Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-nBj4XcAlJobosntsHYln3082GM.roa
File: 1-nBj4XcAlJobosntsHYln3082GM.roa (raw, json)
Hash identifier: I5rydw3ZQkv55tYSXQdqFXs5fmpdefsSLbUOUPYyLoY=
Subject key identifier: FA:70:63:E1:77:00:94:9A:1B:A2:C9:ED:B0:76:25:9F:7D:3C:D8:63
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01866FC6B08087101F0DB4506D5E9FC0EE95
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-nBj4XcAlJobosntsHYln3082GM.roa
Signing time: Mon 20 Feb 2023 17:02:17 +0000
ROA not before: Mon 20 Feb 2023 17:02:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 213.176.68.0/22 maxlen: 24
213.176.88.0/22 maxlen: 24
213.176.112.0/21 maxlen: 24
213.176.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Feb 2023 17:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:c6:b0:80:87:10:1f:0d:b4:50:6d:5e:9f:c0:ee:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 20 17:02:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa7063e17700949a1ba2c9edb076259f7d3cd863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:38:56:23:1f:79:9f:e3:43:62:90:ba:42:0a:
60:36:03:88:21:3d:3d:89:f6:f2:a0:12:e5:bd:c2:
75:04:e7:a1:93:be:ff:91:29:35:60:4f:ad:81:d7:
6b:d5:12:2e:8a:d1:2a:69:cb:85:f0:8c:99:90:14:
1b:a5:ee:27:1b:0e:48:54:7f:6b:ca:ae:3d:66:17:
56:e0:76:89:92:8e:32:78:27:81:31:d4:5a:9f:5a:
69:3b:56:9e:95:29:8b:37:64:55:93:16:4f:66:cd:
14:92:44:38:fa:cc:42:16:2c:4f:7e:c4:1b:2f:8e:
1e:c3:88:3d:0f:84:be:25:55:da:8a:d1:0b:da:f2:
5d:b9:84:b3:9c:f9:12:f6:8e:e9:1e:72:51:04:81:
4e:c7:b7:5a:0b:dd:f9:7a:66:78:d6:e0:46:10:67:
8e:69:83:c5:6c:d5:be:aa:bd:58:13:d0:c6:1e:20:
9a:23:95:a9:37:60:92:96:3c:3d:5a:3e:21:30:d7:
7e:5b:6f:ff:d8:7c:4d:05:12:49:46:aa:2b:d3:32:
e2:f0:65:89:fd:20:eb:5b:8d:47:9a:1f:5b:d2:2a:
b4:ed:3d:a1:b9:8e:11:1b:60:a8:5a:39:22:fd:39:
97:46:5c:bc:30:29:64:fe:10:21:af:04:ec:92:a3:
0e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:70:63:E1:77:00:94:9A:1B:A2:C9:ED:B0:76:25:9F:7D:3C:D8:63
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-nBj4XcAlJobosntsHYln3082GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.20.0/22
213.176.68.0/22
213.176.88.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
04:fd:4f:49:06:bf:f6:66:4c:bd:13:b8:cb:3e:ac:84:32:42:
1d:d6:5e:c2:2b:4b:8a:ba:d3:7c:70:6d:bd:f0:8d:46:a5:45:
2e:a4:98:5e:e7:80:10:0d:dc:7b:a7:39:65:7c:89:2d:ba:1d:
2a:92:db:93:56:a0:50:dd:61:cf:61:70:0e:4c:d7:12:79:95:
53:6f:77:e4:8e:42:a9:85:39:f6:c5:a7:0b:26:59:a7:16:c5:
a1:c5:6c:37:82:62:cf:05:d9:dc:14:2c:14:42:3c:00:57:62:
a9:27:f9:42:5d:d6:72:80:8c:cf:1b:6f:04:84:9c:73:fd:ee:
f5:74:ea:a1:5b:6f:e7:8a:66:71:c6:b7:d6:d9:f6:55:d9:1e:
f9:ab:bf:70:20:1b:32:51:30:3a:dc:04:d3:de:23:98:c5:64:
00:ae:22:42:9d:c3:80:60:3b:c6:9e:d1:d3:f8:7c:12:af:97:
2b:9d:c7:b4:2b:33:eb:c1:c7:2e:40:58:be:4c:83:82:91:fb:
52:7c:c3:48:5e:6d:7c:64:97:ac:bd:f7:8e:8a:47:7c:94:c9:
4a:f1:2b:78:90:26:30:31:0e:70:e0:ae:4f:d6:97:55:c8:ce:
11:a2:98:ad:4c:35:cf:94:e1:7e:ab:fa:31:ee:ba:a9:1d:56:
35:06:8f:6b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYZvxrCAhxAfDbRQbV6fwO6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMjIwMTcwMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcwNjNlMTc3MDA5NDlhMWJhMmM5ZWRiMDc2MjU5ZjdkM2NkODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ThWIx95n+NDYpC6QgpgNgOIIT09
ifbyoBLlvcJ1BOehk77/kSk1YE+tgddr1RIuitEqacuF8IyZkBQbpe4nGw5IVH9r
yq49ZhdW4HaJko4yeCeBMdRan1ppO1aelSmLN2RVkxZPZs0UkkQ4+sxCFixPfsQb
L44ew4g9D4S+JVXaitEL2vJduYSznPkS9o7pHnJRBIFOx7daC935emZ41uBGEGeO
aYPFbNW+qr1YE9DGHiCaI5WpN2CSljw9Wj4hMNd+W2//2HxNBRJJRqor0zLi8GWJ
/SDrW41Hmh9b0iq07T2huY4RG2CoWjki/TmXRly8MClk/hAhrwTskqMOlwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPpwY+F3AJSaG6LJ7bB2JZ99PNhjMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMS1uQmo0WGNBbEpvYm9zbnRzSFlsbjMwODJHTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTcvMTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzVi
Yi8xL3c4R0ZKLU9pQnE4b1FnS05sYTdFRXpqbzJ2Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAtWwFAME
AtWwRAMEAtWwWAMEA9WwcDANBgkqhkiG9w0BAQsFAAOCAQEABP1PSQa/9mZMvRO4
yz6shDJCHdZewitLirrTfHBtvfCNRqVFLqSYXueAEA3ce6c5ZXyJLbodKpLbk1ag
UN1hz2FwDkzXEnmVU2935I5CqYU59sWnCyZZpxbFocVsN4JizwXZ3BQsFEI8AFdi
qSf5Ql3WcoCMzxtvBIScc/3u9XTqoVtv54pmcca31tn2Vdke+au/cCAbMlEwOtwE
094jmMVkAK4iQp3DgGA7xp7R0/h8Eq+XK53HtCsz68HHLkBYvkyDgpH7UnzDSF5t
fGSXrL33jopHfJTJSvEreJAmMDEOcOCuT9aXVcjOEaKYrUw1z5Thfqv6Me66qR1W
NQaPaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:38 2024 by rpki-client on console-fra.rpki-client.org