Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/6f8f43-1a19-410f-a2f3-e4ac706da148/1/nAk-BQXA9rZAQe_tTwTvpbovVFg.roa
File: nAk-BQXA9rZAQe_tTwTvpbovVFg.roa (raw, json)
Hash identifier: MLQBHjTjQcArLrz4MhR+yb4oxz0YTQgJKeOleoqlkg0=
Subject key identifier: 9C:09:3E:05:05:C0:F6:B6:40:41:EF:ED:4F:04:EF:A5:BA:2F:54:58
Certificate issuer: /CN=31184c9e8b6aa407c0d73ed0ba063075f6314e36
Certificate serial: 018B356641EBC363785FD2B60B4A14899D55
Authority key identifier: 31:18:4C:9E:8B:6A:A4:07:C0:D7:3E:D0:BA:06:30:75:F6:31:4E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MRhMnotqpAfA1z7QugYwdfYxTjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/6f8f43-1a19-410f-a2f3-e4ac706da148/1/nAk-BQXA9rZAQe_tTwTvpbovVFg.roa
Signing time: Sun 15 Oct 2023 22:12:55 +0000
ROA not before: Sun 15 Oct 2023 22:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206409
IP address blocks: 89.107.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:35:66:41:eb:c3:63:78:5f:d2:b6:0b:4a:14:89:9d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31184c9e8b6aa407c0d73ed0ba063075f6314e36
Validity
Not Before: Oct 15 22:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c093e0505c0f6b64041efed4f04efa5ba2f5458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:89:ec:35:5a:d2:c8:93:ea:16:bc:d8:3b:5a:
b4:39:c0:8b:2d:d4:94:05:e6:ef:fd:9d:c0:1c:09:
77:a3:52:f9:a3:45:e3:ae:5c:ef:38:01:df:fc:bd:
94:92:68:40:2e:05:41:d2:cd:9b:4b:73:0b:ba:05:
c0:00:fd:ae:4f:30:d6:ea:59:b1:44:9a:4f:05:08:
69:0e:ca:74:6e:b8:a3:59:d9:37:29:e8:56:4a:8a:
d6:08:81:7a:ee:26:d1:56:71:40:76:c8:33:cd:92:
62:5b:51:64:44:ec:c7:cb:93:db:c2:f8:39:c0:ec:
66:51:9b:47:39:32:c9:a8:ed:6c:9c:95:45:0d:91:
24:3c:c5:93:98:5b:da:ab:b6:fe:ac:50:e3:3a:44:
93:b0:ab:46:bf:54:e7:a0:e7:04:18:35:63:33:c5:
e4:d8:b8:26:89:76:64:ae:70:82:ed:03:1b:45:db:
5c:27:dc:ba:a4:3f:b7:aa:89:04:df:0e:77:03:2d:
01:47:6d:9d:cf:17:52:9b:7e:de:83:74:80:d2:87:
66:7a:69:ec:83:b5:de:ca:9f:e6:23:a2:93:d6:b0:
f9:10:38:ac:99:bf:de:74:2f:67:5e:b5:51:b8:73:
03:ef:cf:7c:8b:ff:08:ec:1e:60:cb:91:12:58:5c:
16:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:09:3E:05:05:C0:F6:B6:40:41:EF:ED:4F:04:EF:A5:BA:2F:54:58
X509v3 Authority Key Identifier:
keyid:31:18:4C:9E:8B:6A:A4:07:C0:D7:3E:D0:BA:06:30:75:F6:31:4E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MRhMnotqpAfA1z7QugYwdfYxTjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/6f8f43-1a19-410f-a2f3-e4ac706da148/1/nAk-BQXA9rZAQe_tTwTvpbovVFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/6f8f43-1a19-410f-a2f3-e4ac706da148/1/MRhMnotqpAfA1z7QugYwdfYxTjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.13.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:79:99:3f:06:10:18:6e:e9:18:71:83:f5:cc:90:d2:9d:39:
b3:0a:d1:a0:a9:a3:d6:24:8c:b2:4f:c9:d5:9a:80:d6:b9:ee:
5d:2d:c8:4b:59:a5:d8:90:f3:76:f7:b0:44:b4:4e:c3:cf:25:
7b:46:46:50:06:06:a6:4e:53:45:17:45:2a:15:c5:96:39:0d:
12:b9:94:e4:d3:63:f9:81:f9:3a:10:66:3e:31:ef:7d:2f:fb:
8d:d6:2f:5c:8e:e3:59:42:74:e8:72:46:28:b5:4b:e5:6e:d8:
72:6d:bf:6b:52:47:94:39:9e:97:30:93:f4:71:c1:c6:d8:74:
e0:94:e6:a0:a1:31:dc:ff:48:ad:a0:fd:e0:8c:89:6e:d9:98:
9a:b7:26:02:67:80:e8:12:cd:83:76:89:2e:8e:f4:11:d1:77:
5a:22:2f:77:05:36:2f:ed:7f:4c:a5:93:cc:0d:dc:df:9e:aa:
dd:46:29:4a:d9:cc:b3:18:16:7a:fa:35:74:25:ae:f5:27:f7:
83:b8:e7:93:95:ec:9e:34:6d:89:d4:9d:cd:5a:0e:ab:75:e3:
95:21:57:5a:a3:f8:76:b9:e1:52:d7:7d:1b:f0:6f:b3:c9:f3:
93:d6:7f:ba:75:ad:6d:74:49:98:f0:be:5c:0e:a9:6a:64:f4:
a2:6f:95:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs1ZkHrw2N4X9K2C0oUiZ1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMTg0YzllOGI2YWE0MDdjMGQ3M2VkMGJhMDYzMDc1ZjYz
MTRlMzYwHhcNMjMxMDE1MjIxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA5M2UwNTA1YzBmNmI2NDA0MWVmZWQ0ZjA0ZWZhNWJhMmY1NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgInsNVrSyJPqFrzYO1q0OcCLLdSU
Bebv/Z3AHAl3o1L5o0XjrlzvOAHf/L2UkmhALgVB0s2bS3MLugXAAP2uTzDW6lmx
RJpPBQhpDsp0brijWdk3KehWSorWCIF67ibRVnFAdsgzzZJiW1FkROzHy5Pbwvg5
wOxmUZtHOTLJqO1snJVFDZEkPMWTmFvaq7b+rFDjOkSTsKtGv1TnoOcEGDVjM8Xk
2LgmiXZkrnCC7QMbRdtcJ9y6pD+3qokE3w53Ay0BR22dzxdSm37eg3SA0odmemns
g7Xeyp/mI6KT1rD5EDismb/edC9nXrVRuHMD7898i/8I7B5gy5ESWFwWMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwJPgUFwPa2QEHv7U8E76W6L1RYMB8GA1UdIwQY
MBaAFDEYTJ6LaqQHwNc+0LoGMHX2MU42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVJoTW5vdHFwQWZBMXo3UXVnWXdkZll4VGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy82ZjhmNDMtMWExOS00MTBmLWEyZjMt
ZTRhYzcwNmRhMTQ4LzEvbkFrLUJRWEE5clpBUWVfdFR3VHZwYm92VkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy82ZjhmNDMtMWExOS00MTBmLWEyZjMtZTRhYzcwNmRhMTQ4
LzEvTVJoTW5vdHFwQWZBMXo3UXVnWXdkZll4VGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWsNMA0G
CSqGSIb3DQEBCwUAA4IBAQCKeZk/BhAYbukYcYP1zJDSnTmzCtGgqaPWJIyyT8nV
moDWue5dLchLWaXYkPN297BEtE7DzyV7RkZQBgamTlNFF0UqFcWWOQ0SuZTk02P5
gfk6EGY+Me99L/uN1i9cjuNZQnTockYotUvlbthybb9rUkeUOZ6XMJP0ccHG2HTg
lOagoTHc/0itoP3gjIlu2ZiatyYCZ4DoEs2DdokujvQR0XdaIi93BTYv7X9MpZPM
DdzfnqrdRilK2cyzGBZ6+jV0Ja71J/eDuOeTleyeNG2J1J3NWg6rdeOVIVdao/h2
ueFS130b8G+zyfOT1n+6da1tdEmY8L5cDqlqZPSib5VD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:54 2024 by rpki-client on console-fra.rpki-client.org