Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa
File: NjeJTpz9qZiu48vlNMmZUS8xc2g.roa (raw, json)
Hash identifier: asBgimaasT8kXiCD2wVkEY4/1pkOFAYLoRmJ4SeAoeE=
Subject key identifier: 36:37:89:4E:9C:FD:A9:98:AE:E3:CB:E5:34:C9:99:51:2F:31:73:68
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 018AFEF9CC640AD5A6BD1EB7E7DC1979FBC3
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa
Signing time: Thu 05 Oct 2023 08:34:58 +0000
ROA not before: Thu 05 Oct 2023 08:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29447
IP address blocks: 78.208.0.0/12 maxlen: 12
81.56.0.0/15 maxlen: 17
2a01:e10::/30 maxlen: 30
2a01:e11::/32 maxlen: 32
2a01:e09::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:f9:cc:64:0a:d5:a6:bd:1e:b7:e7:dc:19:79:fb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Oct 5 08:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3637894e9cfda998aee3cbe534c999512f317368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c3:2b:f5:32:ea:92:16:25:ed:d6:b2:9c:86:
fa:46:c8:ed:45:bd:d3:d1:7d:f2:5c:73:b9:d2:bf:
62:0d:6e:35:70:ee:3e:4a:a9:bc:3a:ca:e3:a5:03:
ab:f7:7a:bc:5c:95:fa:95:a6:16:4c:48:93:ae:d2:
8c:ac:69:39:c6:f9:e5:a1:f3:ed:ea:90:be:6f:46:
e7:cf:0a:b3:b3:78:cb:97:9b:5e:fa:ba:b9:c3:48:
66:2a:d4:70:11:1f:b8:1a:96:6a:4b:7c:4b:b4:f1:
4b:4c:ad:d3:77:7c:ba:d1:b9:c3:c8:45:55:34:be:
49:7d:b7:39:fe:74:dc:a9:ac:94:27:7b:8c:4f:67:
b0:6b:e0:25:50:25:7b:f8:ea:2f:b2:1d:7d:8c:7d:
a6:62:fc:17:67:3e:32:d4:e9:fe:af:8d:b4:5b:c0:
16:80:41:85:93:4d:03:91:86:d7:8a:93:3d:0e:96:
20:ed:8a:9b:30:dc:59:c5:8a:69:d8:12:7c:be:4b:
c5:fd:07:9c:fd:d9:c0:38:22:28:91:d9:54:88:47:
73:98:7e:45:12:e8:55:e1:80:c0:18:4d:78:55:f8:
e6:f6:53:f1:0f:5e:3c:ba:fb:c8:e2:ef:7d:a5:43:
7f:51:eb:12:d6:e2:4e:ef:30:c9:c2:22:f1:93:dc:
e1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:37:89:4E:9C:FD:A9:98:AE:E3:CB:E5:34:C9:99:51:2F:31:73:68
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.208.0.0/12
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
68:4a:e3:63:a4:b2:b7:ed:6f:fb:bc:ea:fe:1d:a5:25:87:99:
9d:d1:9c:15:d6:ce:28:5d:00:5f:e7:5b:67:6b:cc:43:34:a3:
69:73:a2:4f:ff:18:9a:98:31:4f:32:c7:cb:40:84:81:f3:4b:
35:9e:56:c5:36:ce:e9:ca:33:52:cf:33:58:17:78:bb:e1:02:
32:48:13:51:43:1e:60:a4:28:0b:7f:88:7b:cd:a4:a5:a5:29:
81:17:91:3f:9f:02:88:6e:73:27:c8:ad:c6:c9:12:e7:1f:66:
69:3f:15:99:c5:df:c4:97:a2:56:41:11:11:ab:50:51:97:f3:
8f:3f:f5:bb:4d:d3:d4:6c:7f:06:b3:77:ed:ba:0c:98:84:84:
a0:45:14:19:bc:36:43:4d:45:06:04:cc:0c:cb:dc:e1:b2:22:
e6:41:03:f4:58:17:f0:da:bb:8a:5a:37:65:32:17:81:68:f6:
17:ef:83:2c:55:59:31:9f:f5:f6:c7:e0:2c:da:17:39:2d:e9:
6f:49:17:80:48:e9:c9:fe:66:55:06:85:20:7a:e9:d1:c6:fa:
cd:58:eb:c8:5f:4b:1b:9c:70:db:14:9e:01:78:bc:55:52:02:
77:71:67:cc:be:5f:a0:86:e6:85:b0:37:bd:d0:d3:e4:af:6b:
55:39:ca:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYr++cxkCtWmvR6359wZefvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMxMDA1MDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM3ODk0ZTljZmRhOTk4YWVlM2NiZTUzNGM5OTk1MTJmMzE3MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8Mr9TLqkhYl7daynIb6RsjtRb3T
0X3yXHO50r9iDW41cO4+Sqm8OsrjpQOr93q8XJX6laYWTEiTrtKMrGk5xvnlofPt
6pC+b0bnzwqzs3jLl5te+rq5w0hmKtRwER+4GpZqS3xLtPFLTK3Td3y60bnDyEVV
NL5Jfbc5/nTcqayUJ3uMT2ewa+AlUCV7+Oovsh19jH2mYvwXZz4y1On+r420W8AW
gEGFk00DkYbXipM9DpYg7YqbMNxZxYpp2BJ8vkvF/Qec/dnAOCIokdlUiEdzmH5F
EuhV4YDAGE14Vfjm9lPxD148uvvI4u99pUN/UesS1uJO7zDJwiLxk9zhAQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDY3iU6c/amYruPL5TTJmVEvMXNoMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvTmplSlRwejlxWml1NDh2bE5NbVpVUzh4YzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAQBAIAATAKAwMETtADAwFR
ODAUBAIAAjAOAwUAKgEOCQMFAioBDhAwDQYJKoZIhvcNAQELBQADggEBAGhK42Ok
srftb/u86v4dpSWHmZ3RnBXWzihdAF/nW2drzEM0o2lzok//GJqYMU8yx8tAhIHz
SzWeVsU2zunKM1LPM1gXeLvhAjJIE1FDHmCkKAt/iHvNpKWlKYEXkT+fAohucyfI
rcbJEucfZmk/FZnF38SXolZBERGrUFGX848/9btN09Rsfwazd+26DJiEhKBFFBm8
NkNNRQYEzAzL3OGyIuZBA/RYF/Dau4paN2UyF4Fo9hfvgyxVWTGf9fbH4CzaFzkt
6W9JF4BI6cn+ZlUGhSB66dHG+s1Y68hfSxuccNsUngF4vFVSAndxZ8y+X6CG5oWw
N73Q0+Sva1U5ypI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:57 2024 by rpki-client on console-ams.rpki-client.org