Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/yNVlJoHLnFwvIBN7WW1BP9jXWXk.roa
File: yNVlJoHLnFwvIBN7WW1BP9jXWXk.roa (raw, json)
Hash identifier: JkePoZkeyoruQzGNR6DyBf6/AaqDwVrJd68aACrvCFk=
Subject key identifier: C8:D5:65:26:81:CB:9C:5C:2F:20:13:7B:59:6D:41:3F:D8:D7:59:79
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCABE2D16B3DF4FEC5B7036FA3CAA3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/yNVlJoHLnFwvIBN7WW1BP9jXWXk.roa
Signing time: Sun 01 Jan 2023 05:45:02 +0000
ROA not before: Sun 01 Jan 2023 05:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 20:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:ab:e2:d1:6b:3d:f4:fe:c5:b7:03:6f:a3:ca:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8d5652681cb9c5c2f20137b596d413fd8d75979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:df:dd:25:4a:1f:4c:30:18:b8:7e:d8:46:
2b:de:b9:aa:b6:c5:ab:e4:86:11:ba:e3:a2:28:52:
6b:9b:9d:0c:d3:5d:00:a8:22:45:4d:ce:22:8a:86:
46:d1:81:73:11:9e:82:66:66:c0:72:b7:b2:41:d6:
67:39:f1:11:04:d5:a4:5f:a8:b5:4f:35:1d:18:2f:
67:6b:b6:fa:b3:16:c2:83:df:22:a7:89:fd:0d:0b:
c7:ab:39:f6:ca:6c:19:a2:f0:98:7a:24:0d:56:97:
25:77:6e:49:b0:23:43:c3:25:93:8d:5c:09:a8:18:
09:33:86:86:4d:bd:00:2c:74:38:ed:c9:01:b8:d6:
df:ca:bf:fc:5f:b9:e1:90:22:f2:cf:36:05:56:f0:
b4:f5:fc:02:94:a2:9c:59:a3:93:82:ad:0b:c3:78:
2b:ba:be:9c:46:60:ae:2b:e3:9f:09:ea:d7:d5:57:
53:0c:ad:67:dc:a7:b8:80:2e:c3:e6:81:17:04:26:
db:88:42:bd:73:41:66:fc:50:ee:a1:59:ea:04:b6:
e7:0f:8f:d2:05:35:cd:27:d4:3a:a3:20:a1:b0:12:
57:ba:4b:ac:2e:88:7a:9f:7b:c0:4f:b3:74:59:c4:
fa:c9:1e:4a:df:2e:b4:e3:96:a9:03:0d:88:88:0a:
8e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D5:65:26:81:CB:9C:5C:2F:20:13:7B:59:6D:41:3F:D8:D7:59:79
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/yNVlJoHLnFwvIBN7WW1BP9jXWXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.95.0/24
Signature Algorithm: sha256WithRSAEncryption
56:c3:38:03:37:9c:c1:e4:19:bd:8f:b9:a4:c2:b2:b1:5b:17:
4a:29:bf:d1:fd:79:0c:67:ef:7f:aa:78:af:22:b4:19:b9:d9:
66:be:0d:a3:e7:b7:eb:4d:26:a7:07:69:0e:88:59:ab:f3:31:
42:b8:09:bf:bb:81:55:81:a7:d9:98:9e:54:bd:36:a0:01:a8:
8c:cd:a7:82:2c:f5:d5:3f:e4:21:f6:7a:62:d1:36:96:5f:e2:
fd:6b:20:d6:bc:6d:b8:6f:8e:94:22:85:f1:d6:bb:72:f1:88:
79:ad:44:4f:72:06:3b:15:47:99:7f:b4:47:37:d1:c9:8c:da:
98:ad:d8:20:3c:5b:56:80:1a:57:aa:80:c9:d4:ed:43:c2:2a:
2a:46:3c:29:bd:86:51:59:62:09:76:2a:b9:6c:7f:bf:01:01:
00:a8:5d:0d:2d:32:c7:6b:cc:54:5f:56:c6:e1:0f:9f:fe:96:
78:fa:ee:e0:89:94:2f:c8:08:e9:eb:c1:6d:3e:dd:03:ef:af:
2a:51:e7:b6:05:f7:8d:1d:06:4d:2d:d2:4a:71:fa:3b:b7:29:
f9:ff:97:d1:51:45:87:96:e0:2a:89:c9:70:96:18:b8:10:ee:
ad:66:24:96:8e:f7:f9:17:00:70:26:4d:11:7a:60:a1:e7:ab:
35:96:b9:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3Kvi0Ws99P7FtwNvo8qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQ1NjUyNjgxY2I5YzVjMmYyMDEzN2I1OTZkNDEzZmQ4ZDc1OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf7f3SVKH0wwGLh+2EYr3rmqtsWr
5IYRuuOiKFJrm50M010AqCJFTc4iioZG0YFzEZ6CZmbAcreyQdZnOfERBNWkX6i1
TzUdGC9na7b6sxbCg98ip4n9DQvHqzn2ymwZovCYeiQNVpcld25JsCNDwyWTjVwJ
qBgJM4aGTb0ALHQ47ckBuNbfyr/8X7nhkCLyzzYFVvC09fwClKKcWaOTgq0Lw3gr
ur6cRmCuK+OfCerX1VdTDK1n3Ke4gC7D5oEXBCbbiEK9c0Fm/FDuoVnqBLbnD4/S
BTXNJ9Q6oyChsBJXukusLoh6n3vAT7N0WcT6yR5K3y6045apAw2IiAqOCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjVZSaBy5xcLyATe1ltQT/Y11l5MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEveU5WbEpvSExuRnd2SUJON1dXMUJQOWpYV1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGBfMA0G
CSqGSIb3DQEBCwUAA4IBAQBWwzgDN5zB5Bm9j7mkwrKxWxdKKb/R/XkMZ+9/qniv
IrQZudlmvg2j57frTSanB2kOiFmr8zFCuAm/u4FVgafZmJ5UvTagAaiMzaeCLPXV
P+Qh9npi0TaWX+L9ayDWvG24b46UIoXx1rty8Yh5rURPcgY7FUeZf7RHN9HJjNqY
rdggPFtWgBpXqoDJ1O1DwioqRjwpvYZRWWIJdiq5bH+/AQEAqF0NLTLHa8xUX1bG
4Q+f/pZ4+u7giZQvyAjp68FtPt0D768qUee2BfeNHQZNLdJKcfo7tyn5/5fRUUWH
luAqiclwlhi4EO6tZiSWjvf5FwBwJk0RemCh56s1lrkf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org