Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/nvn8tLpDs3s61iPUEqCesEUsl8Y.roa
File: nvn8tLpDs3s61iPUEqCesEUsl8Y.roa (raw, json)
Hash identifier: jb9O1AgNAHbrpKZ+WJb7JZBNEekvvNpQpWUmcBLI1+Q=
Subject key identifier: 9E:F9:FC:B4:BA:43:B3:7B:3A:D6:23:D4:12:A0:9E:B0:45:2C:97:C6
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 0188B966219A63D58D8E59CA995913B3866A
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/nvn8tLpDs3s61iPUEqCesEUsl8Y.roa
Signing time: Wed 14 Jun 2023 10:14:18 +0000
ROA not before: Wed 14 Jun 2023 10:14:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Aug 2023 09:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:66:21:9a:63:d5:8d:8e:59:ca:99:59:13:b3:86:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Jun 14 10:14:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ef9fcb4ba43b37b3ad623d412a09eb0452c97c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f8:41:1a:09:91:d1:cb:ac:7c:72:ac:07:97:
78:94:7f:62:05:b0:3f:0e:df:ae:be:ab:58:e7:43:
a3:72:29:33:0b:36:83:41:7b:55:f5:c3:b4:86:be:
68:ac:4f:ca:f2:58:d5:ff:a6:9d:06:ff:ea:d4:d6:
00:47:33:70:7d:6b:d3:17:8a:b2:49:18:c8:48:07:
7a:fb:52:82:73:fa:72:5a:80:51:b1:4b:64:62:38:
c2:ec:94:b9:16:c6:cf:09:44:06:0d:6a:c7:eb:34:
a3:ac:5b:d1:0f:d5:d3:da:81:2d:b5:fd:f6:63:4f:
35:11:80:f8:e9:ad:d4:c0:ec:73:e8:3c:c8:1c:c0:
ba:64:0a:06:7c:2c:b3:a2:4c:3b:ae:00:0e:4b:b1:
2d:6c:75:e0:da:0c:29:58:9b:36:52:9a:c5:38:0a:
bd:b5:55:34:fb:a9:78:6c:a4:08:dc:38:7f:b8:36:
2a:ba:8d:7e:1d:23:86:30:c8:a0:ac:42:f9:5a:15:
5d:53:8c:05:a8:cf:23:74:14:d3:06:b6:25:40:28:
cf:17:62:30:7e:a2:5e:f1:c7:86:1a:22:14:6a:2b:
ba:5c:c7:5a:f7:74:52:31:ed:a1:26:f6:4a:3c:99:
11:62:a0:7e:36:cb:c2:9b:de:4e:12:8e:7f:d3:82:
1b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F9:FC:B4:BA:43:B3:7B:3A:D6:23:D4:12:A0:9E:B0:45:2C:97:C6
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/nvn8tLpDs3s61iPUEqCesEUsl8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:9e:dc:42:27:62:31:b9:9d:66:1f:7e:60:98:4f:d7:29:9d:
21:29:d7:d3:93:8f:23:ce:34:50:e5:91:e6:e5:91:3e:92:6d:
41:4c:97:0f:30:6b:77:7f:1d:6c:66:4b:52:a0:18:9f:e3:20:
cb:14:b1:32:85:b5:6e:98:f7:08:81:26:07:8b:4e:c8:c2:51:
be:21:88:7b:0b:dc:f6:a2:bd:fc:45:46:c3:e9:4b:88:2d:2e:
ab:74:42:7f:96:9f:fd:a9:7a:ee:2f:30:cd:d3:05:5b:ba:21:
8e:c8:36:ac:7d:3e:80:78:b1:a2:4c:f4:e4:5e:6f:45:3e:a4:
b2:40:fd:36:78:85:72:a3:4a:a0:6f:2d:90:1e:db:f7:7e:0e:
37:0d:4e:ba:a9:76:9f:68:7b:e6:db:ba:5e:c7:ed:db:8c:8f:
1d:14:a7:1d:ec:b3:15:64:b8:15:65:bd:2e:bd:8c:77:97:5b:
a3:1e:db:7a:79:73:36:b4:80:d6:62:99:6b:80:7e:a9:06:7e:
8f:08:bf:3c:79:d6:64:4e:76:35:12:d8:7b:27:2d:2a:ca:4a:
5e:df:5a:66:61:30:e5:8f:3d:83:32:48:59:46:5b:32:8f:ff:
6e:b1:80:e2:34:55:a4:a2:17:33:c8:be:ce:d6:1a:95:02:87:
d0:a8:1a:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi5ZiGaY9WNjlnKmVkTs4ZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjMwNjE0MTAxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWY5ZmNiNGJhNDNiMzdiM2FkNjIzZDQxMmEwOWViMDQ1MmM5N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifhBGgmR0cusfHKsB5d4lH9iBbA/
Dt+uvqtY50OjcikzCzaDQXtV9cO0hr5orE/K8ljV/6adBv/q1NYARzNwfWvTF4qy
SRjISAd6+1KCc/pyWoBRsUtkYjjC7JS5FsbPCUQGDWrH6zSjrFvRD9XT2oEttf32
Y081EYD46a3UwOxz6DzIHMC6ZAoGfCyzokw7rgAOS7EtbHXg2gwpWJs2UprFOAq9
tVU0+6l4bKQI3Dh/uDYquo1+HSOGMMigrEL5WhVdU4wFqM8jdBTTBrYlQCjPF2Iw
fqJe8ceGGiIUaiu6XMda93RSMe2hJvZKPJkRYqB+NsvCm95OEo5/04IbsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ75/LS6Q7N7OtYj1BKgnrBFLJfGMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvbnZuOHRMcERzM3M2MWlQVUVxQ2VzRVVzbDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSNoMA0G
CSqGSIb3DQEBCwUAA4IBAQCkntxCJ2IxuZ1mH35gmE/XKZ0hKdfTk48jzjRQ5ZHm
5ZE+km1BTJcPMGt3fx1sZktSoBif4yDLFLEyhbVumPcIgSYHi07IwlG+IYh7C9z2
or38RUbD6UuILS6rdEJ/lp/9qXruLzDN0wVbuiGOyDasfT6AeLGiTPTkXm9FPqSy
QP02eIVyo0qgby2QHtv3fg43DU66qXafaHvm27pex+3bjI8dFKcd7LMVZLgVZb0u
vYx3l1ujHtt6eXM2tIDWYplrgH6pBn6PCL88edZkTnY1Eth7Jy0qykpe31pmYTDl
jz2DMkhZRlsyj/9usYDiNFWkohczyL7O1hqVAofQqBqT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:21 2024 by rpki-client on console-fra.rpki-client.org