Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/n9D0iK_HtIil-1kxOLhk8Iz1Piw.roa
File: n9D0iK_HtIil-1kxOLhk8Iz1Piw.roa (raw, json)
Hash identifier: zVgXMLR0o8uj/GJhtxDtUi9ZWEbCwRVxBHUm2fU3SQU=
Subject key identifier: 9F:D0:F4:88:AF:C7:B4:88:A5:FB:59:31:38:B8:64:F0:8C:F5:3E:2C
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 01857321D50D6FE23FF24CA91AAFB9212471
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/n9D0iK_HtIil-1kxOLhk8Iz1Piw.roa
Signing time: Mon 02 Jan 2023 15:37:55 +0000
ROA not before: Mon 02 Jan 2023 15:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 194.115.212.0/24 maxlen: 24
194.115.212.0/22 maxlen: 22
194.115.213.0/24 maxlen: 24
194.115.215.0/24 maxlen: 24
194.115.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:d5:0d:6f:e2:3f:f2:4c:a9:1a:af:b9:21:24:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jan 2 15:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fd0f488afc7b488a5fb593138b864f08cf53e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:00:6d:fa:7e:73:a3:99:f1:07:14:3f:a0:bf:
1d:32:77:47:a4:16:0f:d0:fd:9f:c9:83:f1:0e:b5:
6e:f6:ca:89:cd:8c:17:ee:8b:74:8f:10:13:15:a6:
fe:c6:0c:a2:a8:fa:71:67:3c:91:ea:1d:9d:17:cf:
84:c9:61:b1:64:31:1f:35:83:7d:28:b9:15:50:7d:
8d:ad:3e:86:e6:fe:e9:d8:e0:4c:f8:c8:9c:b5:16:
bb:1c:9c:46:44:8d:8f:f2:ec:90:51:5c:c1:31:b6:
52:71:3d:7f:0e:fc:cd:9c:13:ae:6c:37:de:9b:c4:
79:c5:ca:0d:0a:4e:26:a0:3d:43:e0:4c:00:e6:f6:
90:6c:39:e5:28:40:55:b5:81:4e:45:cf:1b:11:6a:
c6:78:e7:b7:c6:b3:6c:55:dc:75:9d:a9:d9:bf:70:
a7:7e:cc:f4:fc:be:db:7d:45:a2:dc:1e:e9:e6:cd:
65:c0:26:44:63:32:ed:e9:51:2b:ea:07:89:84:d8:
e4:50:64:e7:64:7f:b9:13:cc:60:42:7c:bf:92:18:
bb:57:f8:9e:8b:26:c9:76:0f:88:e0:b6:11:40:04:
bd:2f:53:bb:46:36:63:6a:5e:98:4c:9d:98:c4:1c:
0e:84:5c:8b:de:d8:e6:7a:55:3b:f0:76:2c:57:61:
b2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D0:F4:88:AF:C7:B4:88:A5:FB:59:31:38:B8:64:F0:8C:F5:3E:2C
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/n9D0iK_HtIil-1kxOLhk8Iz1Piw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.115.212.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:35:18:ca:f0:66:e4:e5:a2:0b:2a:ca:a1:4b:83:ac:c5:0d:
a7:e5:75:b1:e9:4e:c5:71:df:81:44:f6:dd:3a:7d:aa:be:66:
77:31:33:1b:5a:e9:68:62:ff:30:49:08:e8:a5:9a:bd:ec:8b:
5f:8b:05:a9:4c:28:74:82:44:a1:17:ac:0e:5e:93:61:96:65:
69:b6:a9:df:eb:d3:59:32:69:fa:0c:d5:f5:50:46:1c:a1:86:
30:1c:6d:a6:d4:e7:e0:eb:e1:2a:1b:84:44:c6:39:97:48:95:
f3:22:24:c5:8f:92:93:c6:93:1f:a5:86:97:af:f2:db:05:7b:
27:58:74:ce:0f:fd:a9:d9:49:c0:63:32:a6:6a:62:54:96:d9:
fc:5c:63:48:7f:b4:ec:d3:ed:e5:5d:58:0b:87:37:f0:84:10:
8a:15:8a:5a:bc:83:02:fc:e8:8f:07:bd:f8:65:79:9a:ae:fb:
b0:02:84:ba:b4:63:0b:c5:4b:dc:33:17:4c:c6:cf:48:ed:43:
86:73:8c:b0:d6:41:58:c9:e1:e2:6b:2b:ac:6a:23:a7:8c:38:
7c:ed:93:71:cf:98:45:e3:f3:f9:aa:59:d6:da:e1:a9:c6:58:
00:9c:ef:df:e5:67:fb:b6:e2:64:5c:1f:d9:12:60:8b:b1:14:
6e:d7:d7:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIdUNb+I/8kypGq+5ISRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzZmZDNmMzJjYTQ1OTRjOTYwNzU2NTlhNzA4OWIyN2Fl
M2ZlZjMwHhcNMjMwMTAyMTUzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQwZjQ4OGFmYzdiNDg4YTVmYjU5MzEzOGI4NjRmMDhjZjUzZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQBt+n5zo5nxBxQ/oL8dMndHpBYP
0P2fyYPxDrVu9sqJzYwX7ot0jxATFab+xgyiqPpxZzyR6h2dF8+EyWGxZDEfNYN9
KLkVUH2NrT6G5v7p2OBM+MictRa7HJxGRI2P8uyQUVzBMbZScT1/DvzNnBOubDfe
m8R5xcoNCk4moD1D4EwA5vaQbDnlKEBVtYFORc8bEWrGeOe3xrNsVdx1nanZv3Cn
fsz0/L7bfUWi3B7p5s1lwCZEYzLt6VEr6geJhNjkUGTnZH+5E8xgQny/khi7V/ie
iybJdg+I4LYRQAS9L1O7RjZjal6YTJ2YxBwOhFyL3tjmelU78HYsV2GyjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/Q9Iivx7SIpftZMTi4ZPCM9T4sMB8GA1UdIwQY
MBaAFJvG/T8yykWUyWB1ZZpwibJ64/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYt
ZGNiZTUzZGE3ODYwLzEvbjlEMGlLX0h0SWlsLTFreE9MaGs4SXoxUGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYtZGNiZTUzZGE3ODYw
LzEvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnPUMA0G
CSqGSIb3DQEBCwUAA4IBAQBbNRjK8Gbk5aILKsqhS4OsxQ2n5XWx6U7Fcd+BRPbd
On2qvmZ3MTMbWuloYv8wSQjopZq97ItfiwWpTCh0gkShF6wOXpNhlmVptqnf69NZ
Mmn6DNX1UEYcoYYwHG2m1Ofg6+EqG4RExjmXSJXzIiTFj5KTxpMfpYaXr/LbBXsn
WHTOD/2p2UnAYzKmamJUltn8XGNIf7Ts0+3lXVgLhzfwhBCKFYpavIMC/OiPB734
ZXmarvuwAoS6tGMLxUvcMxdMxs9I7UOGc4yw1kFYyeHiayusaiOnjDh87ZNxz5hF
4/P5qlnW2uGpxlgAnO/f5Wf7tuJkXB/ZEmCLsRRu19cC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:57 2024 by rpki-client on console-ams.rpki-client.org