Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nUXaOxY2BcWRgIft5cqirXkSNOg.roa
File: nUXaOxY2BcWRgIft5cqirXkSNOg.roa (raw, json)
Hash identifier: Joo+cqZ1mdtyTQLPE77iMG26SARb8bx14jQ9rOllrH4=
Subject key identifier: 9D:45:DA:3B:16:36:05:C5:91:80:87:ED:E5:CA:A2:AD:79:12:34:E8
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018ABE25B6B670475129403191B389D46584
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nUXaOxY2BcWRgIft5cqirXkSNOg.roa
Signing time: Fri 22 Sep 2023 18:27:37 +0000
ROA not before: Fri 22 Sep 2023 18:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:be:25:b6:b6:70:47:51:29:40:31:91:b3:89:d4:65:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Sep 22 18:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d45da3b163605c5918087ede5caa2ad791234e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fd:4b:03:40:31:6f:73:fb:06:6a:ae:e3:d1:
a7:59:a5:0a:ef:b7:25:05:7d:82:71:90:23:cd:1e:
bc:a5:a8:c9:37:36:4f:fe:88:78:62:39:70:a0:47:
4a:93:c0:13:84:47:03:3f:f7:62:be:3e:4a:58:f3:
70:71:5a:74:54:af:75:bb:3c:ac:26:23:f8:c2:87:
08:c3:65:04:16:2a:38:80:8e:95:81:66:07:d7:70:
ec:f9:07:6e:63:93:c1:2f:54:2f:d9:6f:ae:ae:61:
a6:34:32:05:17:0c:bd:a5:58:78:88:8e:61:a7:cb:
5f:91:21:a2:e6:f8:bb:a7:cd:a6:f4:d1:14:2d:f0:
66:aa:77:54:77:cc:d1:ec:c6:51:aa:29:8c:e7:0e:
93:3c:ab:da:07:4f:86:88:d9:4e:8e:13:8b:6f:77:
31:a6:2b:8a:6b:dc:bb:ba:ed:26:b9:ec:67:c8:99:
02:f0:f2:18:46:27:05:7c:ae:81:63:78:2a:5a:6f:
7d:b8:96:03:5e:b9:c6:eb:68:ea:67:38:8f:8a:b9:
59:17:14:97:77:5f:83:65:e9:a1:31:c7:92:49:07:
49:3f:01:2c:0f:21:bc:09:62:28:e2:be:a3:9c:93:
c1:31:e2:7a:00:f7:53:40:c9:e6:cc:e6:d2:aa:aa:
51:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:45:DA:3B:16:36:05:C5:91:80:87:ED:E5:CA:A2:AD:79:12:34:E8
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nUXaOxY2BcWRgIft5cqirXkSNOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
83:05:27:c0:81:b0:ea:3b:32:8d:03:2a:c2:01:68:78:30:fe:
99:b3:d0:74:ad:63:54:39:d5:71:94:92:24:ed:5d:4b:b2:a0:
85:db:3b:b2:51:fa:07:a7:52:f3:63:04:4a:8a:1d:84:15:69:
50:df:7d:7a:63:4d:0d:1f:b9:b2:f0:a5:e7:94:43:7b:a2:24:
10:9b:5a:af:1d:78:b6:a6:48:f5:94:16:e2:13:21:58:af:58:
d9:ef:5c:c7:15:d3:c5:41:5a:88:89:28:ac:1a:92:7d:a7:04:
50:60:34:f0:96:f2:f9:fe:ad:fd:82:d3:fa:2a:dd:b0:4e:68:
b7:b2:1d:36:88:5c:81:e2:4f:b5:42:48:dd:e3:ed:25:af:2c:
10:e5:37:28:89:27:2c:02:f6:57:02:61:b4:49:78:b4:6d:cf:
d3:61:2a:1b:4c:8b:dc:0e:e6:02:2b:17:f7:2e:23:06:87:cc:
e9:ee:b2:14:3c:c1:1c:eb:e1:39:db:b5:96:7f:1b:29:d9:c6:
46:87:88:56:aa:d7:ff:5c:15:d4:df:bb:ae:75:78:3b:c7:0e:
4d:e7:4f:cf:48:c4:62:8d:12:aa:68:31:45:13:d4:9d:62:64:
4d:a7:a5:46:2a:0f:ee:78:52:54:99:f1:5b:65:bd:ff:13:15:
2f:30:3e:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq+Jba2cEdRKUAxkbOJ1GWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwOTIyMTgyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ1ZGEzYjE2MzYwNWM1OTE4MDg3ZWRlNWNhYTJhZDc5MTIzNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/1LA0Axb3P7Bmqu49GnWaUK77cl
BX2CcZAjzR68pajJNzZP/oh4YjlwoEdKk8AThEcDP/divj5KWPNwcVp0VK91uzys
JiP4wocIw2UEFio4gI6VgWYH13Ds+QduY5PBL1Qv2W+urmGmNDIFFwy9pVh4iI5h
p8tfkSGi5vi7p82m9NEULfBmqndUd8zR7MZRqimM5w6TPKvaB0+GiNlOjhOLb3cx
piuKa9y7uu0muexnyJkC8PIYRicFfK6BY3gqWm99uJYDXrnG62jqZziPirlZFxSX
d1+DZemhMceSSQdJPwEsDyG8CWIo4r6jnJPBMeJ6APdTQMnmzObSqqpRiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ1F2jsWNgXFkYCH7eXKoq15EjToMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvblVYYU94WTJCY1dSZ0lmdDVjcWlyWGtTTk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYV8AwQC
k05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQCDBSfAgbDqOzKNAyrC
AWh4MP6Zs9B0rWNUOdVxlJIk7V1LsqCF2zuyUfoHp1LzYwRKih2EFWlQ3316Y00N
H7my8KXnlEN7oiQQm1qvHXi2pkj1lBbiEyFYr1jZ71zHFdPFQVqIiSisGpJ9pwRQ
YDTwlvL5/q39gtP6Kt2wTmi3sh02iFyB4k+1Qkjd4+0lrywQ5TcoiScsAvZXAmG0
SXi0bc/TYSobTIvcDuYCKxf3LiMGh8zp7rIUPMEc6+E527WWfxsp2cZGh4hWqtf/
XBXU37uudXg7xw5N50/PSMRijRKqaDFFE9SdYmRNp6VGKg/ueFJUmfFbZb3/ExUv
MD5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org