Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/44ce01-d451-4d73-a6e4-3802ff4ec159/1/NLJoP8zmBsV1AmPkiO8sFkVQPJU.roa
File: NLJoP8zmBsV1AmPkiO8sFkVQPJU.roa (raw, json)
Hash identifier: H1QYpHDcPMJCwUG879Y2Moixdchali81Oi/MhsV+96o=
Subject key identifier: 34:B2:68:3F:CC:E6:06:C5:75:02:63:E4:88:EF:2C:16:45:50:3C:95
Certificate issuer: /CN=ca7448fc09b3f7320da8057bfa8eea9baf9cee39
Certificate serial: 018A4FAE67F2BD30BBC5B12685344D15E6BD
Authority key identifier: CA:74:48:FC:09:B3:F7:32:0D:A8:05:7B:FA:8E:EA:9B:AF:9C:EE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ynRI_Amz9zINqAV7-o7qm6-c7jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/44ce01-d451-4d73-a6e4-3802ff4ec159/1/NLJoP8zmBsV1AmPkiO8sFkVQPJU.roa
Signing time: Fri 01 Sep 2023 07:39:04 +0000
ROA not before: Fri 01 Sep 2023 07:39:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57297
IP address blocks: 194.36.116.0/22 maxlen: 24
2a0c:bf40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:ae:67:f2:bd:30:bb:c5:b1:26:85:34:4d:15:e6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca7448fc09b3f7320da8057bfa8eea9baf9cee39
Validity
Not Before: Sep 1 07:39:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b2683fcce606c5750263e488ef2c1645503c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3e:cd:46:96:07:00:d8:a3:59:49:8b:ad:01:
76:59:78:d8:03:d1:75:bd:00:20:8f:64:b2:0f:05:
ec:03:59:f5:1d:7a:ce:2b:75:9d:fc:c0:da:f7:6b:
78:23:bd:bd:8c:78:78:67:fd:57:fa:3e:df:66:57:
fe:db:74:2b:ba:b3:1b:5d:10:93:01:be:68:5a:54:
2c:cf:42:be:9c:26:ff:12:95:a8:c8:2b:7d:7e:42:
e9:f1:17:2d:b1:1c:2f:9c:17:76:dc:15:be:16:62:
f2:87:67:2c:70:c6:64:30:31:fc:a1:72:cd:08:98:
5d:23:a0:89:66:67:e8:e4:37:48:9f:e0:d3:26:c9:
02:b2:23:14:70:74:9e:25:4f:f7:10:fb:40:85:b0:
ba:8d:8f:d5:39:2e:35:89:b6:26:e6:5a:2a:4c:a3:
cb:2f:9a:ce:2e:4e:d3:94:d0:08:eb:bf:f5:6f:d8:
6b:76:f3:03:ed:00:d4:d4:02:98:82:d6:aa:a7:bd:
96:c5:53:aa:d4:98:08:eb:07:68:24:76:b9:54:e6:
8d:0a:c2:46:d8:2a:2a:b7:2d:c7:eb:6f:01:72:00:
ac:37:af:b7:35:af:2f:e1:0f:b7:eb:53:74:58:2d:
2a:37:01:5e:03:89:95:8e:e4:68:e4:81:97:3f:fa:
92:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B2:68:3F:CC:E6:06:C5:75:02:63:E4:88:EF:2C:16:45:50:3C:95
X509v3 Authority Key Identifier:
keyid:CA:74:48:FC:09:B3:F7:32:0D:A8:05:7B:FA:8E:EA:9B:AF:9C:EE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynRI_Amz9zINqAV7-o7qm6-c7jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/44ce01-d451-4d73-a6e4-3802ff4ec159/1/NLJoP8zmBsV1AmPkiO8sFkVQPJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/44ce01-d451-4d73-a6e4-3802ff4ec159/1/ynRI_Amz9zINqAV7-o7qm6-c7jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.116.0/22
IPv6:
2a0c:bf40::/29
Signature Algorithm: sha256WithRSAEncryption
b9:f9:86:8d:83:0f:2a:df:d7:8d:d6:bc:66:68:75:25:0b:ec:
46:05:b9:42:ea:61:22:27:d2:84:fb:8f:dd:4d:48:0a:93:a3:
d3:b0:7c:cc:ab:cd:cf:b1:25:48:42:43:ad:71:59:06:f9:17:
77:1e:e9:fc:5f:aa:b1:aa:14:17:6a:19:a8:d7:ee:89:11:bd:
e8:ae:0f:b8:74:4a:f9:96:96:a3:43:71:5b:99:aa:45:61:e7:
6a:36:63:25:ba:0d:bb:07:e3:23:98:36:e6:df:90:9f:1d:55:
ac:be:c0:a8:68:d6:63:41:8a:90:e8:a3:22:d0:6c:98:64:8b:
43:81:94:ba:c5:27:c1:2c:16:29:d1:33:fa:d8:ed:94:5e:36:
24:b3:55:b3:cb:92:29:13:0c:95:19:e2:3e:cb:11:d0:78:f8:
85:12:d7:52:5d:5e:3c:bf:45:b4:f9:78:1a:6c:6b:3f:11:db:
20:69:99:9e:69:f7:d0:4a:a6:e1:5f:ba:3b:01:f0:70:66:a5:
43:fe:69:bd:2a:ac:39:91:92:62:93:f7:c1:89:89:39:0e:7c:
0a:94:e6:a0:40:5f:ed:43:50:8f:9c:47:b3:6d:8b:96:c9:db:
39:5f:df:cf:c7:5e:98:34:c7:6e:1c:9c:fd:b5:8c:f0:52:3c:
1a:1f:c7:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpPrmfyvTC7xbEmhTRNFea9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzQ0OGZjMDliM2Y3MzIwZGE4MDU3YmZhOGVlYTliYWY5
Y2VlMzkwHhcNMjMwOTAxMDczOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGIyNjgzZmNjZTYwNmM1NzUwMjYzZTQ4OGVmMmMxNjQ1NTAzYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD7NRpYHANijWUmLrQF2WXjYA9F1
vQAgj2SyDwXsA1n1HXrOK3Wd/MDa92t4I729jHh4Z/1X+j7fZlf+23QrurMbXRCT
Ab5oWlQsz0K+nCb/EpWoyCt9fkLp8RctsRwvnBd23BW+FmLyh2cscMZkMDH8oXLN
CJhdI6CJZmfo5DdIn+DTJskCsiMUcHSeJU/3EPtAhbC6jY/VOS41ibYm5loqTKPL
L5rOLk7TlNAI67/1b9hrdvMD7QDU1AKYgtaqp72WxVOq1JgI6wdoJHa5VOaNCsJG
2Coqty3H628BcgCsN6+3Na8v4Q+361N0WC0qNwFeA4mVjuRo5IGXP/qSkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDSyaD/M5gbFdQJj5IjvLBZFUDyVMB8GA1UdIwQY
MBaAFMp0SPwJs/cyDagFe/qO6puvnO45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5SSV9BbXo5eklOcUFWNy1vN3FtNi1jN2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC80NGNlMDEtZDQ1MS00ZDczLWE2ZTQt
MzgwMmZmNGVjMTU5LzEvTkxKb1A4em1Cc1YxQW1Qa2lPOHNGa1ZRUEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC80NGNlMDEtZDQ1MS00ZDczLWE2ZTQtMzgwMmZmNGVjMTU5
LzEveW5SSV9BbXo5eklOcUFWNy1vN3FtNi1jN2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiR0MA0E
AgACMAcDBQMqDL9AMA0GCSqGSIb3DQEBCwUAA4IBAQC5+YaNgw8q39eN1rxmaHUl
C+xGBblC6mEiJ9KE+4/dTUgKk6PTsHzMq83PsSVIQkOtcVkG+Rd3Hun8X6qxqhQX
ahmo1+6JEb3org+4dEr5lpajQ3FbmapFYedqNmMlug27B+MjmDbm35CfHVWsvsCo
aNZjQYqQ6KMi0GyYZItDgZS6xSfBLBYp0TP62O2UXjYks1Wzy5IpEwyVGeI+yxHQ
ePiFEtdSXV48v0W0+XgabGs/EdsgaZmeaffQSqbhX7o7AfBwZqVD/mm9Kqw5kZJi
k/fBiYk5DnwKlOagQF/tQ1CPnEezbYuWyds5X9/Px16YNMduHJz9tYzwUjwaH8eC
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:36 2024 by rpki-client on console-ams.rpki-client.org