Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/nKIVnqZl6q7HlOwhQm_HYD6W-Ro.roa
File: nKIVnqZl6q7HlOwhQm_HYD6W-Ro.roa (raw, json)
Hash identifier: jOpPIXVE8tmYTLDV0JnTacMtIdWH/2WHdftnr3aqEV8=
Subject key identifier: 9C:A2:15:9E:A6:65:EA:AE:C7:94:EC:21:42:6F:C7:60:3E:96:F9:1A
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018BA3ECF081938EBAE6CB2F3763CF5137A8
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/nKIVnqZl6q7HlOwhQm_HYD6W-Ro.roa
Signing time: Mon 06 Nov 2023 09:18:16 +0000
ROA not before: Mon 06 Nov 2023 09:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.243.179.0/24 maxlen: 24
195.242.240.0/24 maxlen: 24
89.46.8.0/24 maxlen: 24
93.114.62.0/24 maxlen: 24
93.114.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:ec:f0:81:93:8e:ba:e6:cb:2f:37:63:cf:51:37:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Nov 6 09:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ca2159ea665eaaec794ec21426fc7603e96f91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:ca:f1:e9:ab:4a:a3:91:49:2e:8f:fc:dc:
2c:bc:04:69:c5:7e:9d:cf:0d:01:db:2c:fe:3d:53:
59:75:c0:cb:38:ca:6e:c2:01:bb:ea:0a:9a:a5:b0:
55:ff:fe:7e:a4:a7:56:40:2e:a2:ce:5b:fc:87:38:
b9:12:a8:7a:8f:75:7d:c1:f7:4b:fd:38:57:80:87:
1a:6d:52:ef:44:58:5d:25:c8:34:f4:e8:70:0b:98:
9a:22:ff:bb:6d:39:8b:9f:28:44:0f:35:50:0b:43:
ab:31:d0:ec:f2:63:0b:fe:f4:b5:f0:45:e7:fb:dd:
47:c9:06:61:10:b2:aa:de:bc:e2:64:af:22:b0:0f:
a3:e1:c7:c8:e4:8b:b3:8b:4d:b7:9b:78:4f:82:df:
98:6d:9a:bd:af:11:39:c7:4f:cf:3e:05:b6:4c:ea:
90:20:3d:2e:68:a1:0a:be:5c:dd:6a:f3:57:e7:42:
64:55:0c:0c:00:66:64:6d:99:ae:1f:40:d7:e1:26:
e0:4f:0d:b9:7a:3a:b0:86:10:89:98:ea:17:23:b4:
0e:a8:d0:fb:52:0e:bb:35:e8:db:fd:f9:ab:e3:f4:
64:b1:0a:e3:39:e2:d6:f2:96:7b:96:4b:01:da:87:
6b:af:ab:a1:a8:d0:6d:d2:85:fb:50:6b:7f:d0:f1:
ba:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A2:15:9E:A6:65:EA:AE:C7:94:EC:21:42:6F:C7:60:3E:96:F9:1A
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/nKIVnqZl6q7HlOwhQm_HYD6W-Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.8.0/24
91.243.179.0/24
93.114.60.0/24
93.114.62.0/24
195.242.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:18:9a:75:b3:dc:a3:b7:db:4d:05:7a:ec:08:de:27:d7:f2:
f2:0d:ef:ba:6f:53:23:ec:85:62:48:8d:07:24:1c:dc:bc:7b:
b4:f2:5a:56:98:f8:0f:3c:aa:a5:b4:f9:ad:3e:42:4a:ab:80:
57:30:90:7f:04:3f:f9:f9:b9:23:70:ba:96:65:f7:9f:c6:ae:
fc:1a:51:12:7a:32:ff:ca:c6:f8:b6:9e:9a:83:65:75:8a:27:
7e:69:53:6b:22:82:4b:02:c9:94:e2:95:55:0b:b9:10:03:8b:
39:cb:8b:fe:3f:db:07:8f:82:21:b7:a9:9f:1c:64:8d:73:35:
fd:ed:7c:5b:48:21:df:b5:01:8e:13:5d:78:3f:21:77:86:b5:
13:63:33:35:c9:d0:e1:e6:19:6d:85:f3:0b:8f:13:ab:10:b9:
89:e7:95:b8:ef:10:d6:2c:c2:06:b0:27:05:58:27:1e:ac:5f:
de:1a:4d:cf:5e:6e:00:59:ea:14:a2:08:c0:38:c1:28:00:54:
43:6f:2a:0a:cb:6d:67:12:b1:ae:53:24:b0:8c:a1:d4:bc:ef:
16:01:a6:8e:31:e3:ec:63:7e:e8:23:bf:6b:34:4f:de:ce:88:
be:30:b3:de:0f:38:ee:23:c8:77:d3:c2:3d:64:2f:97:d0:bb:
58:66:14:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuj7PCBk4665ssvN2PPUTeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMTA2MDkxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2EyMTU5ZWE2NjVlYWFlYzc5NGVjMjE0MjZmYzc2MDNlOTZmOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDrK8emrSqORSS6P/NwsvARpxX6d
zw0B2yz+PVNZdcDLOMpuwgG76gqapbBV//5+pKdWQC6izlv8hzi5Eqh6j3V9wfdL
/ThXgIcabVLvRFhdJcg09OhwC5iaIv+7bTmLnyhEDzVQC0OrMdDs8mML/vS18EXn
+91HyQZhELKq3rziZK8isA+j4cfI5Iuzi023m3hPgt+YbZq9rxE5x0/PPgW2TOqQ
ID0uaKEKvlzdavNX50JkVQwMAGZkbZmuH0DX4SbgTw25ejqwhhCJmOoXI7QOqND7
Ug67Nejb/fmr4/RksQrjOeLW8pZ7lksB2odrr6uhqNBt0oX7UGt/0PG6PwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJyiFZ6mZequx5TsIUJvx2A+lvkaMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvbktJVm5xWmw2cTdIbE93aFFtX0hZRDZXLVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWS4IAwQA
W/OzAwQAXXI8AwQAXXI+AwQAw/LwMA0GCSqGSIb3DQEBCwUAA4IBAQBNGJp1s9yj
t9tNBXrsCN4n1/LyDe+6b1Mj7IViSI0HJBzcvHu08lpWmPgPPKqltPmtPkJKq4BX
MJB/BD/5+bkjcLqWZfefxq78GlESejL/ysb4tp6ag2V1iid+aVNrIoJLAsmU4pVV
C7kQA4s5y4v+P9sHj4Iht6mfHGSNczX97XxbSCHftQGOE114PyF3hrUTYzM1ydDh
5hlthfMLjxOrELmJ55W47xDWLMIGsCcFWCcerF/eGk3PXm4AWeoUogjAOMEoAFRD
byoKy21nErGuUySwjKHUvO8WAaaOMePsY37oI79rNE/ezoi+MLPeDzjuI8h308I9
ZC+X0LtYZhRS
-----END CERTIFICATE-----
Generated at Mon Nov 13 10:22:46 2023 by rpki-client on console-ams.rpki-client.org