Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/nhhpiUfCAlEh7OHzAn0KatQHywM.roa
File: nhhpiUfCAlEh7OHzAn0KatQHywM.roa (raw, json)
Hash identifier: BmIdCqTlfOE7bMlQRXgPxmZ/4FPFsmbXLIVa0GXqE5Y=
Subject key identifier: 9E:18:69:89:47:C2:02:51:21:EC:E1:F3:02:7D:0A:6A:D4:07:CB:03
Certificate issuer: /CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Certificate serial: 018CC794AC6F11103FC51DBFAF82F35E51CE
Authority key identifier: FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/nhhpiUfCAlEh7OHzAn0KatQHywM.roa
Signing time: Tue 02 Jan 2024 00:30:58 +0000
ROA not before: Tue 02 Jan 2024 00:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212559
IP address blocks: 5.1.42.0/24 maxlen: 24
91.243.118.0/24 maxlen: 24
2a10:78c0::/29 maxlen: 32
2a11:2900::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 May 2024 07:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ac:6f:11:10:3f:c5:1d:bf:af:82:f3:5e:51:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Validity
Not Before: Jan 2 00:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e18698947c2025121ece1f3027d0a6ad407cb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:c0:f7:01:e2:fa:66:ce:f2:69:1a:82:39:
88:b9:d7:69:4b:9f:d9:74:62:f4:d9:35:82:95:1a:
fa:02:10:2f:36:4c:44:2b:0f:19:0e:e2:5c:b5:4d:
cb:4e:64:df:14:e8:22:08:5d:03:ff:92:90:f0:bb:
90:b6:f1:9c:43:63:40:76:0e:38:e2:4e:3e:62:dd:
bd:d5:cb:5f:28:be:96:69:1f:2b:76:1c:7d:48:06:
f5:49:3a:aa:24:b4:e1:0f:71:55:6c:4a:2a:2e:13:
f0:15:48:4a:77:60:9e:5b:8a:a9:ef:ac:62:12:40:
ac:18:84:34:d5:48:34:5c:14:41:b8:4e:9b:24:da:
76:44:ca:a8:18:72:79:0b:a8:4c:f0:b6:2f:2a:ea:
ea:ef:b0:36:8e:08:fe:19:31:53:78:e5:2a:dc:96:
98:79:f0:46:7d:d1:5e:86:3e:60:97:55:06:7c:b8:
9d:b4:e4:88:12:ad:74:2d:55:a7:60:76:60:7c:ac:
95:87:a8:aa:46:52:a1:34:d6:d9:cb:a1:a9:d4:88:
25:f8:77:0c:78:00:aa:c3:0a:85:6c:ab:d8:d4:87:
4f:ba:06:c9:6d:aa:6a:31:8a:aa:0f:74:28:15:e7:
10:76:59:0c:1d:21:9c:d5:3f:5d:01:17:13:3f:94:
b7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:18:69:89:47:C2:02:51:21:EC:E1:F3:02:7D:0A:6A:D4:07:CB:03
X509v3 Authority Key Identifier:
keyid:FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/nhhpiUfCAlEh7OHzAn0KatQHywM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.42.0/24
91.243.118.0/24
IPv6:
2a10:78c0::/29
2a11:2900::/29
Signature Algorithm: sha256WithRSAEncryption
67:95:70:29:7a:3a:ef:e2:6d:a1:54:35:39:84:ec:20:c1:4d:
a8:4a:a0:56:58:16:45:16:d8:e6:f4:e7:5f:16:bc:64:f8:9e:
13:4a:94:6f:5e:8f:39:5a:7c:c8:f4:8a:58:62:93:5e:95:1c:
c5:8e:66:42:42:7f:4e:d6:19:37:09:bf:3e:64:f2:45:71:4b:
b4:fc:ca:98:ad:83:c6:cd:1c:f3:55:bb:26:32:94:21:b5:f2:
55:5f:6f:7c:25:44:66:52:be:04:61:f5:d8:42:88:7e:e6:2d:
67:2a:2f:dc:c7:ee:44:87:13:ad:bc:b2:1a:d9:8e:ac:d9:d6:
38:a1:a7:58:37:0c:98:39:81:88:49:ee:0a:94:02:0a:83:75:
ed:26:6e:cd:c1:c6:4c:22:e4:5a:0b:15:52:75:14:1d:f0:0c:
aa:61:e6:79:e6:78:bf:6a:7e:78:f2:64:50:3d:f9:ce:8f:60:
90:2d:8d:17:66:98:13:2e:85:ec:a3:8c:2d:ec:10:6a:cb:43:
37:72:3f:bb:5e:e0:7b:b2:04:5d:d7:2d:fe:52:de:70:7a:38:
d8:bd:6c:33:10:03:a9:9a:6c:c0:22:94:e8:76:d3:64:54:f3:
47:f0:49:e8:c2:e3:d3:63:93:a7:19:a3:7e:bc:0d:6c:15:63:
7e:4c:80:07
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlKxvERA/xR2/r4LzXlHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlOTJlZjM1MzIxYmY4ZjcyMjczNGJmZjlkZmE2M2ZiZDBm
MDY5MGEwHhcNMjQwMTAyMDAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE4Njk4OTQ3YzIwMjUxMjFlY2UxZjMwMjdkMGE2YWQ0MDdjYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJLA9wHi+mbO8mkagjmIuddpS5/Z
dGL02TWClRr6AhAvNkxEKw8ZDuJctU3LTmTfFOgiCF0D/5KQ8LuQtvGcQ2NAdg44
4k4+Yt291ctfKL6WaR8rdhx9SAb1STqqJLThD3FVbEoqLhPwFUhKd2CeW4qp76xi
EkCsGIQ01Ug0XBRBuE6bJNp2RMqoGHJ5C6hM8LYvKurq77A2jgj+GTFTeOUq3JaY
efBGfdFehj5gl1UGfLidtOSIEq10LVWnYHZgfKyVh6iqRlKhNNbZy6Gp1Igl+HcM
eACqwwqFbKvY1IdPugbJbapqMYqqD3QoFecQdlkMHSGc1T9dARcTP5S39wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJ4YaYlHwgJRIezh8wJ9CmrUB8sDMB8GA1UdIwQY
MBaAFP6S7zUyG/j3InNL/536Y/vQ8GkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUt
YTllZWYyOTRhYzM0LzEvbmhocGlVZkNBbEVoN09IekFuMEthdFFIeXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUtYTllZWYyOTRhYzM0
LzEvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQABQEqAwQA
W/N2MBQEAgACMA4DBQMqEHjAAwUDKhEpADANBgkqhkiG9w0BAQsFAAOCAQEAZ5Vw
KXo67+JtoVQ1OYTsIMFNqEqgVlgWRRbY5vTnXxa8ZPieE0qUb16POVp8yPSKWGKT
XpUcxY5mQkJ/TtYZNwm/PmTyRXFLtPzKmK2Dxs0c81W7JjKUIbXyVV9vfCVEZlK+
BGH12EKIfuYtZyov3MfuRIcTrbyyGtmOrNnWOKGnWDcMmDmBiEnuCpQCCoN17SZu
zcHGTCLkWgsVUnUUHfAMqmHmeeZ4v2p+ePJkUD35zo9gkC2NF2aYEy6F7KOMLewQ
astDN3I/u17ge7IEXdct/lLecHo42L1sMxADqZpswCKU6HbTZFTzR/BJ6MLj02OT
pxmjfrwNbBVjfkyABw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:18 2024 by rpki-client on console-ams.rpki-client.org