Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/9cae3a-08ba-466a-9a9a-c730c4916879/1/Nieem2HHP-pTb3gN0YKp_pvU6wQ.roa
File: Nieem2HHP-pTb3gN0YKp_pvU6wQ.roa (raw, json)
Hash identifier: D7ABc4IgoKStOYQSjUOK14ptTuNypbHg0t60Br6C/Ag=
Subject key identifier: 36:27:9E:9B:61:C7:3F:EA:53:6F:78:0D:D1:82:A9:FE:9B:D4:EB:04
Certificate issuer: /CN=e3d4d08ab0892daa5cdf088c535accab0942f8e3
Certificate serial: 0188B4AF3D72A4C95DC36C110BF08ECD2E17
Authority key identifier: E3:D4:D0:8A:B0:89:2D:AA:5C:DF:08:8C:53:5A:CC:AB:09:42:F8:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49TQirCJLapc3wiMU1rMqwlC-OM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/9cae3a-08ba-466a-9a9a-c730c4916879/1/Nieem2HHP-pTb3gN0YKp_pvU6wQ.roa
Signing time: Tue 13 Jun 2023 12:16:03 +0000
ROA not before: Tue 13 Jun 2023 12:16:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24589
IP address blocks: 94.103.48.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:af:3d:72:a4:c9:5d:c3:6c:11:0b:f0:8e:cd:2e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d4d08ab0892daa5cdf088c535accab0942f8e3
Validity
Not Before: Jun 13 12:16:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36279e9b61c73fea536f780dd182a9fe9bd4eb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cc:ea:6f:a4:d3:62:de:7b:65:00:e2:3e:86:
1c:c1:06:82:32:e1:0d:e7:6a:6c:31:65:ed:14:5a:
ff:c6:90:dd:93:2c:84:e1:bd:8f:e9:07:d3:e0:e7:
2e:c9:63:ad:43:59:0b:7f:7e:85:ea:b9:2c:bf:bb:
e3:84:97:07:cd:db:d2:71:d2:a2:23:1e:61:09:b7:
28:91:7f:d0:25:37:36:73:d1:f2:be:44:c6:31:0f:
dd:d3:86:62:4e:75:a2:87:09:b4:ae:46:68:20:4b:
2d:0f:d1:a6:7c:03:06:8e:eb:6d:5c:00:db:49:9e:
07:98:27:19:a7:0d:56:dc:09:66:54:89:6e:cf:c9:
b1:b3:77:dc:cf:b4:85:ba:65:d5:9c:10:f7:90:e5:
8f:2e:51:13:d3:f4:02:78:21:fd:1c:e8:8e:cf:b0:
86:70:19:3e:98:20:0e:bc:0f:95:20:6c:c3:7b:44:
12:2f:d8:45:ef:db:25:ca:71:c0:e5:8a:34:d9:94:
5a:cd:d3:e2:88:89:cd:35:47:e6:a3:a9:e0:a6:e5:
2e:79:51:42:f5:54:e9:58:c6:ab:9d:a1:6a:7f:d5:
55:8a:7c:17:37:71:6d:6e:68:56:42:a8:46:f8:55:
a3:dd:f1:a2:60:ce:68:12:1b:46:51:69:aa:25:ca:
7a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:27:9E:9B:61:C7:3F:EA:53:6F:78:0D:D1:82:A9:FE:9B:D4:EB:04
X509v3 Authority Key Identifier:
keyid:E3:D4:D0:8A:B0:89:2D:AA:5C:DF:08:8C:53:5A:CC:AB:09:42:F8:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49TQirCJLapc3wiMU1rMqwlC-OM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/9cae3a-08ba-466a-9a9a-c730c4916879/1/Nieem2HHP-pTb3gN0YKp_pvU6wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/9cae3a-08ba-466a-9a9a-c730c4916879/1/49TQirCJLapc3wiMU1rMqwlC-OM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.48.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:b6:7b:2d:71:e8:49:a5:2c:1f:6f:c4:45:1f:e1:bf:7f:97:
d7:9e:80:df:74:b4:6a:99:09:65:e6:07:75:73:00:5d:48:ac:
06:1c:10:bb:67:69:68:99:83:de:a6:82:4e:49:31:1f:a8:f3:
23:92:d8:aa:04:fe:54:d6:28:b1:ef:05:43:1d:a3:ef:67:8f:
d2:6c:59:b8:69:45:78:8a:20:bc:b1:c8:98:dd:1c:88:81:62:
36:a2:01:33:fd:f3:d9:61:0b:57:02:22:94:4d:54:31:7b:93:
b9:cb:1b:d9:6f:b1:d2:be:9c:97:50:9e:46:15:f5:39:1e:9e:
76:56:87:4a:6a:eb:4d:be:8d:c2:e1:55:e3:f3:2b:ee:a2:f6:
68:75:7f:a1:e3:2d:e0:82:dc:97:1d:d7:95:45:20:b0:9e:8b:
27:82:41:31:e2:45:a9:3d:70:4e:59:b9:e1:28:a0:1b:4c:88:
9c:79:ed:05:60:0d:8c:4f:15:c7:fd:e6:ff:d6:77:dc:b0:ab:
00:ef:7d:a0:7b:25:01:5c:2c:24:7e:81:cc:78:c3:e4:5a:00:
53:fb:f3:be:bb:5e:74:6a:5e:d3:ec:5b:49:64:79:74:a6:2b:
9e:3b:59:94:1c:7e:e2:77:e9:4d:83:5b:67:81:de:ee:da:64:
8c:db:4b:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi0rz1ypMldw2wRC/COzS4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDRkMDhhYjA4OTJkYWE1Y2RmMDg4YzUzNWFjY2FiMDk0
MmY4ZTMwHhcNMjMwNjEzMTIxNjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI3OWU5YjYxYzczZmVhNTM2Zjc4MGRkMTgyYTlmZTliZDRlYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnszqb6TTYt57ZQDiPoYcwQaCMuEN
52psMWXtFFr/xpDdkyyE4b2P6QfT4OcuyWOtQ1kLf36F6rksv7vjhJcHzdvScdKi
Ix5hCbcokX/QJTc2c9HyvkTGMQ/d04ZiTnWihwm0rkZoIEstD9GmfAMGjuttXADb
SZ4HmCcZpw1W3AlmVIluz8mxs3fcz7SFumXVnBD3kOWPLlET0/QCeCH9HOiOz7CG
cBk+mCAOvA+VIGzDe0QSL9hF79slynHA5Yo02ZRazdPiiInNNUfmo6ngpuUueVFC
9VTpWMarnaFqf9VVinwXN3FtbmhWQqhG+FWj3fGiYM5oEhtGUWmqJcp6PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYnnpthxz/qU294DdGCqf6b1OsEMB8GA1UdIwQY
MBaAFOPU0IqwiS2qXN8IjFNazKsJQvjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlUUWlyQ0pMYXBjM3dpTVUxck1xd2xDLU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85Y2FlM2EtMDhiYS00NjZhLTlhOWEt
YzczMGM0OTE2ODc5LzEvTmllZW0ySEhQLXBUYjNnTjBZS3BfcHZVNndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85Y2FlM2EtMDhiYS00NjZhLTlhOWEtYzczMGM0OTE2ODc5
LzEvNDlUUWlyQ0pMYXBjM3dpTVUxck1xd2xDLU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEXmcwMA0G
CSqGSIb3DQEBCwUAA4IBAQAttnstcehJpSwfb8RFH+G/f5fXnoDfdLRqmQll5gd1
cwBdSKwGHBC7Z2lomYPepoJOSTEfqPMjktiqBP5U1iix7wVDHaPvZ4/SbFm4aUV4
iiC8sciY3RyIgWI2ogEz/fPZYQtXAiKUTVQxe5O5yxvZb7HSvpyXUJ5GFfU5Hp52
VodKautNvo3C4VXj8yvuovZodX+h4y3ggtyXHdeVRSCwnosngkEx4kWpPXBOWbnh
KKAbTIicee0FYA2MTxXH/eb/1nfcsKsA732geyUBXCwkfoHMeMPkWgBT+/O+u150
al7T7FtJZHl0piueO1mUHH7id+lNg1tngd7u2mSM20uU
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:13 2024 by rpki-client on console-ams.rpki-client.org