Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/nxgnc2pk-4qiUb1TwV1QfRK0gLk.roa
File: nxgnc2pk-4qiUb1TwV1QfRK0gLk.roa (raw, json)
Hash identifier: HGzUswnLZuXOEBrcDEByjOLPh+v04wVrn1ePyEcFPEs=
Subject key identifier: 9F:18:27:73:6A:64:FB:8A:A2:51:BD:53:C1:5D:50:7D:12:B4:80:B9
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0191B440AAFFAA99DEA71C127F61F52097E4
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/nxgnc2pk-4qiUb1TwV1QfRK0gLk.roa
Signing time: Mon 02 Sep 2024 19:40:22 +0000
ROA not before: Mon 02 Sep 2024 19:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206271
IP address blocks: 195.93.226.0/24 maxlen: 24
2a0a:280::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 07 Sep 2024 15:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b4:40:aa:ff:aa:99:de:a7:1c:12:7f:61:f5:20:97:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Sep 2 19:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f1827736a64fb8aa251bd53c15d507d12b480b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:ec:f9:2f:3d:04:ef:24:ef:af:5a:29:94:
5e:61:20:f2:b2:88:2d:06:23:5a:91:e1:23:b9:47:
0e:77:93:c4:e8:8b:e4:79:fe:28:90:68:af:10:81:
e2:e1:87:de:b7:14:64:15:f4:6b:a0:46:be:12:40:
c7:b0:fd:12:5e:d6:45:27:38:4e:50:08:42:cd:3c:
af:73:cf:83:c3:4b:66:7a:63:f0:10:75:1e:c6:08:
d9:c4:17:c8:65:89:07:49:e0:cd:0d:61:7d:e7:f4:
0c:25:43:41:c3:87:03:79:03:0e:c8:cb:ac:48:64:
c3:67:d4:7d:a7:19:7c:5d:49:05:b8:48:46:c0:7f:
71:6d:8b:44:9c:64:c0:c5:87:36:58:38:a8:a9:64:
a0:d8:5b:64:fe:51:4e:da:8d:46:67:08:83:42:9d:
04:2c:55:b9:d2:b0:51:47:bd:98:48:45:7e:68:ae:
38:d4:2d:a6:e4:13:1b:37:c1:71:31:5a:19:71:d4:
e1:cf:40:83:a9:2a:25:cf:1e:9a:49:d5:48:4d:45:
df:7c:7e:a6:1f:69:c7:be:ab:32:dc:cc:48:66:f7:
d6:29:54:17:fa:6e:07:8d:31:3e:d9:67:c6:4d:c5:
5e:c4:67:a6:9b:f1:52:a8:db:fe:d7:fe:34:47:5b:
e9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:18:27:73:6A:64:FB:8A:A2:51:BD:53:C1:5D:50:7D:12:B4:80:B9
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/nxgnc2pk-4qiUb1TwV1QfRK0gLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.226.0/24
IPv6:
2a0a:280::/29
Signature Algorithm: sha256WithRSAEncryption
4a:85:93:46:6a:51:5a:14:47:f4:f8:b3:43:83:c8:c2:bd:56:
09:48:04:58:34:c1:34:0c:c2:90:4e:ac:13:1c:a5:21:1c:30:
51:70:c9:ad:f8:c9:ed:a1:9c:39:6a:b8:12:6e:5f:e6:45:fa:
ec:f4:9f:ee:ff:04:73:54:f5:9c:e5:eb:78:5c:59:9a:f3:3e:
0b:96:26:da:c4:ab:7b:5c:29:f0:c8:ea:ce:2d:f7:3f:10:a9:
c0:76:91:b5:27:ba:82:84:cf:bf:dd:be:91:ca:c6:a7:70:80:
04:a4:a5:36:03:c3:ef:82:3c:41:4b:1a:c5:37:6b:02:e4:ea:
dd:04:68:d5:41:0f:ed:c4:ee:d5:d5:95:61:0c:97:53:2f:a9:
a0:94:8d:2a:52:03:a8:be:b5:69:39:7e:75:1c:82:d5:b4:e9:
39:0c:0b:93:6e:ba:6d:a9:cb:65:bc:81:b5:fc:fc:98:3b:ae:
c5:a5:29:b1:7f:3a:fa:d1:ce:1a:03:52:2b:e2:a3:4a:68:af:
b2:f8:2b:e4:da:91:92:fb:4f:6c:ca:61:49:95:0f:bf:9b:e6:
49:1e:a9:2c:85:d2:47:a2:38:a1:94:1c:2b:f5:0a:03:2a:b7:
9b:bd:f2:2b:b2:5d:50:e3:e8:12:a5:4f:e7:2d:4e:5f:92:54:
22:dd:d0:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZG0QKr/qpnepxwSf2H1IJfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwOTAyMTk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE4Mjc3MzZhNjRmYjhhYTI1MWJkNTNjMTVkNTA3ZDEyYjQ4MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJLs+S89BO8k769aKZReYSDysogt
BiNakeEjuUcOd5PE6Ivkef4okGivEIHi4YfetxRkFfRroEa+EkDHsP0SXtZFJzhO
UAhCzTyvc8+Dw0tmemPwEHUexgjZxBfIZYkHSeDNDWF95/QMJUNBw4cDeQMOyMus
SGTDZ9R9pxl8XUkFuEhGwH9xbYtEnGTAxYc2WDioqWSg2Ftk/lFO2o1GZwiDQp0E
LFW50rBRR72YSEV+aK441C2m5BMbN8FxMVoZcdThz0CDqSolzx6aSdVITUXffH6m
H2nHvqsy3MxIZvfWKVQX+m4HjTE+2WfGTcVexGemm/FSqNv+1/40R1vpMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ8YJ3NqZPuKolG9U8FdUH0StIC5MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvbnhnbmMycGstNHFpVWIxVHdWMVFmUkswZ0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw13iMA0E
AgACMAcDBQMqCgKAMA0GCSqGSIb3DQEBCwUAA4IBAQBKhZNGalFaFEf0+LNDg8jC
vVYJSARYNME0DMKQTqwTHKUhHDBRcMmt+MntoZw5argSbl/mRfrs9J/u/wRzVPWc
5et4XFma8z4LlibaxKt7XCnwyOrOLfc/EKnAdpG1J7qChM+/3b6RysancIAEpKU2
A8PvgjxBSxrFN2sC5OrdBGjVQQ/txO7V1ZVhDJdTL6mglI0qUgOovrVpOX51HILV
tOk5DAuTbrptqctlvIG1/PyYO67FpSmxfzr60c4aA1Ir4qNKaK+y+Cvk2pGS+09s
ymFJlQ+/m+ZJHqkshdJHojihlBwr9QoDKrebvfIrsl1Q4+gSpU/nLU5fklQi3dDG
-----END CERTIFICATE-----
Generated at Sat Sep 7 17:17:19 2024 by rpki-client on console-fra.rpki-client.org