Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/npblP6e_nY7y9M7FfjDxEFRid1c.roa
File: npblP6e_nY7y9M7FfjDxEFRid1c.roa (raw, json)
Hash identifier: V0rNcKYXgh36shtKomYQp67ObFGSkxKZ/vXg+Avs/j8=
Subject key identifier: 9E:96:E5:3F:A7:BF:9D:8E:F2:F4:CE:C5:7E:30:F1:10:54:62:77:57
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187EBA8F92BB595C9AAC28F2ABA895CE0A1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/npblP6e_nY7y9M7FfjDxEFRid1c.roa
Signing time: Fri 05 May 2023 11:25:32 +0000
ROA not before: Fri 05 May 2023 11:25:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.251.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 18:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:a8:f9:2b:b5:95:c9:aa:c2:8f:2a:ba:89:5c:e0:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 5 11:25:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e96e53fa7bf9d8ef2f4cec57e30f11054627757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:23:4f:76:92:61:88:e6:75:11:b4:25:95:87:
3a:89:1e:63:00:cc:8e:58:1f:84:7f:2a:e3:84:be:
3a:52:51:5e:b2:30:5d:d3:6e:ac:96:da:f4:61:39:
8a:b2:33:83:8f:d5:57:e2:3a:37:6b:85:58:8b:43:
18:96:da:6a:2e:8b:fc:32:c0:21:f9:94:24:6a:ae:
02:57:6c:42:64:e1:48:67:7f:5a:88:92:0d:5f:95:
74:f6:99:e4:e7:21:a7:a3:44:96:45:09:02:da:7c:
99:a1:d4:41:86:cb:d0:32:a8:1d:86:3f:7b:c5:1f:
a5:11:91:87:e8:ee:9c:3a:b5:5c:5a:8b:9e:96:e7:
94:2c:48:45:88:3e:43:c0:c5:cd:0d:a9:67:4e:77:
51:af:29:b0:cf:61:53:3a:6e:5c:dc:b1:85:21:7f:
27:b0:d2:e4:1f:4c:96:5e:66:e3:9a:69:41:9d:82:
fb:e0:2c:a2:3a:52:24:1d:ee:94:25:45:7c:04:89:
c1:3b:aa:60:82:ab:a9:aa:e1:2b:b5:f1:26:d9:62:
25:67:38:05:15:00:83:72:20:3f:bd:34:ed:66:4f:
b9:32:22:22:28:3b:d6:b3:b1:15:df:68:c0:e5:30:
ab:15:b3:be:af:8f:66:52:4d:f7:b7:44:8d:93:66:
3e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:96:E5:3F:A7:BF:9D:8E:F2:F4:CE:C5:7E:30:F1:10:54:62:77:57
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/npblP6e_nY7y9M7FfjDxEFRid1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6f:c0:22:72:09:bd:8d:6d:46:2d:6d:44:2d:bf:18:c7:82:
2f:00:ab:10:a9:4e:ee:af:a0:4e:b2:39:99:56:ea:30:fd:5a:
08:e7:dd:37:fe:d1:7b:ee:c4:d3:01:fb:00:4b:0f:3f:5e:7b:
d4:bc:5d:42:5f:e1:b8:33:f1:3b:6c:81:89:61:c5:f8:d4:af:
dd:41:70:68:29:5b:a6:9c:4b:04:70:04:18:c6:e1:12:9a:18:
5a:fc:38:9f:25:13:d9:52:f9:27:5f:85:50:42:a8:77:8a:c3:
cd:0a:d2:b8:57:cb:b6:ff:56:e7:cf:79:a6:13:59:3f:22:02:
89:24:2e:5e:a2:3e:dd:74:a7:1a:9c:9e:e7:7c:22:bc:f1:95:
55:50:e4:f8:3a:6b:6e:13:63:6f:c3:62:2d:3e:d5:0d:52:66:
26:05:90:a9:25:31:3a:30:59:7f:0b:b5:f5:84:5a:3f:16:e7:
ed:0c:8e:7a:bb:23:ca:3a:dd:36:cc:fe:8f:03:8f:6a:30:66:
fc:6a:7f:08:fc:39:4c:22:6c:93:4b:d3:a4:13:55:9e:a3:66:
fb:ff:5a:46:77:99:ba:cc:8d:a8:7c:68:48:79:85:5d:64:92:
91:f0:40:2c:bc:96:ff:bd:c2:b3:48:0d:98:f2:64:ee:72:df:
92:1f:9b:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfrqPkrtZXJqsKPKrqJXOChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTA1MTEyNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTk2ZTUzZmE3YmY5ZDhlZjJmNGNlYzU3ZTMwZjExMDU0NjI3NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SNPdpJhiOZ1EbQllYc6iR5jAMyO
WB+EfyrjhL46UlFesjBd026sltr0YTmKsjODj9VX4jo3a4VYi0MYltpqLov8MsAh
+ZQkaq4CV2xCZOFIZ39aiJINX5V09pnk5yGno0SWRQkC2nyZodRBhsvQMqgdhj97
xR+lEZGH6O6cOrVcWouelueULEhFiD5DwMXNDalnTndRrymwz2FTOm5c3LGFIX8n
sNLkH0yWXmbjmmlBnYL74CyiOlIkHe6UJUV8BInBO6pggqupquErtfEm2WIlZzgF
FQCDciA/vTTtZk+5MiIiKDvWs7EV32jA5TCrFbO+r49mUk33t0SNk2Y+IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6W5T+nv52O8vTOxX4w8RBUYndXMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbnBibFA2ZV9uWTd5OU03RmZqRHhFRlJpZDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsWMA0G
CSqGSIb3DQEBCwUAA4IBAQAub8Aicgm9jW1GLW1ELb8Yx4IvAKsQqU7ur6BOsjmZ
Vuow/VoI5903/tF77sTTAfsASw8/XnvUvF1CX+G4M/E7bIGJYcX41K/dQXBoKVum
nEsEcAQYxuESmhha/DifJRPZUvknX4VQQqh3isPNCtK4V8u2/1bnz3mmE1k/IgKJ
JC5eoj7ddKcanJ7nfCK88ZVVUOT4OmtuE2Nvw2ItPtUNUmYmBZCpJTE6MFl/C7X1
hFo/FuftDI56uyPKOt02zP6PA49qMGb8an8I/DlMImyTS9OkE1Weo2b7/1pGd5m6
zI2ofGhIeYVdZJKR8EAsvJb/vcKzSA2Y8mTuct+SH5vb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org