Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NRacI6fEVC9aNboedmejAAL8br0.roa
File: NRacI6fEVC9aNboedmejAAL8br0.roa (raw, json)
Hash identifier: eFLvNkSiocTBcUg7i0LjoEh0Kszu52NbIdxQz4hy8RQ=
Subject key identifier: 35:16:9C:23:A7:C4:54:2F:5A:35:BA:1E:76:67:A3:00:02:FC:6E:BD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D21874ED4EB1B9B537D8F880801C64324
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NRacI6fEVC9aNboedmejAAL8br0.roa
Signing time: Fri 19 Jan 2024 11:42:12 +0000
ROA not before: Fri 19 Jan 2024 11:42:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 5.253.65.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 13:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:87:4e:d4:eb:1b:9b:53:7d:8f:88:08:01:c6:43:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 19 11:42:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35169c23a7c4542f5a35ba1e7667a30002fc6ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:02:12:97:eb:39:ab:e7:1b:ea:ca:44:57:
54:99:98:28:23:94:f5:0a:e2:60:b8:2a:dc:26:75:
20:a4:ab:3a:05:1c:e0:21:31:5e:a8:64:b5:3a:d4:
84:1f:1b:5d:f3:47:2b:42:35:08:5e:56:62:81:b3:
12:8f:a6:de:cf:8b:8a:6f:96:e8:d3:84:83:63:47:
06:03:9b:06:0e:49:26:6f:21:35:82:89:01:bc:43:
34:9f:6d:b1:08:ba:24:9b:c4:04:9a:0e:65:7c:4c:
b1:85:e1:e0:7e:8c:7b:70:8e:a5:05:55:c3:54:9e:
c8:b5:ac:21:a8:01:b1:03:72:ab:56:c9:b8:09:9a:
6f:3a:2a:92:0e:71:71:36:e0:14:47:ef:d2:6b:5c:
12:23:6f:de:0a:89:4c:d1:3c:37:1f:3f:de:97:20:
62:a3:a0:ca:46:63:28:36:ab:b9:d1:bd:cf:ac:3d:
8a:71:31:3f:84:27:26:c0:40:a0:67:ac:59:8a:a7:
c2:80:96:7c:af:28:d3:13:d2:85:f8:78:d5:a5:21:
cc:0c:e2:2e:58:52:5f:54:c7:f8:fa:2c:97:70:56:
a6:40:54:13:0f:13:22:a3:ae:bf:c7:96:16:29:ee:
a0:93:0b:6b:52:a8:d0:c5:ba:a4:e1:25:c3:02:aa:
6b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:16:9C:23:A7:C4:54:2F:5A:35:BA:1E:76:67:A3:00:02:FC:6E:BD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NRacI6fEVC9aNboedmejAAL8br0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
31.13.211.0/24
Signature Algorithm: sha256WithRSAEncryption
14:7d:dc:99:87:55:fd:bf:d2:03:bd:eb:f6:05:eb:44:9a:5e:
2e:47:ce:b3:5a:fe:96:4d:c9:49:f0:4b:c5:40:bc:e3:13:4e:
3c:b3:55:43:6c:22:2a:02:46:ee:0f:24:ab:f7:26:22:f5:3a:
b9:45:4f:36:ad:1a:07:2d:98:57:5d:4d:fa:08:f9:af:d0:bc:
07:0a:3f:4a:35:18:dd:73:eb:c6:23:39:de:9e:54:a0:9e:c4:
e0:ce:fc:5f:ce:ae:b1:8a:73:af:14:52:72:88:9c:6b:22:bf:
d8:6d:a5:3d:65:c1:31:18:22:8d:15:15:9b:c7:92:5a:0e:81:
21:33:24:81:53:ee:7c:72:a7:b7:29:6a:79:86:a3:5a:21:fc:
5a:b6:ce:6d:66:68:da:2d:38:d8:85:ed:ad:0b:57:c8:d1:aa:
b6:c5:6e:75:5f:9b:b5:1f:65:79:1c:71:fd:2e:1c:9d:59:18:
6c:65:08:11:8b:f1:9b:1f:c4:36:d8:a4:24:eb:e4:34:fe:cd:
24:b7:6b:13:2e:16:7f:0f:c2:d6:a6:88:37:2d:30:57:80:fb:
a3:a9:6a:07:ab:72:b9:ea:db:85:b3:29:33:6b:b9:6b:3f:64:
2f:fc:3a:40:cc:44:39:7f:2d:7a:2c:d4:fe:d5:6a:89:b4:32:
45:c0:d8:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0hh07U6xubU32PiAgBxkMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE5MTE0MjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE2OWMyM2E3YzQ1NDJmNWEzNWJhMWU3NjY3YTMwMDAyZmM2ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtgCEpfrOavnG+rKRFdUmZgoI5T1
CuJguCrcJnUgpKs6BRzgITFeqGS1OtSEHxtd80crQjUIXlZigbMSj6bez4uKb5bo
04SDY0cGA5sGDkkmbyE1gokBvEM0n22xCLokm8QEmg5lfEyxheHgfox7cI6lBVXD
VJ7ItawhqAGxA3KrVsm4CZpvOiqSDnFxNuAUR+/Sa1wSI2/eColM0Tw3Hz/elyBi
o6DKRmMoNqu50b3PrD2KcTE/hCcmwECgZ6xZiqfCgJZ8ryjTE9KF+HjVpSHMDOIu
WFJfVMf4+iyXcFamQFQTDxMio66/x5YWKe6gkwtrUqjQxbqk4SXDAqpr0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUWnCOnxFQvWjW6HnZnowAC/G69MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTlJhY0k2ZkVWQzlhTmJvZWRtZWpBQUw4YnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf1BAwQA
Hw3TMA0GCSqGSIb3DQEBCwUAA4IBAQAUfdyZh1X9v9IDvev2BetEml4uR86zWv6W
TclJ8EvFQLzjE048s1VDbCIqAkbuDySr9yYi9Tq5RU82rRoHLZhXXU36CPmv0LwH
Cj9KNRjdc+vGIznenlSgnsTgzvxfzq6xinOvFFJyiJxrIr/YbaU9ZcExGCKNFRWb
x5JaDoEhMySBU+58cqe3KWp5hqNaIfxats5tZmjaLTjYhe2tC1fI0aq2xW51X5u1
H2V5HHH9LhydWRhsZQgRi/GbH8Q22KQk6+Q0/s0kt2sTLhZ/D8LWpog3LTBXgPuj
qWoHq3K56tuFsykza7lrP2Qv/DpAzEQ5fy16LNT+1WqJtDJFwNiU
-----END CERTIFICATE-----
Generated at Fri Jan 26 15:52:01 2024 by rpki-client on console-ams.rpki-client.org