Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nVJI2figPIuBeRQ7XE18jrL4RCY.roa
File: nVJI2figPIuBeRQ7XE18jrL4RCY.roa (raw, json)
Hash identifier: OyDe0LMHkR5j/wjY2uAAkR51keH0WHAa4Uav3eb7ESs=
Subject key identifier: 9D:52:48:D9:F8:A0:3C:8B:81:79:14:3B:5C:4D:7C:8E:B2:F8:44:26
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018CC7275890B3AF123BBFC1E61F47329BFB
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nVJI2figPIuBeRQ7XE18jrL4RCY.roa
Signing time: Mon 01 Jan 2024 22:31:33 +0000
ROA not before: Mon 01 Jan 2024 22:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30644
IP address blocks: 194.69.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 12:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:58:90:b3:af:12:3b:bf:c1:e6:1f:47:32:9b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 22:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5248d9f8a03c8b8179143b5c4d7c8eb2f84426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:99:38:21:9f:5c:ba:39:04:84:8d:35:2e:cf:
0e:d5:4e:22:7a:48:47:1f:83:62:ea:00:a2:c4:ef:
50:9b:e9:7f:94:3e:d2:f8:ff:d2:c6:b8:01:06:f3:
43:72:29:ab:c2:b1:c1:7b:69:19:1b:87:e3:b5:d1:
ce:a5:c2:35:48:90:0c:80:0a:c9:60:0b:82:20:ae:
fe:90:b5:b3:61:ef:3e:54:bb:1b:0e:b8:8a:e9:fb:
c7:8d:6f:1b:9f:de:18:12:66:fa:02:38:ab:3c:69:
ec:40:02:7f:01:38:8f:1a:eb:d4:bc:ba:24:36:42:
76:77:1b:7c:c0:c9:8d:33:b4:55:2a:31:dc:20:e3:
13:72:a3:b6:52:a2:56:63:4a:21:8e:92:0a:56:8d:
57:0a:1a:a9:cf:23:89:0e:53:94:46:09:2d:6a:79:
cb:ab:07:bf:19:13:ad:45:fa:d7:c5:b2:a0:3c:35:
be:94:5d:87:a3:89:e5:96:d5:d8:c1:bf:84:00:b7:
7c:02:3b:db:07:c5:19:87:61:3a:31:ae:11:6a:ba:
93:22:62:e2:07:42:81:24:76:ff:20:68:57:33:94:
3c:80:d1:41:c8:a8:6f:2c:bf:09:36:95:0c:f7:c7:
1e:c7:05:28:59:d5:3a:00:39:c8:33:a5:42:ab:27:
8e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:52:48:D9:F8:A0:3C:8B:81:79:14:3B:5C:4D:7C:8E:B2:F8:44:26
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nVJI2figPIuBeRQ7XE18jrL4RCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e0:78:24:a6:72:1c:4b:56:34:8a:11:4d:38:f0:ef:a9:01:
bf:18:c9:99:a1:c3:e0:a3:ad:42:ce:b7:34:70:5a:ca:8e:71:
2d:34:b2:d6:99:ac:6d:76:e0:3d:93:09:bc:95:4a:33:96:cd:
9d:51:40:ef:8b:9f:f5:e4:05:df:6d:48:5f:8e:ac:7b:ea:19:
da:e1:9c:08:73:bf:f0:3b:23:99:52:01:a4:68:ae:a3:49:25:
8f:b7:0b:a6:1e:64:87:84:af:9f:f4:b6:ae:e3:ad:06:b6:df:
be:f4:e5:47:6f:6c:cb:63:57:a5:c8:f8:2f:fe:97:6f:c0:95:
62:2b:4d:33:6b:9b:a4:8e:6f:91:67:e7:54:34:a1:48:33:9a:
1d:80:aa:74:7c:fd:b1:ed:a8:56:81:f4:26:eb:37:98:b4:55:
3d:20:62:64:9d:da:e6:3a:89:23:2a:16:cd:45:45:b5:35:3e:
e2:3a:18:67:e9:52:fc:c3:69:ec:29:61:30:97:bc:f9:da:ad:
46:09:fe:db:4c:32:64:1e:cd:25:33:64:bb:62:a0:1f:e9:80:
12:22:51:a5:06:a6:7a:0b:3e:35:d7:c0:98:cb:9f:a0:aa:90:
77:54:f6:b1:d6:b8:aa:7d:a6:52:e3:8e:fd:ee:79:35:6f:55:
06:f0:7b:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1iQs68SO7/B5h9HMpv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTAxMjIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUyNDhkOWY4YTAzYzhiODE3OTE0M2I1YzRkN2M4ZWIyZjg0NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Zk4IZ9cujkEhI01Ls8O1U4iekhH
H4Ni6gCixO9Qm+l/lD7S+P/SxrgBBvNDcimrwrHBe2kZG4fjtdHOpcI1SJAMgArJ
YAuCIK7+kLWzYe8+VLsbDriK6fvHjW8bn94YEmb6AjirPGnsQAJ/ATiPGuvUvLok
NkJ2dxt8wMmNM7RVKjHcIOMTcqO2UqJWY0ohjpIKVo1XChqpzyOJDlOURgktannL
qwe/GROtRfrXxbKgPDW+lF2Ho4nlltXYwb+EALd8AjvbB8UZh2E6Ma4RarqTImLi
B0KBJHb/IGhXM5Q8gNFByKhvLL8JNpUM98cexwUoWdU6ADnIM6VCqyeOHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1SSNn4oDyLgXkUO1xNfI6y+EQmMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvblZKSTJmaWdQSXVCZVJRN1hFMThqckw0UkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkWgMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4HgkpnIcS1Y0ihFNOPDvqQG/GMmZocPgo61Czrc0
cFrKjnEtNLLWmaxtduA9kwm8lUozls2dUUDvi5/15AXfbUhfjqx76hna4ZwIc7/w
OyOZUgGkaK6jSSWPtwumHmSHhK+f9Lau460Gtt++9OVHb2zLY1elyPgv/pdvwJVi
K00za5ukjm+RZ+dUNKFIM5odgKp0fP2x7ahWgfQm6zeYtFU9IGJkndrmOokjKhbN
RUW1NT7iOhhn6VL8w2nsKWEwl7z52q1GCf7bTDJkHs0lM2S7YqAf6YASIlGlBqZ6
Cz4118CYy5+gqpB3VPax1riqfaZS44797nk1b1UG8Huq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:02 2025 by rpki-client