Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/Nz8fWM987C8RP0zSpK75FllPnHI.roa
File: Nz8fWM987C8RP0zSpK75FllPnHI.roa (raw, json)
Hash identifier: yG0VXatAoHs1e3kgWQKnDSkZeG3mjoSB4LzYKzInJ/8=
Subject key identifier: 37:3F:1F:58:CF:7C:EC:2F:11:3F:4C:D2:A4:AE:F9:16:59:4F:9C:72
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 018AB6688366058D134F5EB41D704EE441E7
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/Nz8fWM987C8RP0zSpK75FllPnHI.roa
Signing time: Thu 21 Sep 2023 06:23:37 +0000
ROA not before: Thu 21 Sep 2023 06:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 193.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 21:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:68:83:66:05:8d:13:4f:5e:b4:1d:70:4e:e4:41:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Sep 21 06:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=373f1f58cf7cec2f113f4cd2a4aef916594f9c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1d:f8:e1:c8:a9:92:70:86:5f:31:00:6c:f6:
5c:63:4b:ab:81:79:19:de:91:0a:c9:16:47:27:38:
61:f9:df:b5:ba:4e:96:97:29:0c:20:0b:50:90:6a:
c8:f2:c8:18:f2:f0:a6:a0:35:7f:39:8f:4f:f2:c3:
17:93:de:3f:f3:59:ac:e6:99:6f:62:e6:1e:8a:0f:
7b:8c:50:5f:6b:f9:e0:95:a3:78:60:00:83:81:c8:
1c:ff:ec:56:91:7e:74:fc:22:20:af:3f:1e:f7:01:
d0:a4:17:2a:8f:d6:d1:94:7b:c5:6f:c1:73:6f:54:
e8:7d:fb:f3:45:5e:3a:e9:64:d5:63:1d:e5:52:97:
ea:40:b9:46:41:16:a6:11:df:32:35:e6:85:b2:3d:
ea:71:73:d0:4a:23:43:0a:46:47:cf:48:8c:a7:1a:
6b:10:79:0a:94:be:c1:fe:cc:64:af:13:71:76:eb:
4f:65:74:c6:79:c5:7d:40:08:9a:76:3c:fa:b6:56:
9a:ca:64:1f:31:c8:ce:92:6a:d3:b9:00:8b:d1:a9:
65:ba:37:a4:66:e0:e0:8a:32:70:28:1b:d3:82:82:
24:6c:d2:be:61:c3:a0:ec:39:ac:99:ca:d8:0d:bf:
8e:70:a8:a1:27:e8:6f:61:f2:0f:c6:d2:2b:1e:2a:
5f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3F:1F:58:CF:7C:EC:2F:11:3F:4C:D2:A4:AE:F9:16:59:4F:9C:72
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/Nz8fWM987C8RP0zSpK75FllPnHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.129.0/24
Signature Algorithm: sha256WithRSAEncryption
28:cd:ab:54:a6:1e:2b:65:c2:34:7e:0f:71:0a:ed:c3:5a:f9:
32:10:1f:20:44:fe:37:e7:f1:b0:fe:b6:59:0b:9c:9b:f3:2d:
ea:b5:e4:90:30:30:31:16:41:2c:c7:2a:16:21:e9:fa:da:7a:
bd:fb:68:6c:a0:be:05:ad:40:2f:f3:8d:f5:ca:d4:c7:06:bb:
10:5b:65:13:47:73:b0:09:e0:8b:79:b2:33:41:34:45:b8:cf:
10:09:37:c6:a1:31:2a:79:32:db:a5:b4:1e:c2:e7:62:c9:53:
19:82:0a:82:b8:f8:7f:29:58:0d:ce:36:7c:91:95:22:78:3a:
0c:9b:6c:75:af:56:e0:32:79:bf:19:da:1b:c9:a3:d7:ed:e0:
87:77:30:58:ef:c9:9f:30:1e:46:79:97:99:76:db:38:0b:b3:
c9:01:68:7d:c7:53:05:82:2c:27:24:ad:25:09:cd:0d:4c:c0:
ec:4a:48:bc:01:4d:48:b2:5d:fb:3b:6f:d6:b0:95:83:75:c7:
bc:3d:66:49:c4:af:b7:20:30:fd:5a:c1:5f:51:3e:0f:7c:35:
9d:cc:ae:17:5d:18:11:fa:e2:89:76:26:ad:8b:e6:c5:57:15:
cf:ba:71:00:01:75:44:ed:7c:3e:ca:57:16:fc:94:a9:d3:db:
84:0c:61:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq2aINmBY0TT160HXBO5EHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjMwOTIxMDYyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNmMWY1OGNmN2NlYzJmMTEzZjRjZDJhNGFlZjkxNjU5NGY5YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh344cipknCGXzEAbPZcY0urgXkZ
3pEKyRZHJzhh+d+1uk6WlykMIAtQkGrI8sgY8vCmoDV/OY9P8sMXk94/81ms5plv
YuYeig97jFBfa/nglaN4YACDgcgc/+xWkX50/CIgrz8e9wHQpBcqj9bRlHvFb8Fz
b1ToffvzRV466WTVYx3lUpfqQLlGQRamEd8yNeaFsj3qcXPQSiNDCkZHz0iMpxpr
EHkKlL7B/sxkrxNxdutPZXTGecV9QAiadjz6tlaaymQfMcjOkmrTuQCL0allujek
ZuDgijJwKBvTgoIkbNK+YcOg7DmsmcrYDb+OcKihJ+hvYfIPxtIrHipfbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDc/H1jPfOwvET9M0qSu+RZZT5xyMB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvTno4ZldNOTg3QzhSUDB6U3BLNzVGbGxQbkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRaBMA0G
CSqGSIb3DQEBCwUAA4IBAQAozatUph4rZcI0fg9xCu3DWvkyEB8gRP435/Gw/rZZ
C5yb8y3qteSQMDAxFkEsxyoWIen62nq9+2hsoL4FrUAv8431ytTHBrsQW2UTR3Ow
CeCLebIzQTRFuM8QCTfGoTEqeTLbpbQewudiyVMZggqCuPh/KVgNzjZ8kZUieDoM
m2x1r1bgMnm/GdobyaPX7eCHdzBY78mfMB5GeZeZdts4C7PJAWh9x1MFgiwnJK0l
Cc0NTMDsSki8AU1Isl37O2/WsJWDdce8PWZJxK+3IDD9WsFfUT4PfDWdzK4XXRgR
+uKJdiati+bFVxXPunEAAXVE7Xw+ylcW/JSp09uEDGFm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:23 2024 by rpki-client on console-ams.rpki-client.org