Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/nE8rC2HmuyL4KKQ4BYUSAtr2vn0.roa
File: nE8rC2HmuyL4KKQ4BYUSAtr2vn0.roa (raw, json)
Hash identifier: KowzbKNARRTzoHEECkyShmQQULdXKtujD1Hwz6VPmQI=
Subject key identifier: 9C:4F:2B:0B:61:E6:BB:22:F8:28:A4:38:05:85:12:02:DA:F6:BE:7D
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018CC500DA558560C40F4402C7555051921C
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/nE8rC2HmuyL4KKQ4BYUSAtr2vn0.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.73.0/24 maxlen: 24
192.40.76.0/24 maxlen: 24
192.40.74.0/24 maxlen: 24
192.40.77.0/24 maxlen: 24
192.40.78.0/24 maxlen: 24
192.40.72.0/24 maxlen: 24
192.40.75.0/24 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 08:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:da:55:85:60:c4:0f:44:02:c7:55:50:51:92:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4f2b0b61e6bb22f828a43805851202daf6be7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:96:28:15:6c:2f:89:3f:72:51:33:84:3c:1b:
30:41:34:9b:01:10:c5:1a:80:5c:44:4a:1b:a1:c9:
59:19:d0:de:6f:0f:f4:76:9b:92:02:54:c1:7d:9f:
d4:1f:0b:ea:2d:ac:da:dd:51:48:bd:e9:fd:2d:d8:
91:fd:ab:41:a9:06:ec:ee:43:ff:0e:af:b0:bd:f3:
64:89:10:c7:63:fe:d5:99:46:56:20:d3:87:f1:46:
6b:7c:53:30:23:ab:aa:63:c9:b3:e8:a8:25:b4:4e:
89:e2:b0:67:da:48:62:eb:d1:c5:a6:f6:82:d5:70:
c1:6b:87:a2:cd:c1:8c:7b:92:22:40:a9:05:78:28:
e2:2a:0d:74:3e:ab:cb:9d:28:75:76:9a:61:03:df:
0e:10:a1:0a:56:74:5b:65:3c:77:79:06:a2:60:ce:
31:02:18:cc:6c:61:49:fc:5e:d6:e1:b1:74:82:2f:
57:a8:21:26:ad:3e:a1:6f:85:1d:18:76:77:98:42:
9c:bc:f8:86:23:2f:00:e6:b7:61:f4:cd:45:35:b3:
5d:e3:81:cc:58:ca:14:a4:3e:5c:df:6d:ea:9c:dd:
27:ae:e2:a9:b0:49:28:f9:53:44:aa:bb:5a:b7:43:
c1:7c:94:77:a2:ff:0d:36:47:a8:5f:1a:b3:e6:a6:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4F:2B:0B:61:E6:BB:22:F8:28:A4:38:05:85:12:02:DA:F6:BE:7D
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/nE8rC2HmuyL4KKQ4BYUSAtr2vn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0-192.40.78.255
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
52:6d:0a:a2:c3:94:d7:2d:4d:0f:c6:30:20:08:c4:af:f1:8c:
83:be:93:09:46:d8:0f:11:28:c1:04:2f:2d:ed:ac:68:48:dd:
13:d0:1c:9d:80:91:35:8a:ea:f2:52:76:fd:a9:e7:ef:e9:59:
8e:87:bc:e2:a9:ad:82:97:41:19:e7:d6:df:bd:49:ff:b2:e9:
fc:9d:d3:7d:02:b9:93:97:69:eb:06:84:21:d6:3f:80:a5:62:
7e:28:2e:68:40:71:0d:f6:ce:b6:af:3d:e3:22:b8:2b:ea:46:
7f:ba:1e:58:8c:7c:c3:f7:bb:92:b7:19:ca:77:b6:86:14:27:
b9:03:06:f9:69:5d:15:22:ea:18:fd:df:fa:3c:1a:d9:47:17:
64:ef:d8:b2:e2:18:35:ef:1b:21:1c:89:94:64:28:2c:63:48:
a1:22:32:1f:a8:13:8e:cb:ba:9f:c1:26:5c:e2:b0:b5:0f:c3:
1c:32:13:ac:23:01:95:53:b2:78:3c:0b:40:48:14:4f:3f:df:
a8:8f:c9:77:53:7a:d2:64:20:f9:47:d0:7a:1e:ff:51:67:cc:
e2:f8:26:37:a5:e2:70:c3:cc:c7:e0:17:b8:d4:94:bd:89:a6:
f9:80:aa:08:79:93:19:f1:41:14:a1:96:3d:be:cb:ea:d6:eb:
78:3a:b2:f4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzFANpVhWDED0QCx1VQUZIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRmMmIwYjYxZTZiYjIyZjgyOGE0MzgwNTg1MTIwMmRhZjZiZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZYoFWwviT9yUTOEPBswQTSbARDF
GoBcREoboclZGdDebw/0dpuSAlTBfZ/UHwvqLaza3VFIven9LdiR/atBqQbs7kP/
Dq+wvfNkiRDHY/7VmUZWINOH8UZrfFMwI6uqY8mz6KgltE6J4rBn2khi69HFpvaC
1XDBa4eizcGMe5IiQKkFeCjiKg10PqvLnSh1dpphA98OEKEKVnRbZTx3eQaiYM4x
AhjMbGFJ/F7W4bF0gi9XqCEmrT6hb4UdGHZ3mEKcvPiGIy8A5rdh9M1FNbNd44HM
WMoUpD5c323qnN0nruKpsEko+VNEqrtat0PBfJR3ov8NNkeoXxqz5qZAZQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJxPKwth5rsi+CikOAWFEgLa9r59MB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL25FOHJDMkhtdXlMNEtLUTRCWVVTQXRyMnZuMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEA8Ao
SAMEAMAoTjAWBAIAAjAQAwcAIAEGfCGkAwUAKgbwQDANBgkqhkiG9w0BAQsFAAOC
AQEAUm0KosOU1y1ND8YwIAjEr/GMg76TCUbYDxEowQQvLe2saEjdE9AcnYCRNYrq
8lJ2/ann7+lZjoe84qmtgpdBGefW371J/7Lp/J3TfQK5k5dp6waEIdY/gKVifigu
aEBxDfbOtq894yK4K+pGf7oeWIx8w/e7krcZyne2hhQnuQMG+WldFSLqGP3f+jwa
2UcXZO/YsuIYNe8bIRyJlGQoLGNIoSIyH6gTjsu6n8EmXOKwtQ/DHDITrCMBlVOy
eDwLQEgUTz/fqI/Jd1N60mQg+UfQeh7/UWfM4vgmN6XicMPMx+AXuNSUvYmm+YCq
CHmTGfFBFKGWPb7L6tbreDqy9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org