Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/nj9c12DSbYUQU_Cf1C0GcNXhieo.roa
File: nj9c12DSbYUQU_Cf1C0GcNXhieo.roa (raw, json)
Hash identifier: yZK3I5tJK+BNN77d6ecfthUCKrLhAUDUg+ZURqySlg8=
Subject key identifier: 9E:3F:5C:D7:60:D2:6D:85:10:53:F0:9F:D4:2D:06:70:D5:E1:89:EA
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AE35AA97B7D03768056C8932DE9E
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/nj9c12DSbYUQU_Cf1C0GcNXhieo.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 45.131.194.0/24 maxlen: 24
85.8.130.0/24 maxlen: 24
2a0e:d781::/32 maxlen: 32
2a0e:d783::/32 maxlen: 32
2a0e:d782::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 11:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ae:35:aa:97:b7:d0:37:68:05:6c:89:32:de:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e3f5cd760d26d851053f09fd42d0670d5e189ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:25:61:90:29:d7:e0:12:9c:c5:14:47:e9:df:
f5:23:02:05:fd:4d:9c:db:27:c4:c3:22:80:78:cd:
63:55:0e:09:80:22:a2:6b:01:25:61:eb:fc:52:ca:
4d:a1:4b:38:4e:87:e9:20:74:60:e1:c9:ca:b6:b4:
3e:31:87:05:71:4c:46:a2:24:d7:16:07:5e:4b:b3:
95:aa:3d:6b:4c:91:1a:0f:91:0a:c8:3b:72:57:32:
4e:ce:e7:cf:9c:f8:14:d7:e5:d6:be:bb:9b:c5:2d:
b1:4e:49:d1:1c:11:8c:6c:cf:4f:d7:53:9f:97:ef:
f0:7c:f9:51:73:f8:c1:52:8d:f5:bb:0b:aa:f2:61:
fd:1e:e1:63:19:0b:b7:18:d6:f0:45:76:c7:07:7b:
70:f8:8e:23:18:a0:e8:b9:14:53:6a:84:af:89:9c:
21:46:4a:0f:c6:c3:b7:71:06:0b:2d:3e:90:42:34:
a5:b6:fd:d6:71:bd:20:18:ae:e8:c9:35:37:3a:d8:
dc:da:a0:c2:04:8b:c4:26:8e:2d:03:49:a8:60:b4:
c5:bf:ec:ee:3b:43:0c:7b:d9:4e:6e:4b:f7:6c:a5:
e8:35:08:60:3b:69:0b:38:7d:2d:b9:e6:8b:50:0a:
e6:fe:8b:1f:11:4a:a4:57:0c:cd:43:d0:36:db:11:
b0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3F:5C:D7:60:D2:6D:85:10:53:F0:9F:D4:2D:06:70:D5:E1:89:EA
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/nj9c12DSbYUQU_Cf1C0GcNXhieo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.194.0/24
85.8.130.0/24
IPv6:
2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:4c:36:1b:e1:69:66:38:fc:f3:8c:fa:8f:cc:18:c9:f2:da:
df:b9:d4:35:bb:40:d7:e4:de:54:de:f5:72:03:1a:09:b7:8d:
4a:74:7c:eb:91:65:2e:26:78:be:01:97:b4:77:ff:49:a7:cc:
25:dd:19:12:c8:df:32:21:a4:7e:0e:fa:90:81:99:d7:7a:e4:
91:be:9a:9c:9b:29:8f:3b:3b:52:d1:4c:10:13:04:6a:ac:ff:
1e:f8:31:76:52:4a:80:81:5e:4b:7c:33:ed:1a:ca:b9:88:39:
4b:a3:b0:7e:00:d2:f6:3b:72:23:b2:5c:18:9b:30:ff:05:8d:
7c:60:4c:95:65:ff:d4:69:ed:63:8c:08:40:7f:5e:0c:ae:42:
1f:41:f1:ed:7a:42:bc:fb:78:c0:e5:87:82:0b:94:5f:ef:1e:
10:5e:4b:50:f4:73:ec:03:27:b7:bf:b2:7f:1d:3e:a6:6a:f0:
bd:fd:a7:3b:6a:bf:69:c5:7d:8f:89:7c:25:8d:6a:7e:e6:67:
75:ee:a9:5d:09:1f:e9:e9:97:a4:dd:68:a3:12:9a:91:d9:9f:
4d:0d:08:0a:fb:0f:b9:5b:f0:cd:3c:1f:62:33:e7:15:1a:1f:
a1:bd:d5:9c:fd:d0:a8:80:28:fc:3b:6b:4e:34:7f:6d:bc:42:
1e:10:a7:b0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDSK41qpe30DdoBWyJMt6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNmNWNkNzYwZDI2ZDg1MTA1M2YwOWZkNDJkMDY3MGQ1ZTE4OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiVhkCnX4BKcxRRH6d/1IwIF/U2c
2yfEwyKAeM1jVQ4JgCKiawElYev8UspNoUs4TofpIHRg4cnKtrQ+MYcFcUxGoiTX
FgdeS7OVqj1rTJEaD5EKyDtyVzJOzufPnPgU1+XWvrubxS2xTknRHBGMbM9P11Of
l+/wfPlRc/jBUo31uwuq8mH9HuFjGQu3GNbwRXbHB3tw+I4jGKDouRRTaoSviZwh
RkoPxsO3cQYLLT6QQjSltv3Wcb0gGK7oyTU3Otjc2qDCBIvEJo4tA0moYLTFv+zu
O0MMe9lObkv3bKXoNQhgO2kLOH0tueaLUArm/osfEUqkVwzNQ9A22xGwlQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ4/XNdg0m2FEFPwn9QtBnDV4YnqMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvbmo5YzEyRFNiWVVRVV9DZjFDMEdjTlhoaWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYPCAwQA
VQiCMBYEAgACMBAwDgMFACoO14EDBQIqDteAMA0GCSqGSIb3DQEBCwUAA4IBAQAy
TDYb4WlmOPzzjPqPzBjJ8trfudQ1u0DX5N5U3vVyAxoJt41KdHzrkWUuJni+AZe0
d/9Jp8wl3RkSyN8yIaR+DvqQgZnXeuSRvpqcmymPOztS0UwQEwRqrP8e+DF2UkqA
gV5LfDPtGsq5iDlLo7B+ANL2O3IjslwYmzD/BY18YEyVZf/Uae1jjAhAf14MrkIf
QfHtekK8+3jA5YeCC5Rf7x4QXktQ9HPsAye3v7J/HT6mavC9/ac7ar9pxX2PiXwl
jWp+5md17qldCR/p6Zek3WijEpqR2Z9NDQgK+w+5W/DNPB9iM+cVGh+hvdWc/dCo
gCj8O2tONH9tvEIeEKew
-----END CERTIFICATE-----
Generated at Thu Apr 18 13:30:09 2024 by rpki-client on console-fra.rpki-client.org