Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa
File: nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa (raw, json)
Hash identifier: I0GhTOGY8SOcgdp8yEiZZWCWHK8TgrK4UvtUGvV5rDY=
Subject key identifier: 9E:A1:5B:53:C7:43:94:7C:39:1D:D9:33:BB:E2:C8:22:DE:00:7F:2E
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 01856D9D0DA52237A8283682CE491EF85705
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa
Signing time: Sun 01 Jan 2023 13:54:47 +0000
ROA not before: Sun 01 Jan 2023 13:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39775
IP address blocks: 91.204.16.0/22 maxlen: 24
81.90.208.0/20 maxlen: 24
185.149.124.0/22 maxlen: 24
185.190.0.0/22 maxlen: 24
62.192.32.0/19 maxlen: 24
2a02:1378::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:0d:a5:22:37:a8:28:36:82:ce:49:1e:f8:57:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Jan 1 13:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ea15b53c743947c391dd933bbe2c822de007f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:15:4a:0c:8d:65:20:62:0a:79:c3:c4:9a:eb:
3a:68:b5:95:5a:5c:53:ef:58:f8:0b:5f:26:2a:d4:
85:85:33:d6:40:30:f7:1d:cf:9f:bc:0a:25:94:7d:
04:39:e0:db:cd:0f:34:93:fe:7d:34:3e:16:0a:33:
88:9c:f4:74:e4:71:67:43:3e:53:d7:98:96:3d:8e:
ed:3a:bd:9a:26:d8:ab:47:9b:68:71:85:e7:b1:4d:
6b:97:f3:c8:5b:46:fb:9e:2c:6c:ca:65:f3:12:2a:
6f:a7:c6:ea:db:af:1c:3b:bc:1a:98:29:1e:ae:b9:
8e:3a:34:9c:2e:19:d4:a1:ff:33:0a:18:3c:7d:1a:
ad:44:ff:00:9d:76:44:87:98:f9:df:75:77:d6:df:
63:46:8b:73:fc:77:0e:86:9f:57:07:23:bd:dd:81:
64:f5:a1:f6:f1:7a:b6:46:45:f0:f0:c3:51:85:00:
7e:3d:84:06:d7:e7:de:59:0f:c3:f6:8f:0f:04:1f:
86:bc:ad:5c:df:78:e1:e9:3e:75:7b:93:74:50:0f:
27:b0:f9:45:c0:c0:16:90:21:54:be:87:15:a2:51:
4a:9d:6d:4e:45:c9:3f:3a:55:84:a7:f0:64:e9:be:
ce:45:5d:f9:3e:84:2c:5a:ef:01:e2:21:ad:15:78:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A1:5B:53:C7:43:94:7C:39:1D:D9:33:BB:E2:C8:22:DE:00:7F:2E
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.32.0/19
81.90.208.0/20
91.204.16.0/22
185.149.124.0/22
185.190.0.0/22
IPv6:
2a02:1378::/32
Signature Algorithm: sha256WithRSAEncryption
83:76:41:7d:67:01:23:24:cd:07:1e:0b:9b:7c:eb:ca:41:c4:
d4:9c:dd:1d:ef:a6:25:9e:22:37:97:5e:e9:d8:f8:28:88:04:
13:77:12:55:7c:3b:8e:ab:aa:41:3a:04:42:0f:c5:8b:ff:f5:
11:c4:c2:3b:c2:32:cf:67:85:26:e4:2a:bf:a5:45:9a:09:91:
92:4a:64:a9:ab:f5:d3:9e:55:3c:2c:a1:01:d4:18:b1:18:74:
ec:8f:09:80:d1:6b:a0:76:ef:25:de:7a:68:42:68:8d:60:93:
41:ca:25:60:93:48:b2:ed:03:cc:e8:9e:03:d2:d2:94:a2:82:
83:16:11:eb:e8:5d:35:4e:bd:80:00:d8:40:5c:49:ae:66:76:
1e:ca:3a:cf:16:6d:36:32:8a:64:76:c4:29:e8:d7:34:5b:4f:
d8:70:d7:ee:da:88:53:34:0b:46:68:0a:b3:8d:c5:5c:40:dc:
ea:c7:d8:d5:09:05:57:b4:c2:46:2a:a2:e5:f1:c1:1c:ce:47:
62:4e:63:05:32:22:62:87:b3:1a:f5:17:d3:1b:35:05:e7:16:
d6:42:cb:53:d3:da:9d:b7:89:8a:12:32:c7:c3:0b:df:6c:0e:
2e:93:c5:61:ba:0c:38:6f:a9:5a:8d:cc:8f:2d:d6:39:dc:84:
50:21:ce:8c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtnQ2lIjeoKDaCzkke+FcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjMwMTAxMTM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWExNWI1M2M3NDM5NDdjMzkxZGQ5MzNiYmUyYzgyMmRlMDA3ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRVKDI1lIGIKecPEmus6aLWVWlxT
71j4C18mKtSFhTPWQDD3Hc+fvAollH0EOeDbzQ80k/59ND4WCjOInPR05HFnQz5T
15iWPY7tOr2aJtirR5tocYXnsU1rl/PIW0b7nixsymXzEipvp8bq268cO7wamCke
rrmOOjScLhnUof8zChg8fRqtRP8AnXZEh5j533V31t9jRotz/HcOhp9XByO93YFk
9aH28Xq2RkXw8MNRhQB+PYQG1+feWQ/D9o8PBB+GvK1c33jh6T51e5N0UA8nsPlF
wMAWkCFUvocVolFKnW1ORck/OlWEp/Bk6b7ORV35PoQsWu8B4iGtFXihQQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ6hW1PHQ5R8OR3ZM7viyCLeAH8uMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvbnFGYlU4ZERsSHc1SGRrenUtTElJdDRBZnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsAgAwQE
UVrQAwQCW8wQAwQCuZV8AwQCub4AMA0EAgACMAcDBQAqAhN4MA0GCSqGSIb3DQEB
CwUAA4IBAQCDdkF9ZwEjJM0HHgubfOvKQcTUnN0d76YlniI3l17p2PgoiAQTdxJV
fDuOq6pBOgRCD8WL//URxMI7wjLPZ4Um5Cq/pUWaCZGSSmSpq/XTnlU8LKEB1Bix
GHTsjwmA0Wugdu8l3npoQmiNYJNByiVgk0iy7QPM6J4D0tKUooKDFhHr6F01Tr2A
ANhAXEmuZnYeyjrPFm02MopkdsQp6Nc0W0/YcNfu2ohTNAtGaAqzjcVcQNzqx9jV
CQVXtMJGKqLl8cEczkdiTmMFMiJih7Ma9RfTGzUF5xbWQstT09qdt4mKEjLHwwvf
bA4uk8Vhugw4b6lajcyPLdY53IRQIc6M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:43 2024 by rpki-client on console-fra.rpki-client.org