Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/l-NpKTTbWaszugZ2LmieL6wMa9s.roa
File: l-NpKTTbWaszugZ2LmieL6wMa9s.roa (raw, json)
Hash identifier: iNxQU0ZLai/q6rmBhR4FTa4uH1agIHtcBc6/6Rs5RUc=
Subject key identifier: 97:E3:69:29:34:DB:59:AB:33:BA:06:76:2E:68:9E:2F:AC:0C:6B:DB
Certificate issuer: /CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Certificate serial: 018571D7914EB195740EA44EFF2044088248
Authority key identifier: DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/l-NpKTTbWaszugZ2LmieL6wMa9s.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39787
IP address blocks: 195.5.112.0/23 maxlen: 23
5.44.64.0/21 maxlen: 21
2a00:e48:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:91:4e:b1:95:74:0e:a4:4e:ff:20:44:08:82:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97e3692934db59ab33ba06762e689e2fac0c6bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:ce:d0:e9:b0:a8:f4:d2:c8:4e:c2:b8:41:
9f:05:30:78:f1:86:7b:f3:cf:d9:ac:ad:e6:f3:34:
cd:43:fd:c6:5a:b0:50:15:a5:12:a8:23:d8:38:f2:
31:50:4f:fa:1e:73:78:de:95:64:33:04:e2:8f:33:
ce:0d:00:35:ab:29:cf:da:81:10:0e:14:97:ae:ca:
01:2e:ce:4b:99:41:04:00:6b:0c:ed:86:62:7a:0a:
f5:83:c2:a3:a1:4d:3e:df:1c:ae:38:19:3a:eb:3b:
d7:8a:4d:52:4d:eb:f3:31:1a:81:60:a2:27:1e:92:
a3:1d:b0:d3:78:0d:1b:b1:c2:72:c9:91:a2:26:74:
07:34:8c:6b:06:18:24:62:7c:1a:56:8e:21:31:89:
a6:0c:37:08:c3:ba:15:13:0a:1e:33:a5:9c:20:66:
c1:72:a9:7d:df:be:66:f5:1f:93:ef:db:36:0f:15:
e4:69:09:98:31:8c:20:65:59:32:7e:11:a3:d7:25:
68:a2:74:37:c0:41:31:d9:83:60:c0:1d:26:ca:59:
a8:d2:4f:a9:d0:e3:6d:98:f7:35:69:b9:2b:cb:17:
2b:8b:96:20:44:5d:f6:cc:ca:7a:21:50:b8:c7:24:
b7:c9:0d:cb:6a:00:50:24:ca:fa:7d:7d:1f:b9:bc:
81:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E3:69:29:34:DB:59:AB:33:BA:06:76:2E:68:9E:2F:AC:0C:6B:DB
X509v3 Authority Key Identifier:
keyid:DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/l-NpKTTbWaszugZ2LmieL6wMa9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.64.0/21
195.5.112.0/23
IPv6:
2a00:e48:8000::/33
Signature Algorithm: sha256WithRSAEncryption
2b:f3:79:0e:7d:09:3d:0d:81:c1:fc:af:6d:0e:9b:5c:07:d1:
1e:8e:76:78:78:71:ed:52:f8:d8:ba:fe:df:83:f3:26:44:23:
b2:4b:eb:a1:25:21:c6:f7:d8:ca:df:b0:ad:66:ef:f7:ac:68:
82:21:dd:d8:5f:c7:e7:98:df:38:50:ef:4d:13:73:fb:06:b6:
f9:78:b2:d7:4e:d8:d5:f1:33:c2:42:56:46:ba:74:f1:27:e1:
2a:8a:1f:00:01:c1:8a:26:19:23:da:4a:f5:22:6d:c9:13:0f:
5a:1d:24:da:ce:3b:ac:62:09:a0:ad:8f:13:ed:01:3a:bc:68:
4b:be:10:a6:db:20:51:f1:6c:25:59:30:90:23:d9:12:56:3c:
3a:35:5b:90:28:8b:7b:0b:38:84:0f:8b:11:b3:fe:cd:13:54:
11:62:82:a3:5b:c4:f6:51:9a:8f:b5:cd:d6:db:66:d6:eb:a6:
e3:ae:72:b7:42:63:56:2e:95:ce:34:bb:f3:45:f7:ac:77:13:
a9:35:f4:b5:7e:78:26:44:37:fe:cd:d6:74:5c:a1:85:aa:0b:
1c:96:a8:f0:de:5e:19:cf:d8:a0:1e:d5:5a:7b:0f:1a:04:57:
fd:1a:5d:b9:42:f0:62:f9:20:ef:85:ac:2e:60:d4:24:c7:a4:
b3:ee:b9:33
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVx15FOsZV0DqRO/yBECIJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI0YjljNjNkYjVjMWExY2Y0YzU1ODFkYmU1YjM4MWNi
OTUwODcwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2UzNjkyOTM0ZGI1OWFiMzNiYTA2NzYyZTY4OWUyZmFjMGM2YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR7O0OmwqPTSyE7CuEGfBTB48YZ7
88/ZrK3m8zTNQ/3GWrBQFaUSqCPYOPIxUE/6HnN43pVkMwTijzPODQA1qynP2oEQ
DhSXrsoBLs5LmUEEAGsM7YZiegr1g8KjoU0+3xyuOBk66zvXik1STevzMRqBYKIn
HpKjHbDTeA0bscJyyZGiJnQHNIxrBhgkYnwaVo4hMYmmDDcIw7oVEwoeM6WcIGbB
cql9375m9R+T79s2DxXkaQmYMYwgZVkyfhGj1yVoonQ3wEEx2YNgwB0mylmo0k+p
0ONtmPc1abkryxcri5YgRF32zMp6IVC4xyS3yQ3LagBQJMr6fX0fubyBRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJfjaSk021mrM7oGdi5oni+sDGvbMB8GA1UdIwQY
MBaAFNoCS5xj21waHPTFWB2+WzgcuVCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYt
NzEyYjFhNzk2OGU2LzEvbC1OcEtUVGJXYXN6dWdaMkxtaWVMNndNYTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYtNzEyYjFhNzk2OGU2
LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDBSxAAwQB
wwVwMA4EAgACMAgDBgcqAA5IgDANBgkqhkiG9w0BAQsFAAOCAQEAK/N5Dn0JPQ2B
wfyvbQ6bXAfRHo52eHhx7VL42Lr+34PzJkQjskvroSUhxvfYyt+wrWbv96xogiHd
2F/H55jfOFDvTRNz+wa2+Xiy107Y1fEzwkJWRrp08SfhKoofAAHBiiYZI9pK9SJt
yRMPWh0k2s47rGIJoK2PE+0BOrxoS74QptsgUfFsJVkwkCPZElY8OjVbkCiLews4
hA+LEbP+zRNUEWKCo1vE9lGaj7XN1ttm1uum465yt0JjVi6VzjS780X3rHcTqTX0
tX54JkQ3/s3WdFyhhaoLHJao8N5eGc/YoB7VWnsPGgRX/RpduULwYvkg74WsLmDU
JMeks+65Mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:27 2024 by rpki-client on console-ams.rpki-client.org