Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/nNas0ScdUREMa46Y2zGdJu6DqOE.roa
File: nNas0ScdUREMa46Y2zGdJu6DqOE.roa (raw, json)
Hash identifier: AiwMGIvnM0m939KaMUtP/e3Ovc+GdXS2AYepMa2ZkWo=
Subject key identifier: 9C:D6:AC:D1:27:1D:51:11:0C:6B:8E:98:DB:31:9D:26:EE:83:A8:E1
Certificate issuer: /CN=d0bfadf29239ed8cf3f6c693d8bdb79f42000abc
Certificate serial: 018BF21D320D2CB12FE8AE99652808EC7F1A
Authority key identifier: D0:BF:AD:F2:92:39:ED:8C:F3:F6:C6:93:D8:BD:B7:9F:42:00:0A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0L-t8pI57Yzz9saT2L23n0IACrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/nNas0ScdUREMa46Y2zGdJu6DqOE.roa
Signing time: Tue 21 Nov 2023 13:41:21 +0000
ROA not before: Tue 21 Nov 2023 13:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38934
IP address blocks: 80.251.48.0/20 maxlen: 24
193.178.120.0/22 maxlen: 24
5.158.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:1d:32:0d:2c:b1:2f:e8:ae:99:65:28:08:ec:7f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0bfadf29239ed8cf3f6c693d8bdb79f42000abc
Validity
Not Before: Nov 21 13:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd6acd1271d51110c6b8e98db319d26ee83a8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:88:a4:f4:0d:b9:a4:35:5a:16:ff:9a:7d:73:
52:48:8e:17:63:ea:2e:72:27:ab:6f:84:d9:fb:12:
37:b4:68:40:74:e2:5a:6b:fa:69:2c:fe:c7:ce:89:
6f:c7:ce:15:56:8a:48:3a:89:84:e1:e2:63:67:71:
3f:fe:54:3a:9e:be:42:af:0e:57:a1:2d:ff:9c:d0:
52:8c:2b:b7:d6:36:41:6b:04:37:52:2a:46:d9:7d:
6d:1f:91:2e:1e:81:ca:98:fc:ba:72:84:85:2e:91:
37:42:93:15:11:79:fd:ba:bb:55:b7:13:b7:25:59:
15:48:1e:5b:86:7c:a3:57:ba:34:48:1e:17:c9:3e:
1d:43:68:2b:18:b5:ee:90:28:53:d0:21:70:98:6b:
7b:7a:d5:12:d9:13:5b:12:af:e6:3f:22:58:d0:50:
da:16:b7:a4:b8:7e:c5:c5:91:ac:f5:64:b6:58:e5:
4c:0f:37:a7:82:85:23:be:37:99:c5:65:50:26:c6:
87:5e:83:f6:28:f3:18:73:f0:6f:2f:69:f8:92:a0:
12:d2:06:3c:83:f9:f3:12:8d:9b:b8:84:ca:bf:c0:
af:09:bb:8a:3b:f6:0e:a2:2a:b3:39:b1:7b:d0:b5:
9e:7d:3e:5a:39:8d:4e:de:87:87:a1:2f:9e:c0:5e:
d3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D6:AC:D1:27:1D:51:11:0C:6B:8E:98:DB:31:9D:26:EE:83:A8:E1
X509v3 Authority Key Identifier:
keyid:D0:BF:AD:F2:92:39:ED:8C:F3:F6:C6:93:D8:BD:B7:9F:42:00:0A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0L-t8pI57Yzz9saT2L23n0IACrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/nNas0ScdUREMa46Y2zGdJu6DqOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/0L-t8pI57Yzz9saT2L23n0IACrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.96.0/19
80.251.48.0/20
193.178.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:4d:e0:49:5d:04:c9:35:4c:31:87:bf:36:2f:3a:a3:a6:31:
ff:07:fb:25:b2:9b:4e:72:ca:02:6e:d8:b0:df:5d:6b:79:76:
e5:b8:1f:b7:26:23:1c:f7:73:bd:54:95:3e:3b:53:d2:24:e5:
82:52:54:48:5d:ca:be:8b:2a:3f:49:11:47:71:db:1a:02:5a:
e8:1e:0c:a6:b3:7f:a0:dd:84:f2:6a:f4:40:70:41:bc:30:3f:
7f:2b:9b:61:ac:ed:97:cb:b7:f5:9d:c5:20:4a:fd:df:62:e9:
75:f1:62:1a:77:4d:05:f6:55:fa:29:1a:9f:de:02:10:24:fd:
67:14:e4:6f:f3:09:9c:48:09:f2:77:87:c6:66:c9:37:97:8c:
80:d6:36:f5:94:ba:97:a1:53:b7:31:e9:2e:ce:bd:e2:8f:4a:
28:ff:7a:86:bf:14:03:fa:9c:74:09:cc:34:2b:70:e3:f7:4d:
bd:67:6a:1c:85:88:fc:73:48:0d:c7:fc:2d:2d:8b:52:9d:b0:
da:d3:23:d3:d4:f0:27:77:71:2f:ac:e5:a5:32:a4:80:0b:0f:
9c:3c:15:93:b8:9d:60:fe:c4:5c:b5:f3:dc:41:72:5f:80:25:
df:a2:71:33:1f:62:7a:97:93:c5:14:e9:0e:88:1a:30:31:3a:
33:f0:48:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvyHTINLLEv6K6ZZSgI7H8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYmZhZGYyOTIzOWVkOGNmM2Y2YzY5M2Q4YmRiNzlmNDIw
MDBhYmMwHhcNMjMxMTIxMTM0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q2YWNkMTI3MWQ1MTExMGM2YjhlOThkYjMxOWQyNmVlODNhOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Yik9A25pDVaFv+afXNSSI4XY+ou
cierb4TZ+xI3tGhAdOJaa/ppLP7Hzolvx84VVopIOomE4eJjZ3E//lQ6nr5Crw5X
oS3/nNBSjCu31jZBawQ3UipG2X1tH5EuHoHKmPy6coSFLpE3QpMVEXn9urtVtxO3
JVkVSB5bhnyjV7o0SB4XyT4dQ2grGLXukChT0CFwmGt7etUS2RNbEq/mPyJY0FDa
FrekuH7FxZGs9WS2WOVMDzengoUjvjeZxWVQJsaHXoP2KPMYc/BvL2n4kqAS0gY8
g/nzEo2buITKv8CvCbuKO/YOoiqzObF70LWefT5aOY1O3oeHoS+ewF7TmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJzWrNEnHVERDGuOmNsxnSbug6jhMB8GA1UdIwQY
MBaAFNC/rfKSOe2M8/bGk9i9t59CAAq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEwtdDhwSTU3WXp6OXNhVDJMMjNuMElBQ3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jZmE5Y2QtOGQ3Yi00YTM1LTgyZDAt
N2JiMzY1ZjM0YzZjLzEvbk5hczBTY2RVUkVNYTQ2WTJ6R2RKdTZEcU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jZmE5Y2QtOGQ3Yi00YTM1LTgyZDAtN2JiMzY1ZjM0YzZj
LzEvMEwtdDhwSTU3WXp6OXNhVDJMMjNuMElBQ3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBZ5gAwQE
UPswAwQCwbJ4MA0GCSqGSIb3DQEBCwUAA4IBAQCKTeBJXQTJNUwxh782LzqjpjH/
B/slsptOcsoCbtiw311reXbluB+3JiMc93O9VJU+O1PSJOWCUlRIXcq+iyo/SRFH
cdsaAlroHgyms3+g3YTyavRAcEG8MD9/K5thrO2Xy7f1ncUgSv3fYul18WIad00F
9lX6KRqf3gIQJP1nFORv8wmcSAnyd4fGZsk3l4yA1jb1lLqXoVO3Mekuzr3ij0oo
/3qGvxQD+px0Ccw0K3Dj9029Z2ochYj8c0gNx/wtLYtSnbDa0yPT1PAnd3EvrOWl
MqSACw+cPBWTuJ1g/sRctfPcQXJfgCXfonEzH2J6l5PFFOkOiBowMToz8EiS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:42 2024 by rpki-client on console-ams.rpki-client.org