Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/NNFrrWKlsYQY0DWbrDkrDMr9BFo.roa
File: NNFrrWKlsYQY0DWbrDkrDMr9BFo.roa (raw, json)
Hash identifier: /LtHoRUAJmbsLvsuBCY0KyAUP71aJHY+zTTYPuUdkhw=
Subject key identifier: 34:D1:6B:AD:62:A5:B1:84:18:D0:35:9B:AC:39:2B:0C:CA:FD:04:5A
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 018B1EE4DA90BB1A99897BC5FC8B8BD9CB13
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/NNFrrWKlsYQY0DWbrDkrDMr9BFo.roa
Signing time: Wed 11 Oct 2023 13:19:56 +0000
ROA not before: Wed 11 Oct 2023 13:19:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/23 maxlen: 24
2a12:6900::/36 maxlen: 64
Validation: Failed, certificate revoked on Fri 24 Nov 2023 13:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:e4:da:90:bb:1a:99:89:7b:c5:fc:8b:8b:d9:cb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Oct 11 13:19:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d16bad62a5b18418d0359bac392b0ccafd045a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ec:02:8b:da:67:d0:9d:10:4f:b3:7a:0e:29:
49:2a:8f:5c:e1:43:13:ad:1d:12:12:22:51:e0:52:
ab:2e:68:61:6a:fd:ee:dd:09:a7:4c:6f:60:48:d5:
ed:cc:12:dc:e7:e1:99:cf:e1:ea:4a:1b:1f:cf:52:
70:6a:7b:d8:cf:26:d2:9a:e9:11:6a:a9:64:c7:d9:
c1:5f:73:f2:8f:e0:77:a6:a9:9f:44:8e:9c:70:f2:
e7:70:3a:74:34:39:43:ad:50:fc:9b:0f:f4:b9:af:
26:7e:b3:61:68:19:bc:d3:93:8f:c4:c7:85:97:97:
ea:c0:b7:c0:4e:6f:9f:b0:e7:23:8d:c1:d5:9e:c2:
fb:81:16:35:3c:41:1d:b3:ee:2b:4a:6a:12:68:ab:
7a:20:82:4d:42:7b:07:d2:a4:8e:ed:26:3b:36:00:
07:a9:85:9c:69:48:72:1b:1c:8f:8c:48:f0:ac:4e:
92:d4:d5:d9:6c:4d:0e:92:67:9a:5a:7a:ab:5e:ed:
79:86:9f:82:2e:38:92:86:dd:a2:63:eb:3b:77:74:
c6:dd:41:0c:b1:1a:f7:1a:57:dc:10:5f:3f:39:86:
97:8e:ad:a4:f6:8b:fd:c5:12:67:de:19:ac:ab:ab:
9e:54:1b:f0:4e:b1:49:51:44:5c:4e:9e:80:d7:12:
b2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D1:6B:AD:62:A5:B1:84:18:D0:35:9B:AC:39:2B:0C:CA:FD:04:5A
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/NNFrrWKlsYQY0DWbrDkrDMr9BFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/23
IPv6:
2a12:6900::/36
Signature Algorithm: sha256WithRSAEncryption
98:d0:21:ad:d1:84:f5:83:53:12:5a:9c:93:ab:0f:91:42:84:
0b:fa:54:80:ef:82:ce:b5:d7:87:3f:18:65:80:d3:8f:c9:3f:
05:42:35:07:b3:ef:54:6c:11:17:7d:c4:05:5e:a2:8c:a4:1f:
6b:dd:6e:91:0f:60:47:85:49:63:c5:75:65:81:35:1f:e7:6f:
c3:5e:56:32:f0:9e:c2:07:8e:71:7e:9e:2a:16:8f:12:7d:16:
8c:61:3a:d3:45:06:dc:2f:09:12:e6:70:02:7b:5e:0c:c0:63:
24:82:69:41:d6:f8:61:ac:ea:6e:11:1b:2c:6c:f9:b6:6b:53:
02:06:93:8f:d5:a0:07:40:d3:8d:59:bb:d5:8d:6c:7f:3d:d7:
be:c7:7b:32:bd:f3:b6:a3:c5:0d:f0:68:bc:31:8f:84:1f:25:
35:4f:6a:d6:60:3f:ad:69:4f:0f:7f:1e:49:b6:c9:f0:5a:e2:
50:80:a3:49:d1:c0:f5:6d:65:22:b7:a6:ba:a7:e3:57:2c:05:
6e:64:8c:2e:0e:58:82:ea:82:b7:3a:33:b7:ef:45:6b:fc:5b:
1c:66:45:3d:83:2d:59:d2:cb:1e:3e:df:ad:f3:35:a2:fd:36:
91:15:eb:60:0a:34:0e:a7:04:de:b2:7c:c6:87:9d:d4:7b:e2:
fe:30:b9:5c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYse5NqQuxqZiXvF/IuL2csTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjMxMDExMTMxOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQxNmJhZDYyYTViMTg0MThkMDM1OWJhYzM5MmIwY2NhZmQwNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuwCi9pn0J0QT7N6DilJKo9c4UMT
rR0SEiJR4FKrLmhhav3u3QmnTG9gSNXtzBLc5+GZz+HqShsfz1JwanvYzybSmukR
aqlkx9nBX3Pyj+B3pqmfRI6ccPLncDp0NDlDrVD8mw/0ua8mfrNhaBm805OPxMeF
l5fqwLfATm+fsOcjjcHVnsL7gRY1PEEds+4rSmoSaKt6IIJNQnsH0qSO7SY7NgAH
qYWcaUhyGxyPjEjwrE6S1NXZbE0OkmeaWnqrXu15hp+CLjiSht2iY+s7d3TG3UEM
sRr3GlfcEF8/OYaXjq2k9ov9xRJn3hmsq6ueVBvwTrFJUURcTp6A1xKyWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDTRa61ipbGEGNA1m6w5KwzK/QRaMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvTk5GcnJXS2xzWVFZMERXYnJEa3JETXI5QkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAwHz8AwQB
wRxAMA4EAgACMAgDBgQqEmkAADANBgkqhkiG9w0BAQsFAAOCAQEAmNAhrdGE9YNT
Elqck6sPkUKEC/pUgO+CzrXXhz8YZYDTj8k/BUI1B7PvVGwRF33EBV6ijKQfa91u
kQ9gR4VJY8V1ZYE1H+dvw15WMvCewgeOcX6eKhaPEn0WjGE600UG3C8JEuZwAnte
DMBjJIJpQdb4YazqbhEbLGz5tmtTAgaTj9WgB0DTjVm71Y1sfz3Xvsd7Mr3ztqPF
DfBovDGPhB8lNU9q1mA/rWlPD38eSbbJ8FriUICjSdHA9W1lIremuqfjVywFbmSM
Lg5YguqCtzozt+9Fa/xbHGZFPYMtWdLLHj7frfM1ov02kRXrYAo0DqcE3rJ8xoed
1Hvi/jC5XA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:13 2024 by rpki-client on console-ams.rpki-client.org