Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/nZnMW6VOPeYdUy5pulPsOm8kpaU.roa
File: nZnMW6VOPeYdUy5pulPsOm8kpaU.roa (raw, json)
Hash identifier: UzlEmRebdGNtQ3QeywOj+NBHMj8Y/d8P79JouyqbYiM=
Subject key identifier: 9D:99:CC:5B:A5:4E:3D:E6:1D:53:2E:69:BA:53:EC:3A:6F:24:A5:A5
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CD7DCEA6BCA9557FBCD20C4B7D8E1E841
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/nZnMW6VOPeYdUy5pulPsOm8kpaU.roa
Signing time: Fri 05 Jan 2024 04:23:48 +0000
ROA not before: Fri 05 Jan 2024 04:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 194.15.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 18:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d7:dc:ea:6b:ca:95:57:fb:cd:20:c4:b7:d8:e1:e8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 5 04:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d99cc5ba54e3de61d532e69ba53ec3a6f24a5a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:85:18:39:f3:30:9c:7b:f4:9e:f6:55:a3:52:
66:78:4b:34:29:d1:4e:b8:b1:5e:0a:ee:43:d0:db:
e3:6b:1f:fb:50:b6:26:df:95:47:5f:7d:b0:b0:1f:
1e:5d:d0:35:7e:bb:39:fc:14:5b:1e:0b:fb:fd:5a:
7a:b2:b6:fa:72:34:39:80:5c:39:6a:b7:6a:47:7f:
ba:61:a0:90:b4:59:4c:37:66:84:ab:ad:46:84:c1:
b4:dd:9d:56:89:8f:98:7d:17:c1:e6:e9:72:91:83:
f6:97:dd:fc:33:34:76:bb:61:6b:ec:20:3a:9e:6a:
a9:83:90:95:6f:ad:5a:53:8e:27:5d:fe:08:6a:19:
a8:83:b8:b9:d9:09:2a:13:6c:9e:92:a0:4a:e3:8c:
65:56:db:76:60:f3:79:30:45:f1:3c:b1:28:9b:b6:
8e:7e:44:34:86:88:e3:6b:c4:3e:d9:70:f2:61:11:
51:3d:f0:05:f2:fb:c1:1f:6f:f5:3b:20:23:01:28:
4b:d6:a8:03:48:ad:59:08:db:f7:e0:55:12:56:c9:
d2:2e:1e:db:cf:26:00:01:97:4d:f5:76:61:cd:c0:
be:a6:80:04:cd:ff:77:ef:33:20:f4:7f:3d:31:56:
8e:8e:75:ee:78:d6:00:c2:02:06:55:d3:01:d7:f4:
42:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:99:CC:5B:A5:4E:3D:E6:1D:53:2E:69:BA:53:EC:3A:6F:24:A5:A5
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/nZnMW6VOPeYdUy5pulPsOm8kpaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
62:87:27:a7:df:9d:16:77:90:f2:b4:88:fe:ba:fe:52:2b:35:
05:4c:b9:36:78:de:71:33:d6:24:60:3e:21:1a:72:0a:7b:12:
f8:ba:cf:58:8d:67:04:4f:e6:ca:a6:68:6c:31:dd:74:48:73:
9e:5b:b2:19:df:94:9b:4b:e6:a5:83:69:68:c7:ef:74:17:02:
d3:03:38:d4:72:5c:3a:d8:27:fa:1d:15:a5:c5:42:f0:d2:d2:
13:76:af:70:34:93:c2:6a:13:d6:91:a8:27:c8:81:7b:6a:2c:
13:0d:3c:8a:78:6c:e1:1f:14:53:a2:99:66:2d:f9:8f:a3:5d:
f8:81:b3:a5:91:c8:3f:82:2c:b0:cd:b7:5a:10:78:d7:e9:4f:
b8:8e:81:84:f8:3f:87:22:6c:5a:5a:0d:be:11:76:29:a2:34:
0d:e3:65:0e:f0:f0:1f:fe:1e:9a:f5:73:24:28:5d:4f:b9:b9:
a4:c2:90:40:ba:3e:18:ac:4c:af:60:cc:e2:c5:ba:c2:4b:96:
32:6d:6a:f4:e8:1e:bf:b2:9b:cf:5e:51:98:81:01:e2:d5:c0:
72:0c:61:c2:bd:1c:4b:b0:95:19:d8:ef:68:dd:2f:50:e5:57:
f7:35:80:71:b2:1a:ab:b7:08:ec:1b:f3:16:d2:a9:d0:9e:b5:
04:e4:1b:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzX3OprypVX+80gxLfY4ehBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTA1MDQyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk5Y2M1YmE1NGUzZGU2MWQ1MzJlNjliYTUzZWMzYTZmMjRhNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYUYOfMwnHv0nvZVo1JmeEs0KdFO
uLFeCu5D0Nvjax/7ULYm35VHX32wsB8eXdA1frs5/BRbHgv7/Vp6srb6cjQ5gFw5
ardqR3+6YaCQtFlMN2aEq61GhMG03Z1WiY+YfRfB5ulykYP2l938MzR2u2Fr7CA6
nmqpg5CVb61aU44nXf4Iahmog7i52QkqE2yekqBK44xlVtt2YPN5MEXxPLEom7aO
fkQ0hojja8Q+2XDyYRFRPfAF8vvBH2/1OyAjAShL1qgDSK1ZCNv34FUSVsnSLh7b
zyYAAZdN9XZhzcC+poAEzf937zMg9H89MVaOjnXueNYAwgIGVdMB1/RCuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2ZzFulTj3mHVMuabpT7DpvJKWlMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvblpuTVc2Vk9QZVlkVXk1cHVsUHNPbThrcGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9iMA0G
CSqGSIb3DQEBCwUAA4IBAQBihyen350Wd5DytIj+uv5SKzUFTLk2eN5xM9YkYD4h
GnIKexL4us9YjWcET+bKpmhsMd10SHOeW7IZ35SbS+alg2lox+90FwLTAzjUclw6
2Cf6HRWlxULw0tITdq9wNJPCahPWkagnyIF7aiwTDTyKeGzhHxRToplmLfmPo134
gbOlkcg/giywzbdaEHjX6U+4joGE+D+HImxaWg2+EXYpojQN42UO8PAf/h6a9XMk
KF1PubmkwpBAuj4YrEyvYMzixbrCS5YybWr06B6/spvPXlGYgQHi1cByDGHCvRxL
sJUZ2O9o3S9Q5Vf3NYBxshqrtwjsG/MW0qnQnrUE5BsV
-----END CERTIFICATE-----
Generated at Fri Mar 8 21:08:31 2024 by rpki-client on console-ams.rpki-client.org