Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/837b0c-18a9-4ab3-8350-48170be11332/1/cNgCD952aUSNlQH4feERr3rAPaA.roa
File: cNgCD952aUSNlQH4feERr3rAPaA.roa (raw, json)
Hash identifier: ZsV1ltcpF3vUbcC0Vghq+MZ2VRpGPJQjiBe6Z6sDz6E=
Subject key identifier: 70:D8:02:0F:DE:76:69:44:8D:95:01:F8:7D:E1:11:AF:7A:C0:3D:A0
Certificate issuer: /CN=13319513fd0b90417060a218b76d62b8e3fbcc51
Certificate serial: 01856B00B8D3E79B095256C53831E7808937
Authority key identifier: 13:31:95:13:FD:0B:90:41:70:60:A2:18:B7:6D:62:B8:E3:FB:CC:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzGVE_0LkEFwYKIYt21iuOP7zFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/837b0c-18a9-4ab3-8350-48170be11332/1/cNgCD952aUSNlQH4feERr3rAPaA.roa
Signing time: Sun 01 Jan 2023 01:44:47 +0000
ROA not before: Sun 01 Jan 2023 01:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39122
IP address blocks: 194.8.59.0/24 maxlen: 24
194.9.174.0/24 maxlen: 24
194.9.222.0/24 maxlen: 24
194.8.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:b8:d3:e7:9b:09:52:56:c5:38:31:e7:80:89:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13319513fd0b90417060a218b76d62b8e3fbcc51
Validity
Not Before: Jan 1 01:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d8020fde7669448d9501f87de111af7ac03da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fa:81:d9:78:3f:33:cd:03:00:79:6b:83:86:
ee:cc:d2:8a:dc:19:20:37:c8:5c:1e:29:8a:1d:62:
9f:b6:01:23:fa:ed:d5:a7:92:74:6e:e0:e5:17:2a:
b0:71:e1:76:5a:35:eb:1f:a7:d9:43:90:93:32:ca:
13:d6:c5:ec:54:ae:80:ed:61:a8:83:4c:c3:f8:ab:
5a:3a:23:7b:6b:86:4a:de:77:fa:4c:23:c8:3b:a9:
be:f8:b4:4a:8d:95:bf:80:69:5e:2d:12:65:36:66:
9d:7e:d0:f7:c2:24:8c:11:b2:2c:20:ef:a8:de:2d:
b1:a1:9e:48:23:a3:f0:1a:d7:9f:f3:42:b6:8f:8b:
4d:5f:3f:dc:b1:dd:a6:27:58:2d:79:39:1b:c4:44:
55:73:10:36:06:43:2d:e8:c0:73:05:43:a6:c5:ac:
12:fa:f6:93:7b:18:91:60:79:d4:1c:c4:51:0d:17:
69:2a:d7:26:ff:45:2b:75:5a:db:c2:0a:59:7f:98:
30:42:7d:81:af:75:99:0a:41:13:b5:1b:82:27:57:
6f:b8:72:04:4f:7b:2f:27:f1:0d:3a:c7:42:f5:85:
73:10:cf:b0:90:af:a2:7b:6a:ce:a6:0b:0c:e8:f6:
ed:9b:99:17:36:14:6f:9d:19:22:f2:e3:ea:77:6d:
68:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D8:02:0F:DE:76:69:44:8D:95:01:F8:7D:E1:11:AF:7A:C0:3D:A0
X509v3 Authority Key Identifier:
keyid:13:31:95:13:FD:0B:90:41:70:60:A2:18:B7:6D:62:B8:E3:FB:CC:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzGVE_0LkEFwYKIYt21iuOP7zFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/837b0c-18a9-4ab3-8350-48170be11332/1/cNgCD952aUSNlQH4feERr3rAPaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/837b0c-18a9-4ab3-8350-48170be11332/1/EzGVE_0LkEFwYKIYt21iuOP7zFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.48.0/24
194.8.59.0/24
194.9.174.0/24
194.9.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:22:3c:33:62:f6:ee:05:09:3b:e2:63:65:59:4d:f4:70:33:
5a:19:f6:4c:ae:0f:fe:14:a9:32:e4:ec:13:d5:96:43:cb:c3:
45:cd:22:2e:63:89:2b:63:f3:9a:e0:54:3d:cf:37:d8:1c:2f:
4f:ad:c0:90:0e:8d:80:54:d3:1c:d9:e7:c8:6b:97:74:0e:aa:
5c:06:0a:5c:83:ee:75:b2:96:d7:70:33:02:f0:e7:1d:15:09:
65:51:1b:35:61:a5:4c:dc:c2:7e:53:a8:cf:35:4c:ec:fe:d9:
0e:c6:2d:8d:34:c3:03:c6:e4:0f:87:3c:50:b6:9e:dc:a4:24:
40:c8:bf:03:48:f7:ff:43:50:a4:01:85:53:29:93:a7:1e:d6:
84:e9:6a:e7:14:05:f1:01:c4:81:ab:7e:6d:33:9d:83:77:dd:
f7:cc:3d:81:4f:c6:0d:be:5c:69:ce:d6:6b:8f:d7:6e:10:66:
05:1d:73:89:07:b0:c6:b7:f7:f9:cf:a5:6a:1d:8d:15:29:ca:
33:e5:5c:8e:b7:c3:31:53:db:82:71:34:bf:6a:83:0c:74:42:
bd:b1:91:b1:2e:a5:91:b4:f1:ac:d0:84:df:e6:87:6b:8c:d2:
27:34:60:44:0c:83:8e:b6:15:3b:39:32:fa:e4:b6:19:34:70:
87:19:69:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrALjT55sJUlbFODHngIk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzE5NTEzZmQwYjkwNDE3MDYwYTIxOGI3NmQ2MmI4ZTNm
YmNjNTEwHhcNMjMwMTAxMDE0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ4MDIwZmRlNzY2OTQ0OGQ5NTAxZjg3ZGUxMTFhZjdhYzAzZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvqB2Xg/M80DAHlrg4buzNKK3Bkg
N8hcHimKHWKftgEj+u3Vp5J0buDlFyqwceF2WjXrH6fZQ5CTMsoT1sXsVK6A7WGo
g0zD+KtaOiN7a4ZK3nf6TCPIO6m++LRKjZW/gGleLRJlNmadftD3wiSMEbIsIO+o
3i2xoZ5II6PwGtef80K2j4tNXz/csd2mJ1gteTkbxERVcxA2BkMt6MBzBUOmxawS
+vaTexiRYHnUHMRRDRdpKtcm/0UrdVrbwgpZf5gwQn2Br3WZCkETtRuCJ1dvuHIE
T3svJ/ENOsdC9YVzEM+wkK+ie2rOpgsM6Pbtm5kXNhRvnRki8uPqd21oLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHDYAg/edmlEjZUB+H3hEa96wD2gMB8GA1UdIwQY
MBaAFBMxlRP9C5BBcGCiGLdtYrjj+8xRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpHVkVfMExrRUZ3WUtJWXQyMWl1T1A3ekZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84MzdiMGMtMThhOS00YWIzLTgzNTAt
NDgxNzBiZTExMzMyLzEvY05nQ0Q5NTJhVVNObFFINGZlRVJyM3JBUGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84MzdiMGMtMThhOS00YWIzLTgzNTAtNDgxNzBiZTExMzMy
LzEvRXpHVkVfMExrRUZ3WUtJWXQyMWl1T1A3ekZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwggwAwQA
wgg7AwQAwgmuAwQAwgneMA0GCSqGSIb3DQEBCwUAA4IBAQBSIjwzYvbuBQk74mNl
WU30cDNaGfZMrg/+FKky5OwT1ZZDy8NFzSIuY4krY/Oa4FQ9zzfYHC9PrcCQDo2A
VNMc2efIa5d0DqpcBgpcg+51spbXcDMC8OcdFQllURs1YaVM3MJ+U6jPNUzs/tkO
xi2NNMMDxuQPhzxQtp7cpCRAyL8DSPf/Q1CkAYVTKZOnHtaE6WrnFAXxAcSBq35t
M52Dd933zD2BT8YNvlxpztZrj9duEGYFHXOJB7DGt/f5z6VqHY0VKcoz5VyOt8Mx
U9uCcTS/aoMMdEK9sZGxLqWRtPGs0ITf5odrjNInNGBEDIOOthU7OTL65LYZNHCH
GWm5
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:45 2024 by rpki-client on console-ams.rpki-client.org