Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nJG7fGYkQnm5z0HnXzGsrQ8831s.roa
File: nJG7fGYkQnm5z0HnXzGsrQ8831s.roa (raw, json)
Hash identifier: BVegPP6vpX1GvhpGqwdWzzPauNa869nNCjss2FMF2SI=
Subject key identifier: 9C:91:BB:7C:66:24:42:79:B9:CF:41:E7:5F:31:AC:AD:0F:3C:DF:5B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018C29FD6594B3D5E9BE72B5A16E62527E5B
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nJG7fGYkQnm5z0HnXzGsrQ8831s.roa
Signing time: Sat 02 Dec 2023 10:05:21 +0000
ROA not before: Sat 02 Dec 2023 10:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 45.12.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:fd:65:94:b3:d5:e9:be:72:b5:a1:6e:62:52:7e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Dec 2 10:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c91bb7c66244279b9cf41e75f31acad0f3cdf5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bb:48:1f:36:e0:5a:7f:78:09:42:fa:ed:fb:
e4:de:6d:7a:5b:7b:43:f2:64:cf:dc:b6:bb:10:cc:
79:22:a0:03:bc:05:49:8d:38:b3:0d:4f:29:ec:5e:
1d:76:13:ab:b0:00:06:16:70:4f:a8:f9:59:e1:d3:
e7:df:23:69:24:97:f3:9b:91:32:e8:ea:ed:6f:f0:
9a:e4:71:9e:2c:7a:85:27:a9:a8:4e:2a:e9:45:3e:
ae:83:5a:57:3b:89:0b:c9:ce:0d:97:80:a2:b0:2f:
cf:fc:6d:d4:7e:31:81:f3:f4:e2:05:e9:aa:88:e2:
81:46:ca:64:b8:41:80:a3:0a:75:88:33:3e:8c:aa:
f6:bb:d5:eb:43:28:72:34:30:e7:68:05:4e:7d:d9:
25:34:eb:7d:1f:50:2d:8a:b3:6b:7f:c4:75:41:bc:
ad:50:2f:56:cd:a2:7b:56:67:e9:29:57:83:ef:d6:
9c:0a:e6:e0:80:ad:7e:65:d7:ac:1d:f9:67:28:e2:
9f:37:08:56:66:90:d1:3a:58:99:e3:c2:2d:94:5e:
6e:65:de:b3:d3:31:dd:66:26:0d:4a:ac:42:06:78:
83:e6:65:1c:d3:f8:e5:d4:54:6f:59:79:83:d6:88:
a8:c4:a4:26:11:81:dd:3b:3a:ac:9b:d7:0d:51:ab:
f3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:91:BB:7C:66:24:42:79:B9:CF:41:E7:5F:31:AC:AD:0F:3C:DF:5B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nJG7fGYkQnm5z0HnXzGsrQ8831s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.217.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1d:68:a0:bf:b3:e2:8b:f4:7e:24:9c:4c:81:bc:c6:b1:da:
4e:b6:d5:50:e7:b0:f8:e8:48:d1:c6:01:1e:3e:a7:1d:8c:62:
7c:48:ff:c7:70:2c:a9:0f:be:0b:e5:ee:b0:e6:ec:32:26:69:
12:9a:db:d6:40:65:f0:1d:11:a9:54:ba:5e:a3:b9:28:84:2a:
a9:69:d8:df:28:67:b2:05:43:69:93:cc:c9:80:c2:db:ad:e4:
13:ec:1a:79:02:80:a1:c6:75:8a:d1:4b:e5:48:3b:8c:80:17:
27:94:03:fe:cf:68:07:0e:70:2a:7d:8d:d9:d9:46:25:13:7a:
46:93:b0:91:ed:eb:f4:0f:6b:99:10:5e:fd:3b:88:7d:22:ac:
7d:cd:64:6f:3c:2a:bd:8a:e0:ea:9b:f9:e7:55:b6:54:0d:35:
69:44:c9:95:52:d0:89:b4:86:c0:38:f6:da:58:d5:83:a1:55:
eb:8a:f2:93:d0:13:8b:eb:a4:8a:5a:fe:04:0a:5e:f1:8b:3e:
76:28:03:56:8c:87:10:d8:3c:94:d4:38:f6:f2:05:47:17:70:
e0:04:4b:2d:d9:9e:63:2e:e1:5f:28:92:11:7a:18:ca:ea:45:
65:a5:0c:d7:22:31:b5:ec:f5:14:36:b8:a9:f7:5d:81:3e:3e:
14:10:e1:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwp/WWUs9XpvnK1oW5iUn5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMjAyMTAwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkxYmI3YzY2MjQ0Mjc5YjljZjQxZTc1ZjMxYWNhZDBmM2NkZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprtIHzbgWn94CUL67fvk3m16W3tD
8mTP3La7EMx5IqADvAVJjTizDU8p7F4ddhOrsAAGFnBPqPlZ4dPn3yNpJJfzm5Ey
6Ortb/Ca5HGeLHqFJ6moTirpRT6ug1pXO4kLyc4Nl4CisC/P/G3UfjGB8/TiBemq
iOKBRspkuEGAowp1iDM+jKr2u9XrQyhyNDDnaAVOfdklNOt9H1AtirNrf8R1Qbyt
UC9WzaJ7VmfpKVeD79acCubggK1+ZdesHflnKOKfNwhWZpDROliZ48ItlF5uZd6z
0zHdZiYNSqxCBniD5mUc0/jl1FRvWXmD1oioxKQmEYHdOzqsm9cNUavz+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyRu3xmJEJ5uc9B518xrK0PPN9bMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbkpHN2ZHWWtRbm01ejBIblh6R3NyUTg4MzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQzZMA0G
CSqGSIb3DQEBCwUAA4IBAQCnHWigv7Pii/R+JJxMgbzGsdpOttVQ57D46EjRxgEe
PqcdjGJ8SP/HcCypD74L5e6w5uwyJmkSmtvWQGXwHRGpVLpeo7kohCqpadjfKGey
BUNpk8zJgMLbreQT7Bp5AoChxnWK0UvlSDuMgBcnlAP+z2gHDnAqfY3Z2UYlE3pG
k7CR7ev0D2uZEF79O4h9Iqx9zWRvPCq9iuDqm/nnVbZUDTVpRMmVUtCJtIbAOPba
WNWDoVXrivKT0BOL66SKWv4ECl7xiz52KANWjIcQ2DyU1Dj28gVHF3DgBEst2Z5j
LuFfKJIRehjK6kVlpQzXIjG17PUUNrip912BPj4UEOFH
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:14 2024 by rpki-client on console-fra.rpki-client.org