Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nlr2OQ_eMF5Oxc8HlIizUeMhizs.roa
File: nlr2OQ_eMF5Oxc8HlIizUeMhizs.roa (raw, json)
Hash identifier: gtXvkUz8unVjPpJGvbylC4UlJKBlUgZp85tJsl8Tcwo=
Subject key identifier: 9E:5A:F6:39:0F:DE:30:5E:4E:C5:CF:07:94:88:B3:51:E3:21:8B:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BAF1A99A55D26FAE8B04CCF785B38A421
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nlr2OQ_eMF5Oxc8HlIizUeMhizs.roa
Signing time: Wed 08 Nov 2023 13:23:57 +0000
ROA not before: Wed 08 Nov 2023 13:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 212.192.215.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 17:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:1a:99:a5:5d:26:fa:e8:b0:4c:cf:78:5b:38:a4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 13:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e5af6390fde305e4ec5cf079488b351e3218b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9a:bb:5e:e0:a4:85:0c:4f:55:83:39:1b:93:
55:53:10:89:03:c5:a3:86:fe:68:71:3e:59:95:38:
49:2e:02:22:a8:e9:fb:9e:27:99:be:9f:65:9e:48:
8d:6a:c8:f4:b8:fb:f1:2e:66:4a:11:1f:d4:7e:09:
a3:4c:6c:3e:24:ab:28:4e:85:16:85:d1:ce:93:b6:
9b:ae:a8:b7:93:18:4a:23:7c:6d:e7:f9:b3:ee:52:
ed:7e:3e:59:fc:32:80:7e:e7:2f:51:45:e5:11:3b:
3c:97:36:d2:7c:25:4a:7d:2b:65:22:65:a8:65:25:
a3:ef:09:44:0b:42:41:a6:56:0b:38:f6:b9:3e:ee:
0d:5b:06:f8:06:59:c5:ac:a2:28:4e:d0:ed:67:d1:
76:1a:16:4a:f5:de:61:04:61:cf:6f:a1:12:08:a4:
bb:e6:da:de:9d:68:ae:db:10:c6:ab:42:ae:d0:1d:
d4:b2:a8:a6:7d:9b:94:6b:31:3c:9a:0a:7b:bb:62:
63:6d:31:6b:dd:60:6f:7d:9f:9f:8a:01:8e:e8:67:
c7:aa:c3:45:fc:a6:0d:30:8f:be:8c:b8:bb:10:ff:
63:ca:ca:24:3f:3c:ce:ee:68:b4:71:fd:84:a0:5a:
30:83:2f:b4:13:07:72:a0:06:3e:8a:5a:17:be:a7:
37:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5A:F6:39:0F:DE:30:5E:4E:C5:CF:07:94:88:B3:51:E3:21:8B:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nlr2OQ_eMF5Oxc8HlIizUeMhizs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.54.0/24
212.192.215.0/24
Signature Algorithm: sha256WithRSAEncryption
19:be:1b:79:2a:bf:9a:14:2d:14:61:f8:94:a4:ee:01:b3:d7:
7a:17:4c:9a:91:43:67:eb:d0:ac:f6:f8:e9:a9:1b:52:ce:35:
99:17:28:e8:b5:7b:ff:08:f3:06:08:38:80:e9:64:62:99:97:
88:07:cc:2c:58:35:ca:d0:43:0e:7a:9b:b0:bc:d9:64:b5:17:
d6:4a:e6:df:87:98:50:c8:64:1b:9d:33:7c:c2:19:9e:35:a0:
bb:c2:7f:49:c4:8a:c3:ed:1e:cb:25:7c:fe:c0:21:27:4a:12:
dd:d7:53:ac:aa:5d:0b:fa:dc:8a:e9:e9:fb:f8:a7:98:5d:db:
fa:e1:93:97:af:4e:58:7d:0d:ba:bd:d1:1f:18:ea:8c:00:1e:
14:61:97:0e:86:e0:43:b1:bd:83:e5:c7:7c:05:bb:0a:d9:53:
85:9f:40:4d:0b:5e:03:2e:5f:14:21:ad:78:b3:7c:8e:5d:32:
af:4c:af:f6:4d:95:72:f6:96:7e:e6:1e:3e:d6:d4:89:2e:a1:
02:a9:57:81:ab:7d:e0:27:18:60:30:22:7c:a0:d8:bc:36:dc:
d3:5e:ff:40:f0:4f:40:f7:0b:c7:39:9e:dc:64:9c:01:e9:9a:
97:4b:71:c8:d0:e7:a8:e3:41:41:0a:3f:e1:95:03:89:01:cd:
5b:59:22:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuvGpmlXSb66LBMz3hbOKQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA4MTMyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTVhZjYzOTBmZGUzMDVlNGVjNWNmMDc5NDg4YjM1MWUzMjE4YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpq7XuCkhQxPVYM5G5NVUxCJA8Wj
hv5ocT5ZlThJLgIiqOn7nieZvp9lnkiNasj0uPvxLmZKER/UfgmjTGw+JKsoToUW
hdHOk7abrqi3kxhKI3xt5/mz7lLtfj5Z/DKAfucvUUXlETs8lzbSfCVKfStlImWo
ZSWj7wlEC0JBplYLOPa5Pu4NWwb4BlnFrKIoTtDtZ9F2GhZK9d5hBGHPb6ESCKS7
5trenWiu2xDGq0Ku0B3UsqimfZuUazE8mgp7u2JjbTFr3WBvfZ+figGO6GfHqsNF
/KYNMI++jLi7EP9jysokPzzO7mi0cf2EoFowgy+0EwdyoAY+iloXvqc3bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5a9jkP3jBeTsXPB5SIs1HjIYs7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbmxyMk9RX2VNRjVPeGM4SGxJaXpVZU1oaXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlc2AwQA
1MDXMA0GCSqGSIb3DQEBCwUAA4IBAQAZvht5Kr+aFC0UYfiUpO4Bs9d6F0yakUNn
69Cs9vjpqRtSzjWZFyjotXv/CPMGCDiA6WRimZeIB8wsWDXK0EMOepuwvNlktRfW
Subfh5hQyGQbnTN8whmeNaC7wn9JxIrD7R7LJXz+wCEnShLd11Osql0L+tyK6en7
+KeYXdv64ZOXr05YfQ26vdEfGOqMAB4UYZcOhuBDsb2D5cd8BbsK2VOFn0BNC14D
Ll8UIa14s3yOXTKvTK/2TZVy9pZ+5h4+1tSJLqECqVeBq33gJxhgMCJ8oNi8NtzT
Xv9A8E9A9wvHOZ7cZJwB6ZqXS3HI0Oeo40FBCj/hlQOJAc1bWSLm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org