aa:b5:ed:33:07:f3:70:f0:8e:00:73:
31:d8:86:d4:24:38:2c:23:80:34:58:05:ef:fc:5b:79:c5:e4:
31:5c:1f:a2:15:6b:45:44:10:e8:f0:7f:69:fa:36:06:71:f5:
8a:01:f2:a1:b9:0b:69:60:c5:6d:a9:3e:21:ec:9c:48:0c:f4:
7c:c3:fb:99:4d:0c:cc:66:66:df:d3:a8:23:73:e3:2f:49:3f:
f4:85:68:9e:17:8c:f5:7a:7e:b2:22:8b:42:f3:72:9a:28:e6:
a7:7c:8d:bc:1a:7a:a1:ce:d0:eb:ca:85:53:b7:b2:e2:89:04:
fd:9c:93:4f:5d:1b:95:11:70:7c:9b:52:4a:43:e2:16:6d:94:
4f:0e:34:1f:f6:6d:16:1e:34:b8:47:eb:96:68:9e:54:06:78:
fa:4e:8e:c8:87:7b:51:e6:c2:ae:55:12:9d:b7:7d:49:3a:74:
e7:4c:58:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtNPmUec25HsxZ+rByqSqMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDIwMTMyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEyM2VmZWU1ODVjY2FjMTcxZjcxN2UwODBmZjM1ODIzZTI3MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCdKUIKYOG5MOq/OWXkxDHMJ+PnM
tIzNZNO5m8g+tlk7h+syO+Eg3FkXg9b8JE7gfSY3RL6ZWuHJUQbjoV61IuFZI/P0
esclh/y0sLpRZGXKEnj+64BWQr9lOVhPnyKqXcWXVvJq+4GKSYD+CVOiZkg2z9xB
4cPt8WpeooGRa6IQQ4nfFcF/VpCBxK866WF/W0JKtc7a665oCKutC3SmUWPK7RJx
OyTLI0bursn02jiz+cy7lC+k/S7PJIaQC1L4BwWvHbKYTLI95ve1DPzfyI+SbJIi
UL3sIOW0E4j8J0iodzg5SGeHIueNFDw4ay1hnqaZBmLbvPbM51HAe4eupwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2iPv7lhcysFx9xfggP81gj4nBKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbmFJLV91V0Z6S3dYSDNGLUNBX3pXQ1BpY0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlfHAwQA
1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQBbwlH1w5RMC2iIYkkB0xBH/U/fSZGmEyVV
PS4LwcTTDeC3Pv6ytWEex0s0cemGbsCz3Fi0+WImbM3M8+VFhH9OyJIOMIl0kGKt
42vRQlcdqrXtMwfzcPCOAHMx2IbUJDgsI4A0WAXv/Ft5xeQxXB+iFWtFRBDo8H9p
+jYGcfWKAfKhuQtpYMVtqT4h7JxIDPR8w/uZTQzMZmbf06gjc+MvST/0hWieF4z1
en6yIotC83KaKOanfI28GnqhztDryoVTt7LiiQT9nJNPXRuVEXB8m1JKQ+IWbZRP
DjQf9m0WHjS4R+uWaJ5UBnj6To7Ih3tR5sKuVRKdt31JOnTnTFib
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org