Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/NRa4Mdez1-_u8lIgaVuzegkWtHk.roa
File: NRa4Mdez1-_u8lIgaVuzegkWtHk.roa (raw, json)
Hash identifier: A0gVjhdLhr7DWCCyyfv2ec7Wf6f0kMzmuwUwND3VUOg=
Subject key identifier: 35:16:B8:31:D7:B3:D7:EF:EE:F2:52:20:69:5B:B3:7A:09:16:B4:79
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018D8D707AD19494A782D0B99C91B19E736A
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/NRa4Mdez1-_u8lIgaVuzegkWtHk.roa
Signing time: Fri 09 Feb 2024 10:36:15 +0000
ROA not before: Fri 09 Feb 2024 10:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42695
IP address blocks: 80.254.229.0/24 maxlen: 24
80.254.230.0/23 maxlen: 23
80.254.230.0/24 maxlen: 24
2a13:5243::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Mar 2024 13:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:70:7a:d1:94:94:a7:82:d0:b9:9c:91:b1:9e:73:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Feb 9 10:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3516b831d7b3d7efeef25220695bb37a0916b479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0c:b5:bb:62:4f:2f:47:b6:ae:3f:c0:df:69:
5a:31:db:8b:e1:15:d6:e6:ca:6b:8f:3a:b6:83:99:
23:94:b0:56:a4:cb:94:6c:45:a4:0c:c0:21:c1:7e:
38:45:9e:3c:48:ec:c9:95:24:79:4f:2d:34:6c:fa:
15:71:ba:ac:43:99:07:02:d8:bc:31:53:c8:db:bd:
12:c2:44:0e:d3:47:57:1a:0a:36:19:06:a4:45:78:
b0:2a:9f:c1:24:fb:9c:ff:f1:d8:3f:08:cc:ae:a0:
76:08:92:b0:cd:29:62:4d:0f:e1:bb:1b:a2:7e:02:
2b:35:f1:6f:1b:db:f7:a5:5e:4a:27:7f:1b:c6:3c:
dc:10:d4:8d:77:5c:a7:61:c7:e2:a7:ac:82:64:61:
96:78:c2:bf:6f:c3:3a:65:2c:40:e7:2e:6c:86:94:
17:b7:31:bb:50:ff:f3:94:06:55:53:8f:36:cb:ea:
eb:db:a4:3c:aa:a3:c6:27:fc:e8:e5:e4:d7:b2:d9:
07:2c:27:30:89:28:53:a6:80:23:d0:84:56:ac:5e:
47:98:3e:15:f2:9a:b6:5f:8e:9f:ab:2f:e4:43:59:
c5:6c:1c:14:fd:ba:5d:69:f8:1e:0e:71:c1:25:55:
08:0f:2e:00:7e:6b:7e:3e:a7:0e:44:2c:57:1b:d3:
b5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:16:B8:31:D7:B3:D7:EF:EE:F2:52:20:69:5B:B3:7A:09:16:B4:79
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/NRa4Mdez1-_u8lIgaVuzegkWtHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.229.0-80.254.231.255
IPv6:
2a13:5243::/32
Signature Algorithm: sha256WithRSAEncryption
c8:34:cc:89:cb:55:d1:d4:aa:45:62:08:3d:d0:ff:87:c8:c2:
6c:d6:f8:57:23:02:78:75:88:f9:cd:fb:95:f1:71:ed:9c:08:
84:68:b0:41:3e:26:3f:8c:d3:9f:6c:de:3b:78:b5:d9:22:b8:
39:25:1b:62:8b:d2:f9:ab:ef:fc:54:72:d0:8b:db:07:ec:32:
fe:63:0d:1a:f5:e9:2b:13:bf:40:ad:4a:da:7e:69:96:9a:03:
41:ae:c8:e3:c6:2f:03:5d:a4:74:6b:7f:8e:b0:a4:92:55:37:
a2:a3:19:6c:65:f7:e4:cd:b1:ec:61:25:7a:28:f7:55:98:67:
80:9f:8f:d9:6e:aa:93:0e:f9:1f:92:2f:87:c0:e4:2e:44:f9:
be:1e:a0:1f:9c:21:14:22:6a:eb:9b:ed:bc:eb:c3:5f:bb:48:
35:e4:a3:3b:6b:4c:fe:c7:d0:19:54:73:30:93:93:33:86:55:
c9:63:76:72:75:dd:2c:48:5b:8c:6f:a7:f2:9f:5f:2a:52:11:
56:e9:ff:9d:66:4b:55:25:78:0f:25:70:ff:c4:6a:10:3f:19:
5c:a6:52:bc:6d:65:fe:ae:c0:a3:d6:b5:6d:9e:22:99:e7:17:
1e:55:5e:1e:5c:02:8b:3e:85:e3:0a:44:52:c2:3d:39:4f:cf:
47:be:1f:a2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY2NcHrRlJSngtC5nJGxnnNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQwMjA5MTAzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE2YjgzMWQ3YjNkN2VmZWVmMjUyMjA2OTViYjM3YTA5MTZiNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAy1u2JPL0e2rj/A32laMduL4RXW
5sprjzq2g5kjlLBWpMuUbEWkDMAhwX44RZ48SOzJlSR5Ty00bPoVcbqsQ5kHAti8
MVPI270SwkQO00dXGgo2GQakRXiwKp/BJPuc//HYPwjMrqB2CJKwzSliTQ/huxui
fgIrNfFvG9v3pV5KJ38bxjzcENSNd1ynYcfip6yCZGGWeMK/b8M6ZSxA5y5shpQX
tzG7UP/zlAZVU482y+rr26Q8qqPGJ/zo5eTXstkHLCcwiShTpoAj0IRWrF5HmD4V
8pq2X46fqy/kQ1nFbBwU/bpdafgeDnHBJVUIDy4Afmt+PqcORCxXG9O1PQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDUWuDHXs9fv7vJSIGlbs3oJFrR5MB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvTlJhNE1kZXoxLV91OGxJZ2FWdXplZ2tXdEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABQ/uUD
BANQ/uAwDQQCAAIwBwMFACoTUkMwDQYJKoZIhvcNAQELBQADggEBAMg0zInLVdHU
qkViCD3Q/4fIwmzW+FcjAnh1iPnN+5Xxce2cCIRosEE+Jj+M059s3jt4tdkiuDkl
G2KL0vmr7/xUctCL2wfsMv5jDRr16SsTv0CtStp+aZaaA0GuyOPGLwNdpHRrf46w
pJJVN6KjGWxl9+TNsexhJXoo91WYZ4Cfj9luqpMO+R+SL4fA5C5E+b4eoB+cIRQi
auub7bzrw1+7SDXkoztrTP7H0BlUczCTkzOGVcljdnJ13SxIW4xvp/KfXypSEVbp
/51mS1UleA8lcP/EahA/GVymUrxtZf6uwKPWtW2eIpnnFx5VXh5cAos+heMKRFLC
PTlPz0e+H6I=
-----END CERTIFICATE-----
Generated at Tue Mar 12 17:24:39 2024 by rpki-client on console-fra.rpki-client.org