Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/nntk_yM-0TCyB2VtlFfjib0KZfA.roa
File: nntk_yM-0TCyB2VtlFfjib0KZfA.roa (raw, json)
Hash identifier: NytTvIIISO2hy8dZ9W6mZU4Umx9dYZcH/aukU4utjIo=
Subject key identifier: 9E:7B:64:FF:23:3E:D1:30:B2:07:65:6D:94:57:E3:89:BD:0A:65:F0
Certificate issuer: /CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Certificate serial: 018750FA016CFC8726397A9D6A66EE1C5E30
Authority key identifier: 1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/nntk_yM-0TCyB2VtlFfjib0KZfA.roa
Signing time: Wed 05 Apr 2023 10:32:54 +0000
ROA not before: Wed 05 Apr 2023 10:32:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.66.18.0/24 maxlen: 24
132.66.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 13:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:fa:01:6c:fc:87:26:39:7a:9d:6a:66:ee:1c:5e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Validity
Not Before: Apr 5 10:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7b64ff233ed130b207656d9457e389bd0a65f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:54:4c:18:59:90:88:37:6b:f4:c3:a8:3f:
81:de:52:fe:f1:ce:3e:e6:bc:bb:78:26:e7:ef:d2:
c2:5e:31:49:6b:c9:b2:48:4e:2c:cb:16:3e:e0:4a:
d7:85:86:d8:16:58:6a:d0:62:f3:0b:ad:b3:00:6d:
fd:56:0d:fd:2f:01:95:ab:21:ec:cc:5e:cf:05:3a:
20:d0:ee:0b:18:4c:35:78:f4:fd:74:2b:75:9e:8b:
4f:84:e3:1b:18:0e:03:19:59:01:0f:ef:22:e6:a1:
68:4c:7c:2f:c2:73:97:09:37:7b:26:b0:b1:93:09:
5a:6c:6c:fd:15:4d:6a:cf:ef:dc:55:b9:95:e2:40:
c5:6e:1a:5c:77:fe:45:9d:80:ab:09:17:f3:e3:47:
40:ff:a0:a8:c4:71:e0:8a:11:c5:bd:ca:6d:3c:5c:
d6:5e:99:62:df:0c:23:8a:7d:cc:f0:c2:46:4e:92:
34:8a:d9:ab:5b:43:d8:a2:95:8b:f3:08:71:53:e8:
72:53:1e:8c:f5:c5:0b:40:3a:6f:37:ef:8d:00:6a:
bc:c5:0a:38:56:25:7a:2e:e4:41:2e:1c:8f:ed:d2:
b8:0c:7d:ea:a2:90:57:e8:a1:f6:52:3e:c5:75:ea:
ab:a8:de:8a:ef:56:9a:92:1a:70:41:99:40:46:d9:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7B:64:FF:23:3E:D1:30:B2:07:65:6D:94:57:E3:89:BD:0A:65:F0
X509v3 Authority Key Identifier:
keyid:1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/nntk_yM-0TCyB2VtlFfjib0KZfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.66.18.0/24
132.66.251.0/24
Signature Algorithm: sha256WithRSAEncryption
80:23:2a:56:4e:62:24:54:84:e6:07:f6:7e:58:88:9a:ac:6f:
9a:70:c8:c6:a4:f9:fa:ae:ea:fe:59:7b:62:0b:dc:ce:38:62:
ca:de:b6:6e:17:bf:87:9a:d5:f2:b3:0c:f1:ea:ac:14:4c:2a:
ec:e3:05:1c:3c:a4:f7:f7:01:a8:34:68:c0:f2:db:52:5b:60:
53:aa:da:4b:90:ba:4e:2c:a9:bd:2e:cc:61:f1:0d:8c:ae:6f:
c4:a7:0c:e4:9c:90:70:db:4c:ed:e6:a0:da:8f:b7:1c:ae:44:
ac:ae:23:60:20:63:9d:7d:29:f7:7d:49:e7:cd:a6:33:71:90:
58:7e:95:71:3b:8c:c4:12:6e:4e:59:4f:fd:27:a2:2f:70:d1:
f8:37:2a:c0:8f:41:9c:fa:3b:7d:7b:1a:6a:22:5f:d6:e6:34:
34:97:54:b0:02:6b:0b:d0:74:7c:87:fc:24:63:7f:8d:6b:75:
c9:f8:08:eb:56:0b:b2:8f:5a:bc:eb:c4:b0:84:76:44:06:c1:
d7:9a:ff:53:c7:d2:58:4c:cb:77:9f:94:11:ff:d0:e2:7a:1b:
48:3b:bd:b8:d4:e6:72:db:16:30:2f:7c:83:2b:a1:a6:91:3c:
3c:1d:bb:ef:ff:68:85:51:a3:70:a4:cc:ed:d1:ac:9b:e0:e0:
25:fe:ad:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdQ+gFs/IcmOXqdambuHF4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmNkY2I5Yzc2ZjVlMGNlMGMzODVkN2UwZWYxNTU3MmQx
NWE1NGMwHhcNMjMwNDA1MTAzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdiNjRmZjIzM2VkMTMwYjIwNzY1NmQ5NDU3ZTM4OWJkMGE2NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRdUTBhZkIg3a/TDqD+B3lL+8c4+
5ry7eCbn79LCXjFJa8mySE4syxY+4ErXhYbYFlhq0GLzC62zAG39Vg39LwGVqyHs
zF7PBTog0O4LGEw1ePT9dCt1notPhOMbGA4DGVkBD+8i5qFoTHwvwnOXCTd7JrCx
kwlabGz9FU1qz+/cVbmV4kDFbhpcd/5FnYCrCRfz40dA/6CoxHHgihHFvcptPFzW
Xpli3wwjin3M8MJGTpI0itmrW0PYopWL8whxU+hyUx6M9cULQDpvN++NAGq8xQo4
ViV6LuRBLhyP7dK4DH3qopBX6KH2Uj7FdeqrqN6K71aakhpwQZlARtliNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ57ZP8jPtEwsgdlbZRX44m9CmXwMB8GA1UdIwQY
MBaAFB0s3LnHb14M4MOF1+DvFVctFaVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUt
NzYwZTRlZTRjNmIyLzEvbm50a195TS0wVEN5QjJWdGxGZmppYjBLWmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUtNzYwZTRlZTRjNmIy
LzEvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAhEISAwQA
hEL7MA0GCSqGSIb3DQEBCwUAA4IBAQCAIypWTmIkVITmB/Z+WIiarG+acMjGpPn6
rur+WXtiC9zOOGLK3rZuF7+HmtXyswzx6qwUTCrs4wUcPKT39wGoNGjA8ttSW2BT
qtpLkLpOLKm9Lsxh8Q2Mrm/EpwzknJBw20zt5qDaj7ccrkSsriNgIGOdfSn3fUnn
zaYzcZBYfpVxO4zEEm5OWU/9J6IvcNH4NyrAj0Gc+jt9expqIl/W5jQ0l1SwAmsL
0HR8h/wkY3+Na3XJ+AjrVguyj1q868SwhHZEBsHXmv9Tx9JYTMt3n5QR/9DiehtI
O7241OZy2xYwL3yDK6GmkTw8Hbvv/2iFUaNwpMzt0ayb4OAl/q2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org