Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nsYBOtf00Yf3vB6nKrW8Y_DBGn0.roa
File: nsYBOtf00Yf3vB6nKrW8Y_DBGn0.roa (raw, json)
Hash identifier: tnT1FZKJnmZV23+d2+sIvqBn3qlKvtrdN2IjwqB5Pkg=
Subject key identifier: 9E:C6:01:3A:D7:F4:D1:87:F7:BC:1E:A7:2A:B5:BC:63:F0:C1:1A:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190926BC61BE72EF534440FD735CD2AC889
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nsYBOtf00Yf3vB6nKrW8Y_DBGn0.roa
Signing time: Mon 08 Jul 2024 12:57:34 +0000
ROA not before: Mon 08 Jul 2024 12:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.156.177.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Aug 2024 04:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:6b:c6:1b:e7:2e:f5:34:44:0f:d7:35:cd:2a:c8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 8 12:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ec6013ad7f4d187f7bc1ea72ab5bc63f0c11a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1d:6d:8b:64:7c:94:d5:27:c7:39:83:4e:92:
81:95:ee:73:f4:52:d6:40:1d:44:1d:3a:85:f6:b8:
8e:0b:58:19:bc:a0:5d:22:8f:15:c5:51:71:a4:7c:
90:8b:02:16:76:c8:f1:d8:d0:00:39:20:91:a8:c8:
a6:64:66:4d:fe:8c:5c:84:4c:d9:f8:fb:ee:a4:ec:
31:d3:91:bc:38:3f:90:ea:e2:3d:ce:59:df:e9:b7:
fd:cb:56:50:a4:95:ef:d4:95:d0:66:5b:6f:a6:c6:
c6:f1:42:f7:e1:53:7e:c4:2d:df:3f:ce:f6:f9:98:
0e:70:1d:82:85:a8:1f:f7:bb:6a:da:ec:d2:e6:1c:
17:2e:82:f3:09:cc:9c:89:fe:4c:d0:96:fe:c7:81:
ee:af:ee:36:41:61:c7:8f:0b:73:d2:2a:08:fd:49:
3d:4d:de:f3:ac:03:94:00:df:f0:b3:3a:b2:20:bb:
58:c4:df:b5:b7:75:e7:b7:2c:9c:71:1e:4f:dc:09:
e8:c9:d1:71:03:c6:e6:fc:e8:da:de:85:6e:91:a7:
cf:e4:01:f3:e5:1b:1a:ea:e2:0d:c1:e7:34:59:91:
6e:bf:8e:92:20:25:35:5b:c6:ba:c3:00:3e:71:5a:
4e:6b:fc:5a:f0:0e:73:78:5e:6e:92:c1:91:07:27:
6d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C6:01:3A:D7:F4:D1:87:F7:BC:1E:A7:2A:B5:BC:63:F0:C1:1A:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nsYBOtf00Yf3vB6nKrW8Y_DBGn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.177.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
12:bd:44:a6:7a:d3:ed:67:e6:f7:0f:cd:54:9a:e2:bd:96:2d:
5b:e6:ab:5b:bd:f3:21:9d:4b:e8:e1:3a:92:28:bb:f3:6b:fb:
35:10:9e:50:39:42:b8:7c:8a:1a:8a:45:00:b4:7d:66:67:86:
66:72:e0:5b:ac:4e:f0:eb:6e:63:ec:4c:3e:80:14:ee:3d:1a:
a4:c7:90:ce:9e:63:d5:78:48:e2:55:79:c4:29:43:0c:28:ee:
97:78:5a:a2:20:cb:d8:4c:7f:1b:9b:06:e9:05:9b:48:b1:bb:
f7:3d:a5:cc:f9:d3:de:53:89:94:f3:8e:39:85:40:23:50:a9:
23:9f:f3:48:e0:1a:87:2a:d1:8f:76:9e:f6:5e:e3:ed:55:2e:
d5:62:5d:ff:71:e5:e4:18:30:f5:ff:ad:00:ae:cf:13:5d:15:
cc:b3:3e:cb:93:49:37:c1:eb:5b:4d:3b:87:6b:ce:9c:97:b8:
f1:72:9a:d8:b9:b3:b0:d3:0a:6d:94:5d:73:64:1e:6a:f3:46:
79:db:ce:3c:0d:63:4d:82:5c:b3:b7:13:b5:62:5d:5f:1d:a9:
cb:78:3e:58:f9:e1:5d:5b:88:3e:9d:b5:5c:f7:70:8e:3f:b7:
96:88:17:2e:eb:c7:07:a2:56:4c:fa:75:c4:f8:fc:ac:84:dd:
52:c7:88:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCSa8Yb5y71NEQP1zXNKsiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA4MTI1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM2MDEzYWQ3ZjRkMTg3ZjdiYzFlYTcyYWI1YmM2M2YwYzExYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR1ti2R8lNUnxzmDTpKBle5z9FLW
QB1EHTqF9riOC1gZvKBdIo8VxVFxpHyQiwIWdsjx2NAAOSCRqMimZGZN/oxchEzZ
+PvupOwx05G8OD+Q6uI9zlnf6bf9y1ZQpJXv1JXQZltvpsbG8UL34VN+xC3fP872
+ZgOcB2Chagf97tq2uzS5hwXLoLzCcycif5M0Jb+x4Hur+42QWHHjwtz0ioI/Uk9
Td7zrAOUAN/wszqyILtYxN+1t3XntyyccR5P3AnoydFxA8bm/Oja3oVukafP5AHz
5Rsa6uINwec0WZFuv46SICU1W8a6wwA+cVpOa/xa8A5zeF5uksGRBydtjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ7GATrX9NGH97wepyq1vGPwwRp9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbnNZQk90ZjAwWWYzdkI2bktyVzhZX0RCR24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpyxAwQC
wJEcMA0GCSqGSIb3DQEBCwUAA4IBAQASvUSmetPtZ+b3D81UmuK9li1b5qtbvfMh
nUvo4TqSKLvza/s1EJ5QOUK4fIoaikUAtH1mZ4ZmcuBbrE7w625j7Ew+gBTuPRqk
x5DOnmPVeEjiVXnEKUMMKO6XeFqiIMvYTH8bmwbpBZtIsbv3PaXM+dPeU4mU8445
hUAjUKkjn/NI4BqHKtGPdp72XuPtVS7VYl3/ceXkGDD1/60Ars8TXRXMsz7Lk0k3
wetbTTuHa86cl7jxcprYubOw0wptlF1zZB5q80Z52848DWNNglyztxO1Yl1fHanL
eD5Y+eFdW4g+nbVc93COP7eWiBcu68cHolZM+nXE+PyshN1Sx4iN
-----END CERTIFICATE-----
Generated at Sat Aug 10 05:08:21 2024 by rpki-client on console-fra.rpki-client.org