Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/NYu5-eX-YSF6DZO7oyygOO-2qPI.roa
File: NYu5-eX-YSF6DZO7oyygOO-2qPI.roa (raw, json)
Hash identifier: MvcxUISEKzZmk/FRegT+TpxiO+ldWLSYdipj25gTXXQ=
Subject key identifier: 35:8B:B9:F9:E5:FE:61:21:7A:0D:93:BB:A3:2C:A0:38:EF:B6:A8:F2
Certificate issuer: /CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Certificate serial: 018C2068B33F38B39AD855B8C752CD093561
Authority key identifier: 9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/NYu5-eX-YSF6DZO7oyygOO-2qPI.roa
Signing time: Thu 30 Nov 2023 13:26:21 +0000
ROA not before: Thu 30 Nov 2023 13:26:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56465
IP address blocks: 195.140.224.0/24 maxlen: 24
195.140.225.0/24 maxlen: 24
195.140.226.0/24 maxlen: 24
195.140.227.0/24 maxlen: 24
31.128.182.0/24 maxlen: 24
94.124.162.0/24 maxlen: 24
94.124.163.0/24 maxlen: 24
94.124.167.0/24 maxlen: 24
2a0c:29c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:68:b3:3f:38:b3:9a:d8:55:b8:c7:52:cd:09:35:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Validity
Not Before: Nov 30 13:26:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=358bb9f9e5fe61217a0d93bba32ca038efb6a8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6f:72:d3:53:39:c7:b3:4c:03:ab:57:34:8d:
03:c3:ab:12:f7:f2:bc:d5:34:41:58:f5:56:62:95:
8c:71:e9:c5:0b:78:45:3e:a2:32:69:dc:56:d9:17:
38:44:8d:c4:eb:82:0f:d8:85:a3:ff:af:ab:ac:5e:
31:04:1f:5c:69:b9:a6:4c:c3:8f:be:63:91:25:80:
7d:6e:df:46:d9:18:24:42:03:9a:9f:21:49:60:e6:
97:29:54:c2:8b:82:90:66:8b:ed:73:04:f0:2f:4a:
45:ac:db:f6:0f:95:c9:52:ed:98:fe:c6:27:80:c1:
78:53:49:f7:c1:76:fa:77:ce:16:95:41:09:01:2c:
69:92:b5:80:8f:46:1a:53:1a:d4:ec:3c:4a:fa:30:
ab:dd:42:e0:c0:fd:33:c3:44:dc:35:cc:0c:54:0f:
00:1b:42:80:68:0d:9f:90:84:50:6c:a1:ff:67:0f:
ed:fa:96:2a:c9:a7:7b:3a:cf:8b:7c:9d:46:94:ed:
f2:f9:99:1f:7c:6c:21:3c:bb:de:13:a7:0f:5d:e9:
6f:0b:a1:4a:92:2c:2b:8a:d9:56:80:5e:4d:59:8e:
dc:5e:84:34:fc:5e:a6:01:72:2e:7f:ed:43:f6:cd:
32:39:1b:1d:f5:65:01:f7:25:e7:7f:9d:cf:f1:c9:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8B:B9:F9:E5:FE:61:21:7A:0D:93:BB:A3:2C:A0:38:EF:B6:A8:F2
X509v3 Authority Key Identifier:
keyid:9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/NYu5-eX-YSF6DZO7oyygOO-2qPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.182.0/24
94.124.162.0/23
94.124.167.0/24
195.140.224.0/22
IPv6:
2a0c:29c1::/32
Signature Algorithm: sha256WithRSAEncryption
ac:9f:9c:cd:73:62:dd:51:87:1a:34:79:34:41:7d:79:fa:f9:
01:a2:58:9a:2f:c7:68:c6:d1:4d:73:92:85:53:eb:f4:5e:92:
a3:e9:68:fb:84:94:14:ae:53:c3:4d:f5:4d:3b:4a:15:54:d1:
65:f3:90:6b:4d:fe:97:21:1c:a0:f3:13:ed:50:57:6f:69:29:
9b:f6:22:b3:49:13:0d:fc:38:50:53:b4:92:cb:b7:29:b0:ce:
a2:31:2f:a2:c9:55:27:9d:df:4c:9f:4f:9b:39:80:64:2f:07:
88:ec:81:04:ad:fd:af:b2:10:47:40:2d:44:a3:d5:3f:9d:c6:
98:68:31:a0:83:17:71:a4:9e:ac:93:92:a0:2a:78:96:e0:8f:
1a:32:12:cb:ae:99:7c:e8:a0:f8:17:b7:bd:9f:0e:62:1d:3a:
e2:25:ad:ed:dc:c4:9f:e0:ab:2f:a0:2b:f9:3d:80:39:78:85:
78:9a:c4:21:ea:31:9f:c9:de:f1:ca:19:6b:4c:1e:53:d3:02:
06:c9:4f:67:d7:9a:a7:a7:d6:45:c5:a0:32:63:8d:6f:46:ff:
f5:a9:05:1d:7e:9b:35:08:2b:3d:d0:81:06:bc:85:9e:30:aa:
e9:ad:95:b3:54:42:57:fa:d9:bf:2f:4f:3c:51:0d:ba:0d:fc:
2a:4b:f3:7c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYwgaLM/OLOa2FW4x1LNCTVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjE1MDMyMTBmZTA2ZWQzNTQ5MGIwMjMxZGJkYjU5Njdl
MTI5ODcwHhcNMjMxMTMwMTMyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThiYjlmOWU1ZmU2MTIxN2EwZDkzYmJhMzJjYTAzOGVmYjZhOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW9y01M5x7NMA6tXNI0Dw6sS9/K8
1TRBWPVWYpWMcenFC3hFPqIyadxW2Rc4RI3E64IP2IWj/6+rrF4xBB9cabmmTMOP
vmORJYB9bt9G2RgkQgOanyFJYOaXKVTCi4KQZovtcwTwL0pFrNv2D5XJUu2Y/sYn
gMF4U0n3wXb6d84WlUEJASxpkrWAj0YaUxrU7DxK+jCr3ULgwP0zw0TcNcwMVA8A
G0KAaA2fkIRQbKH/Zw/t+pYqyad7Os+LfJ1GlO3y+ZkffGwhPLveE6cPXelvC6FK
kiwritlWgF5NWY7cXoQ0/F6mAXIuf+1D9s0yORsd9WUB9yXnf53P8ckxewIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDWLufnl/mEheg2Tu6MsoDjvtqjyMB8GA1UdIwQY
MBaAFJ/xUDIQ/gbtNUkLAjHb21ln4SmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAt
NDYzMjJlMDJmMDhkLzEvTll1NS1lWC1ZU0Y2RFpPN295eWdPTy0ycVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAtNDYzMjJlMDJmMDhk
LzEvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH4C2AwQB
XnyiAwQAXnynAwQCw4zgMA0EAgACMAcDBQAqDCnBMA0GCSqGSIb3DQEBCwUAA4IB
AQCsn5zNc2LdUYcaNHk0QX15+vkBoliaL8doxtFNc5KFU+v0XpKj6Wj7hJQUrlPD
TfVNO0oVVNFl85BrTf6XIRyg8xPtUFdvaSmb9iKzSRMN/DhQU7SSy7cpsM6iMS+i
yVUnnd9Mn0+bOYBkLweI7IEErf2vshBHQC1Eo9U/ncaYaDGggxdxpJ6sk5KgKniW
4I8aMhLLrpl86KD4F7e9nw5iHTriJa3t3MSf4KsvoCv5PYA5eIV4msQh6jGfyd7x
yhlrTB5T0wIGyU9n15qnp9ZFxaAyY41vRv/1qQUdfps1CCs90IEGvIWeMKrprZWz
VEJX+tm/L088UQ26DfwqS/N8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:53 2024 by rpki-client on console-ams.rpki-client.org