Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/npOvNTY8X2DD6ke4htA1MbbAfNI.roa
File: npOvNTY8X2DD6ke4htA1MbbAfNI.roa (raw, json)
Hash identifier: 3fj9Ed6TIN5jX3eqerFwCVKOzknEqPpmed8QvWtaZQU=
Subject key identifier: 9E:93:AF:35:36:3C:5F:60:C3:EA:47:B8:86:D0:35:31:B6:C0:7C:D2
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 018D3AE522A2B279C3B4F09215FA23FF7E79
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/npOvNTY8X2DD6ke4htA1MbbAfNI.roa
Signing time: Wed 24 Jan 2024 09:55:11 +0000
ROA not before: Wed 24 Jan 2024 09:55:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.8.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 22 Feb 2024 15:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:e5:22:a2:b2:79:c3:b4:f0:92:15:fa:23:ff:7e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Jan 24 09:55:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e93af35363c5f60c3ea47b886d03531b6c07cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:1e:ba:2d:5a:d7:b2:94:21:de:ee:fa:7b:
ba:df:07:55:0c:16:c3:76:b2:77:24:47:6a:19:63:
2e:c5:6a:58:50:7f:09:d9:0d:68:1a:2f:6b:25:f5:
ff:bd:28:7f:62:37:64:bd:50:98:8f:97:2a:09:85:
0c:fc:78:97:91:cd:62:d1:55:0b:5d:ba:a6:de:ad:
ce:5b:f2:b5:53:cf:b4:99:b4:c4:98:6f:85:f3:cb:
eb:00:85:cc:48:bb:01:eb:c6:0a:58:d4:08:74:c0:
53:76:df:82:e0:50:bc:cf:4b:28:32:1d:83:56:fb:
6d:41:83:7d:08:09:10:40:45:35:91:62:bb:7c:53:
9e:26:ea:c4:84:1c:90:01:f7:77:99:a4:61:be:e4:
76:a3:0a:8d:37:8f:15:c4:1b:8c:18:0f:3b:66:23:
02:40:38:1d:e7:c1:0b:12:d1:5e:67:1d:94:64:59:
8c:63:f9:22:34:66:26:12:fc:84:28:5f:e8:c2:fc:
54:dd:e8:db:6d:00:94:8c:fb:29:0e:a2:a5:61:21:
04:12:17:48:52:a4:f5:4b:f1:a1:d9:32:c7:b9:d4:
28:d6:d0:4c:36:3f:9f:cb:98:75:70:34:68:cb:ef:
86:74:fc:cc:d2:ab:3e:aa:22:61:cc:06:30:2c:ce:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:93:AF:35:36:3C:5F:60:C3:EA:47:B8:86:D0:35:31:B6:C0:7C:D2
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/npOvNTY8X2DD6ke4htA1MbbAfNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
07:0e:b1:43:5d:b7:c7:15:fa:93:82:20:e5:2c:68:eb:70:72:
bc:91:64:60:56:d5:15:00:f2:54:23:97:b7:7f:50:fb:78:ad:
0d:da:d2:22:ae:e3:a3:03:7d:a5:b0:f4:0e:06:64:84:f8:f9:
f9:27:e0:24:dd:9e:75:5c:d5:15:5e:1c:1c:f4:2b:1c:ea:5e:
f2:ac:e3:44:59:ac:53:f5:30:4f:09:9b:df:f3:24:b1:47:53:
95:52:88:86:79:d2:da:4c:4f:0a:d2:01:41:24:d7:69:b7:4f:
86:e4:fb:7e:3c:6f:07:ed:42:90:b1:74:20:8a:eb:60:cf:a7:
05:88:56:48:75:a8:4c:a4:fe:9f:34:02:47:7d:a7:47:f2:48:
9e:22:1d:a1:93:ac:6f:7f:fc:e8:af:e7:20:b3:a4:4b:29:1a:
31:82:f7:51:92:0e:25:ec:2c:29:fd:c4:0b:d0:96:b7:05:d4:
3f:22:0b:f7:56:6d:0c:38:5c:ff:ef:10:5a:84:13:2c:bb:71:
8e:54:4d:15:d3:77:33:b4:2a:35:dc:f2:59:db:ec:4f:69:36:
a2:d1:0d:e0:fa:4b:fc:de:de:8e:96:83:86:a9:33:39:54:ae:
d1:07:bf:e3:5b:10:4c:8f:c2:b9:8c:aa:0a:d3:8d:52:83:f0:
76:d1:9b:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY065SKisnnDtPCSFfoj/355MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjQwMTI0MDk1NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkzYWYzNTM2M2M1ZjYwYzNlYTQ3Yjg4NmQwMzUzMWI2YzA3Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI4eui1a17KUId7u+nu63wdVDBbD
drJ3JEdqGWMuxWpYUH8J2Q1oGi9rJfX/vSh/YjdkvVCYj5cqCYUM/HiXkc1i0VUL
Xbqm3q3OW/K1U8+0mbTEmG+F88vrAIXMSLsB68YKWNQIdMBTdt+C4FC8z0soMh2D
VvttQYN9CAkQQEU1kWK7fFOeJurEhByQAfd3maRhvuR2owqNN48VxBuMGA87ZiMC
QDgd58ELEtFeZx2UZFmMY/kiNGYmEvyEKF/owvxU3ejbbQCUjPspDqKlYSEEEhdI
UqT1S/Gh2TLHudQo1tBMNj+fy5h1cDRoy++GdPzM0qs+qiJhzAYwLM6DKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6TrzU2PF9gw+pHuIbQNTG2wHzSMB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvbnBPdk5UWThYMkRENmtlNGh0QTFNYmJBZk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQjsMA0G
CSqGSIb3DQEBCwUAA4IBAQAHDrFDXbfHFfqTgiDlLGjrcHK8kWRgVtUVAPJUI5e3
f1D7eK0N2tIiruOjA32lsPQOBmSE+Pn5J+Ak3Z51XNUVXhwc9Csc6l7yrONEWaxT
9TBPCZvf8ySxR1OVUoiGedLaTE8K0gFBJNdpt0+G5Pt+PG8H7UKQsXQgiutgz6cF
iFZIdahMpP6fNAJHfadH8kieIh2hk6xvf/zor+cgs6RLKRoxgvdRkg4l7Cwp/cQL
0Ja3BdQ/Igv3Vm0MOFz/7xBahBMsu3GOVE0V03cztCo13PJZ2+xPaTai0Q3g+kv8
3t6OloOGqTM5VK7RB7/jWxBMj8K5jKoK041Sg/B20ZsF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:43 2025 by rpki-client