Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/NYnv5Os3hmWqMQqMNLz3eQ9iEes.roa
File: NYnv5Os3hmWqMQqMNLz3eQ9iEes.roa (raw, json)
Hash identifier: +4HaepbksvVqiR/uTTiWf262UFGYxgU0Nqhoy1gTgA8=
Subject key identifier: 35:89:EF:E4:EB:37:86:65:AA:31:0A:8C:34:BC:F7:79:0F:62:11:EB
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 01856E2FB0575FEADDCDFA6B41D4491F6BAA
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/NYnv5Os3hmWqMQqMNLz3eQ9iEes.roa
Signing time: Sun 01 Jan 2023 16:34:57 +0000
ROA not before: Sun 01 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212224
IP address blocks: 91.245.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b0:57:5f:ea:dd:cd:fa:6b:41:d4:49:1f:6b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3589efe4eb378665aa310a8c34bcf7790f6211eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1d:27:08:2e:79:7a:6b:98:88:00:c5:77:f3:
2a:5c:57:5d:e5:8a:2e:b9:c9:a6:4e:32:36:aa:64:
62:7e:7a:53:f4:a6:d1:4e:b1:9b:e3:0c:cc:31:1c:
52:6f:2d:52:9a:f5:b0:a4:52:55:17:64:a3:29:de:
56:8b:f7:3c:bd:11:9f:87:2e:e1:88:17:fe:14:71:
ab:f1:cd:cb:ec:aa:6c:f3:27:78:05:95:3a:71:49:
94:8d:85:04:7f:f6:09:23:97:5c:10:9c:4f:4c:ca:
c7:5f:ed:29:5d:c5:8d:33:7a:29:27:15:01:94:60:
57:3e:1b:a1:de:96:b6:3a:91:21:b4:af:84:2c:6a:
17:01:d5:fa:4c:43:21:64:af:ff:5c:25:06:1a:af:
68:fe:37:27:ef:86:20:27:e3:d6:e7:59:a2:a8:1d:
78:cb:ac:b1:00:0d:fc:76:ce:08:fe:cb:57:4c:4a:
88:d3:62:4d:88:73:93:99:41:d4:15:5a:3e:84:51:
b3:9f:24:94:d6:b2:72:d7:dc:00:0a:c4:6d:76:42:
bd:5f:76:83:01:c8:11:4d:02:1d:ee:f7:f3:1d:5f:
0c:cd:ff:76:b1:b1:a1:13:cb:ae:52:cd:de:14:43:
8b:be:40:80:11:c3:7e:bf:7e:a4:74:24:a3:79:87:
cb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:89:EF:E4:EB:37:86:65:AA:31:0A:8C:34:BC:F7:79:0F:62:11:EB
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/NYnv5Os3hmWqMQqMNLz3eQ9iEes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:6e:b9:30:d3:97:76:81:c5:7e:95:f7:3c:c8:b3:1c:bd:c9:
f8:9e:c0:b2:cb:9b:37:54:e9:7e:fe:99:4e:04:1f:a4:85:da:
e4:c4:df:7e:92:28:52:e6:5e:40:db:a4:a3:88:f8:c7:5e:f4:
df:e6:37:5e:2d:65:ac:00:66:6d:8b:c9:12:02:c6:eb:02:2b:
60:9f:94:1a:30:7e:b4:1d:a8:26:b8:5f:60:68:da:44:fe:c9:
ec:08:c9:c7:cc:2b:2c:bd:21:60:1f:75:d0:51:78:1f:64:e2:
54:ce:b8:a0:a1:9f:d7:aa:32:2b:88:c6:d6:fc:d4:d2:e9:e5:
b3:e7:43:30:4b:eb:e4:bb:8b:ec:7e:ed:62:37:b8:b0:34:69:
a9:20:6c:fe:4d:ea:bd:46:4c:bf:b9:1e:c9:71:38:9c:b3:f7:
be:54:e0:4f:f5:b8:82:c4:ee:a5:6a:ce:7a:5a:cd:5b:88:7e:
d7:21:c7:1f:3e:81:f5:96:8e:f5:5d:5a:78:80:b1:e9:4c:09:
bd:93:43:1f:f4:33:bf:ea:06:b6:70:2f:04:42:d2:a5:41:81:
d7:ca:79:51:94:76:5e:1e:3d:1e:54:62:5e:9c:80:4d:83:b5:
15:6e:68:43:2b:b2:98:6a:1e:3f:00:f0:70:fd:06:1b:07:ab:
dd:dd:c1:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL7BXX+rdzfprQdRJH2uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjMwMTAxMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg5ZWZlNGViMzc4NjY1YWEzMTBhOGMzNGJjZjc3OTBmNjIxMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h0nCC55emuYiADFd/MqXFdd5You
ucmmTjI2qmRifnpT9KbRTrGb4wzMMRxSby1SmvWwpFJVF2SjKd5Wi/c8vRGfhy7h
iBf+FHGr8c3L7Kps8yd4BZU6cUmUjYUEf/YJI5dcEJxPTMrHX+0pXcWNM3opJxUB
lGBXPhuh3pa2OpEhtK+ELGoXAdX6TEMhZK//XCUGGq9o/jcn74YgJ+PW51miqB14
y6yxAA38ds4I/stXTEqI02JNiHOTmUHUFVo+hFGznySU1rJy19wACsRtdkK9X3aD
AcgRTQId7vfzHV8Mzf92sbGhE8uuUs3eFEOLvkCAEcN+v36kdCSjeYfL7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWJ7+TrN4ZlqjEKjDS893kPYhHrMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvTlludjVPczNobVdxTVFxTU5MejNlUTlpRWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/UUMA0G
CSqGSIb3DQEBCwUAA4IBAQC0brkw05d2gcV+lfc8yLMcvcn4nsCyy5s3VOl+/plO
BB+khdrkxN9+kihS5l5A26SjiPjHXvTf5jdeLWWsAGZti8kSAsbrAitgn5QaMH60
HagmuF9gaNpE/snsCMnHzCssvSFgH3XQUXgfZOJUzrigoZ/XqjIriMbW/NTS6eWz
50MwS+vku4vsfu1iN7iwNGmpIGz+Teq9Rky/uR7JcTics/e+VOBP9biCxO6las56
Ws1biH7XIccfPoH1lo71XVp4gLHpTAm9k0Mf9DO/6ga2cC8EQtKlQYHXynlRlHZe
Hj0eVGJenIBNg7UVbmhDK7KYah4/APBw/QYbB6vd3cGy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:59 2023 by rpki-client on console-ams.rpki-client.org