Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/NM5g0qVPzpnfXQYCj2bO27pxGyY.roa
File: NM5g0qVPzpnfXQYCj2bO27pxGyY.roa (raw, json)
Hash identifier: s8nk4q2hIXBFZ29JDSOmxsBI/AcyOG2knyRzK6pP2Yk=
Subject key identifier: 34:CE:60:D2:A5:4F:CE:99:DF:5D:06:02:8F:66:CE:DB:BA:71:1B:26
Certificate issuer: /CN=8d64e43c75bdc511d524f0c85d009cba76956144
Certificate serial: 018571BA199472642C9393823DB7DB683569
Authority key identifier: 8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/NM5g0qVPzpnfXQYCj2bO27pxGyY.roa
Signing time: Mon 02 Jan 2023 09:04:59 +0000
ROA not before: Mon 02 Jan 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38965
IP address blocks: 193.178.197.0/24 maxlen: 24
2a04:4345:10::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:19:94:72:64:2c:93:93:82:3d:b7:db:68:35:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d64e43c75bdc511d524f0c85d009cba76956144
Validity
Not Before: Jan 2 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34ce60d2a54fce99df5d06028f66cedbba711b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1d:b4:18:0f:4a:71:7e:2a:93:1d:2b:65:c2:
11:29:05:f2:4d:68:37:b0:1a:f1:99:0e:c2:e7:30:
03:b5:54:fc:03:13:b4:af:73:da:8c:90:82:1c:6d:
14:58:5f:14:d9:55:02:2e:91:1d:89:5e:4a:d7:b1:
f1:ff:e8:cc:e2:db:3d:a5:2e:aa:fe:69:1d:a4:fc:
9f:1f:42:d4:84:81:3a:1c:e1:e3:49:6a:02:be:a7:
fc:ae:50:95:23:6f:50:79:8d:1a:a2:2d:51:bb:e8:
07:72:fa:1d:73:91:ff:cb:db:8c:df:1c:a1:3b:c0:
69:08:3c:6a:6d:b7:1d:47:eb:f7:9b:3f:5e:f0:69:
dd:c3:d4:de:14:34:39:e9:d5:eb:c7:4f:e0:52:27:
34:bc:b7:1e:18:b4:93:59:53:4b:a5:7a:77:4a:ca:
6c:be:12:ff:d1:8b:31:bf:60:38:64:a4:99:aa:da:
6f:d8:6e:7d:1a:4c:90:fd:3d:b8:48:66:59:5e:be:
d0:68:89:c8:f9:4e:f7:2e:ea:04:9f:7c:c6:c4:a5:
b2:15:92:7a:cf:b8:55:93:90:fc:ea:e7:5a:3f:55:
fc:5e:5a:a8:53:b0:aa:7a:dd:43:71:49:07:4e:8b:
0c:c4:36:89:d2:70:a3:3d:fc:4c:5c:12:69:0a:74:
e1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CE:60:D2:A5:4F:CE:99:DF:5D:06:02:8F:66:CE:DB:BA:71:1B:26
X509v3 Authority Key Identifier:
keyid:8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/NM5g0qVPzpnfXQYCj2bO27pxGyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jWTkPHW9xRHVJPDIXQCcunaVYUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.197.0/24
IPv6:
2a04:4345:10::/44
Signature Algorithm: sha256WithRSAEncryption
2d:80:01:f1:ca:f6:4b:63:e0:08:71:9a:4e:f4:a3:8c:9b:0e:
da:76:4f:62:e3:1b:42:b8:96:75:06:5f:c9:48:43:7f:0b:c8:
8d:28:ad:53:a9:72:a2:bd:b1:a5:65:6e:a5:01:06:51:09:a1:
c5:38:99:25:db:80:2d:5b:03:f1:44:0c:99:7c:17:8d:f8:fc:
38:1b:a5:76:fb:9e:f0:0a:f5:a4:d5:ae:43:bf:e4:13:0e:55:
f7:d9:bb:67:a4:e6:7d:ef:68:d0:15:be:0a:be:73:6a:17:cf:
52:b6:cf:50:8e:a5:d3:76:aa:69:2f:71:69:eb:79:b7:e4:92:
b8:eb:bc:5a:73:9b:27:8a:8b:e5:15:f0:fb:2b:17:c7:1a:ae:
05:bd:ab:52:c9:96:32:55:6c:3e:0c:25:98:d6:66:43:df:31:
71:41:1f:9d:fb:41:d5:31:ae:f3:f3:a5:65:54:7f:73:9d:a2:
e2:8f:12:58:46:e8:8e:1a:64:52:23:a2:8f:90:03:16:88:85:
c7:14:f6:f2:c4:83:db:11:ea:f3:29:ce:d9:fb:f8:ee:65:07:
36:bb:5d:50:b6:4c:be:6d:5d:bc:85:71:9f:51:f1:f5:05:8e:
d9:2a:0c:db:d5:4f:06:7b:5e:54:a0:52:f1:7e:9c:8b:05:dc:
33:75:ae:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxuhmUcmQsk5OCPbfbaDVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjRlNDNjNzViZGM1MTFkNTI0ZjBjODVkMDA5Y2JhNzY5
NTYxNDQwHhcNMjMwMTAyMDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNlNjBkMmE1NGZjZTk5ZGY1ZDA2MDI4ZjY2Y2VkYmJhNzExYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh20GA9KcX4qkx0rZcIRKQXyTWg3
sBrxmQ7C5zADtVT8AxO0r3PajJCCHG0UWF8U2VUCLpEdiV5K17Hx/+jM4ts9pS6q
/mkdpPyfH0LUhIE6HOHjSWoCvqf8rlCVI29QeY0aoi1Ru+gHcvodc5H/y9uM3xyh
O8BpCDxqbbcdR+v3mz9e8Gndw9TeFDQ56dXrx0/gUic0vLceGLSTWVNLpXp3Ssps
vhL/0Ysxv2A4ZKSZqtpv2G59GkyQ/T24SGZZXr7QaInI+U73LuoEn3zGxKWyFZJ6
z7hVk5D86udaP1X8XlqoU7Cqet1DcUkHTosMxDaJ0nCjPfxMXBJpCnThNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDTOYNKlT86Z310GAo9mztu6cRsmMB8GA1UdIwQY
MBaAFI1k5Dx1vcUR1STwyF0AnLp2lWFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3Yzct
NzI0NDgzNTJiODA3LzEvTk01ZzBxVlB6cG5mWFFZQ2oyYk8yN3B4R3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3YzctNzI0NDgzNTJiODA3
LzEvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbLFMA8E
AgACMAkDBwQqBENFABAwDQYJKoZIhvcNAQELBQADggEBAC2AAfHK9ktj4Ahxmk70
o4ybDtp2T2LjG0K4lnUGX8lIQ38LyI0orVOpcqK9saVlbqUBBlEJocU4mSXbgC1b
A/FEDJl8F434/DgbpXb7nvAK9aTVrkO/5BMOVffZu2ek5n3vaNAVvgq+c2oXz1K2
z1COpdN2qmkvcWnrebfkkrjrvFpzmyeKi+UV8PsrF8cargW9q1LJljJVbD4MJZjW
ZkPfMXFBH537QdUxrvPzpWVUf3OdouKPElhG6I4aZFIjoo+QAxaIhccU9vLEg9sR
6vMpztn7+O5lBza7XVC2TL5tXbyFcZ9R8fUFjtkqDNvVTwZ7XlSgUvF+nIsF3DN1
riA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:20 2024 by rpki-client on console-ams.rpki-client.org