Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/n_r1YRxJ8jJLCODcQPYWRHED8Es.roa
File: n_r1YRxJ8jJLCODcQPYWRHED8Es.roa (raw, json)
Hash identifier: AN71A1UGDE0/N9k2VpKClkxF+gwyLVmzwePPjTYGbkQ=
Subject key identifier: 9F:FA:F5:61:1C:49:F2:32:4B:08:E0:DC:40:F6:16:44:71:03:F0:4B
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 018AB773D8A80B480F731E43305E809C21DD
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/n_r1YRxJ8jJLCODcQPYWRHED8Es.roa
Signing time: Thu 21 Sep 2023 11:15:37 +0000
ROA not before: Thu 21 Sep 2023 11:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203536
IP address blocks: 194.59.14.0/23 maxlen: 23
194.59.14.0/24 maxlen: 24
92.118.120.0/22 maxlen: 22
194.59.32.0/23 maxlen: 23
2a0f:bc0::/29 maxlen: 29
2a09:a640::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 17:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:73:d8:a8:0b:48:0f:73:1e:43:30:5e:80:9c:21:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Sep 21 11:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ffaf5611c49f2324b08e0dc40f616447103f04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:5e:32:80:0e:c9:df:10:6e:83:a6:95:cd:
f9:01:11:d7:b6:80:cc:c7:6b:4f:c2:7d:05:cb:ba:
0a:71:ef:99:b9:94:4b:1e:0b:9c:51:60:cf:24:54:
67:8f:e1:77:67:8b:af:e1:07:c6:bc:14:91:3b:15:
12:7e:5d:ac:63:26:d7:63:16:81:ec:6f:8a:0a:86:
9f:17:35:25:ea:8f:5f:19:f9:ba:01:a6:f9:a0:3d:
bb:9f:99:32:61:8a:d9:0f:02:b7:f6:74:31:e5:5f:
7d:f0:a4:80:64:d3:8d:3c:ad:f0:47:17:ad:ac:5a:
fc:3d:44:98:cf:69:de:43:1f:d9:c7:c9:3b:69:47:
d3:d2:fa:93:e3:b5:fc:b4:c2:9e:6e:5e:1a:e4:e2:
91:0f:39:68:d4:f1:c7:76:12:6f:4f:ac:3a:0f:19:
be:77:02:4f:cb:91:4e:6c:c9:0e:1a:9d:98:24:ff:
e0:17:9b:30:f2:ac:f5:c8:c3:2b:ff:b1:47:fd:68:
78:b1:bd:8b:92:a4:3f:20:06:dc:a4:e0:0b:66:82:
ba:66:c1:2f:34:7f:2d:05:fd:d3:65:e3:40:d5:12:
3e:bf:88:2a:58:eb:b3:68:e1:73:ca:e2:ff:8b:b3:
71:57:7a:83:ae:99:91:b9:f3:fb:de:db:05:d3:2c:
b9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FA:F5:61:1C:49:F2:32:4B:08:E0:DC:40:F6:16:44:71:03:F0:4B
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/n_r1YRxJ8jJLCODcQPYWRHED8Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.120.0/22
194.59.14.0/23
194.59.32.0/23
IPv6:
2a09:a640::/32
2a0f:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
02:8c:33:fc:35:52:a3:e9:b0:bc:aa:a7:63:70:ff:97:2d:57:
ec:c6:41:f9:5a:c4:66:dc:4a:c9:93:0f:01:57:50:a8:df:71:
a4:cc:e6:55:0d:4f:23:a1:ae:b4:1f:6b:e9:a1:ef:a7:b3:df:
96:44:c4:20:a0:71:ef:0f:44:38:6d:3a:59:f0:ed:5e:38:28:
22:4e:58:f0:63:93:3d:79:89:cb:a4:6c:55:0d:21:29:5d:f7:
83:25:0d:48:a8:e6:cd:03:bf:16:38:fa:79:ae:aa:0e:13:cc:
18:3c:cc:e8:b2:c4:1d:52:bf:05:2f:3a:55:4e:69:de:48:8f:
a9:77:e7:ac:4f:d3:8c:57:cb:25:4a:6b:8e:4a:1a:1b:5c:43:
a1:7e:5a:26:f9:00:df:cc:ec:8f:19:d1:90:c1:ab:28:de:52:
c6:2f:23:14:3c:b2:e5:ac:b2:b2:42:2c:f2:3d:28:32:9b:3d:
01:11:4d:de:f2:8b:b8:cc:a9:04:af:d5:db:fc:e3:90:7d:31:
31:af:23:6a:2d:1c:13:56:c9:6a:92:50:2d:6d:18:4f:59:dd:
bb:b8:27:9c:2f:7d:67:44:fd:68:55:71:72:07:d5:1c:03:3e:
a9:56:db:9b:ae:c1:5e:3a:d9:74:2b:95:4d:7b:16:da:76:52:
ba:81:d0:4a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYq3c9ioC0gPcx5DMF6AnCHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjMwOTIxMTExNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZhZjU2MTFjNDlmMjMyNGIwOGUwZGM0MGY2MTY0NDcxMDNmMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cReMoAOyd8QboOmlc35ARHXtoDM
x2tPwn0Fy7oKce+ZuZRLHgucUWDPJFRnj+F3Z4uv4QfGvBSROxUSfl2sYybXYxaB
7G+KCoafFzUl6o9fGfm6Aab5oD27n5kyYYrZDwK39nQx5V998KSAZNONPK3wRxet
rFr8PUSYz2neQx/Zx8k7aUfT0vqT47X8tMKebl4a5OKRDzlo1PHHdhJvT6w6Dxm+
dwJPy5FObMkOGp2YJP/gF5sw8qz1yMMr/7FH/Wh4sb2LkqQ/IAbcpOALZoK6ZsEv
NH8tBf3TZeNA1RI+v4gqWOuzaOFzyuL/i7NxV3qDrpmRufP73tsF0yy5hQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJ/69WEcSfIySwjg3ED2FkRxA/BLMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvbl9yMVlSeEo4akpMQ09EY1FQWVdSSEVEOEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCXHZ4AwQB
wjsOAwQBwjsgMBQEAgACMA4DBQAqCaZAAwUDKg8LwDANBgkqhkiG9w0BAQsFAAOC
AQEAAowz/DVSo+mwvKqnY3D/ly1X7MZB+VrEZtxKyZMPAVdQqN9xpMzmVQ1PI6Gu
tB9r6aHvp7PflkTEIKBx7w9EOG06WfDtXjgoIk5Y8GOTPXmJy6RsVQ0hKV33gyUN
SKjmzQO/Fjj6ea6qDhPMGDzM6LLEHVK/BS86VU5p3kiPqXfnrE/TjFfLJUprjkoa
G1xDoX5aJvkA38zsjxnRkMGrKN5Sxi8jFDyy5ayyskIs8j0oMps9ARFN3vKLuMyp
BK/V2/zjkH0xMa8jai0cE1bJapJQLW0YT1ndu7gnnC99Z0T9aFVxcgfVHAM+qVbb
m67BXjrZdCuVTXsW2nZSuoHQSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:01 2024 by rpki-client on console-fra.rpki-client.org