Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/nauvWjTo-Zk4qcYzyMTrTCAN_00.roa
File: nauvWjTo-Zk4qcYzyMTrTCAN_00.roa (raw, json)
Hash identifier: wVJ/TwfnFUJLdKH//gmn+rX38nV/QSeOkAe/mhU12e0=
Subject key identifier: 9D:AB:AF:5A:34:E8:F9:99:38:A9:C6:33:C8:C4:EB:4C:20:0D:FF:4D
Certificate issuer: /CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Certificate serial: 01857246CEF1EADC32B0DC3C379CA13F300F
Authority key identifier: FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/nauvWjTo-Zk4qcYzyMTrTCAN_00.roa
Signing time: Mon 02 Jan 2023 11:38:41 +0000
ROA not before: Mon 02 Jan 2023 11:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50921
IP address blocks: 195.170.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ce:f1:ea:dc:32:b0:dc:3c:37:9c:a1:3f:30:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Validity
Not Before: Jan 2 11:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dabaf5a34e8f99938a9c633c8c4eb4c200dff4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:3b:88:07:9e:99:35:b2:e1:40:7b:0a:cf:
d8:3f:33:29:a6:09:2a:fa:74:f7:f5:6c:e4:81:91:
e2:b6:36:92:54:54:07:bf:01:3e:64:e2:df:8b:62:
f2:b1:fb:2a:c5:02:6a:22:00:65:0b:4a:18:e6:37:
8c:2a:57:77:e4:69:86:90:8c:0b:a6:f6:1e:23:e4:
cd:02:6c:a9:83:da:4b:3c:49:7c:bf:ae:11:07:34:
21:56:37:6a:5b:c3:6a:30:47:2f:be:5b:14:96:dd:
29:b7:d2:06:f2:ab:2f:12:9e:35:c1:b2:1e:55:5f:
ff:d6:a4:d1:25:e4:1c:68:2a:af:2f:a6:8d:bf:ef:
9b:e1:60:eb:29:08:d1:8c:6d:cd:e5:5d:98:6c:7c:
18:f1:dc:e6:20:64:a3:fd:ed:8b:97:42:52:9b:1d:
f6:12:c4:b9:38:48:88:b9:38:d1:7f:13:7c:bf:65:
32:d0:56:fd:fc:ab:3b:6e:29:8b:a5:90:38:d2:90:
99:ce:40:b2:00:24:a8:c0:a6:a6:9e:09:5e:a1:ce:
38:9b:03:ef:d3:ea:85:bd:45:60:94:08:b3:7b:80:
cd:c7:a9:89:07:0f:d3:21:5a:25:bb:c7:bd:df:96:
67:f8:03:e9:f1:99:fd:bf:e6:b7:e9:ea:9e:93:78:
68:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:AF:5A:34:E8:F9:99:38:A9:C6:33:C8:C4:EB:4C:20:0D:FF:4D
X509v3 Authority Key Identifier:
keyid:FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/nauvWjTo-Zk4qcYzyMTrTCAN_00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-zZG-6aQRe3l745cOaL8F_nw0tw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.171.0/24
Signature Algorithm: sha256WithRSAEncryption
37:bd:8c:ef:98:a5:36:bb:08:98:51:40:d1:5f:9a:52:c2:5b:
73:14:1b:80:32:cd:6e:d4:80:67:cb:4d:1f:1b:6e:fb:e2:25:
5b:b1:e2:3f:86:09:46:cc:d1:37:41:0b:47:3e:96:9c:76:a4:
78:09:4a:6f:b3:11:63:2e:a1:53:fc:59:97:76:88:81:5d:ef:
d9:03:67:0b:8a:77:4b:72:61:e6:96:89:43:95:6b:2b:4f:41:
f5:ea:f4:3d:bd:81:2c:bd:61:1b:29:70:37:e2:3a:05:11:2b:
ac:1b:1d:f6:56:d6:8c:64:cf:d4:b9:d6:0c:a1:a2:1c:6d:36:
2b:41:1a:fd:28:3c:dc:58:52:f9:c1:e3:73:c7:bf:9f:e7:52:
6a:ec:9b:66:15:de:1f:4a:9f:56:04:ca:b0:2c:af:9f:59:fc:
74:1b:ad:c5:9d:df:06:e4:68:29:2d:00:59:9b:54:63:7e:d1:
d1:a1:90:2e:69:7d:5c:db:25:f5:77:3e:0e:d4:13:d7:d7:88:
96:09:e1:80:6b:17:05:fe:19:a2:08:4d:93:fd:08:b4:fc:dc:
6e:cf:2b:ae:0f:cb:ff:0a:c7:10:fc:3d:65:79:32:9c:7c:f1:
c0:5d:21:0f:e6:e4:81:2b:25:08:f1:25:02:d6:07:4d:4f:75:
88:53:a6:c7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyRs7x6twysNw8N5yhPzAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzY0NmZiYTY5MDQ1ZWRlNWVmOGU1YzM5YTJmYzE3Zjlm
MGQyZGMwHhcNMjMwMTAyMTEzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFiYWY1YTM0ZThmOTk5MzhhOWM2MzNjOGM0ZWI0YzIwMGRmZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LQ7iAeemTWy4UB7Cs/YPzMppgkq
+nT39WzkgZHitjaSVFQHvwE+ZOLfi2LysfsqxQJqIgBlC0oY5jeMKld35GmGkIwL
pvYeI+TNAmypg9pLPEl8v64RBzQhVjdqW8NqMEcvvlsUlt0pt9IG8qsvEp41wbIe
VV//1qTRJeQcaCqvL6aNv++b4WDrKQjRjG3N5V2YbHwY8dzmIGSj/e2Ll0JSmx32
EsS5OEiIuTjRfxN8v2Uy0Fb9/Ks7bimLpZA40pCZzkCyACSowKamngleoc44mwPv
0+qFvUVglAize4DNx6mJBw/TIVolu8e935Zn+APp8Zn9v+a36eqek3hoFwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ2rr1o06PmZOKnGM8jE60wgDf9NMB8GA1UdIwQY
MBaAFPs2RvumkEXt5e+OXDmi/Bf58NLcMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16WkctNmFRUmUzbDc0NWNPYUw4Rl9udzB0dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvNzA2ZjU0LTg3YTUtNDVlNy1iZjIy
LThhNmI1NDc2NjZhYS8xL25hdXZXalRvLVprNHFjWXp5TVRyVENBTl8wMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvNzA2ZjU0LTg3YTUtNDVlNy1iZjIyLThhNmI1NDc2NjZh
YS8xLzEtelpHLTZhUVJlM2w3NDVjT2FMOEZfbncwdHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDqqsw
DQYJKoZIhvcNAQELBQADggEBADe9jO+YpTa7CJhRQNFfmlLCW3MUG4AyzW7UgGfL
TR8bbvviJVux4j+GCUbM0TdBC0c+lpx2pHgJSm+zEWMuoVP8WZd2iIFd79kDZwuK
d0tyYeaWiUOVaytPQfXq9D29gSy9YRspcDfiOgURK6wbHfZW1oxkz9S51gyhohxt
NitBGv0oPNxYUvnB43PHv5/nUmrsm2YV3h9Kn1YEyrAsr59Z/HQbrcWd3wbkaCkt
AFmbVGN+0dGhkC5pfVzbJfV3Pg7UE9fXiJYJ4YBrFwX+GaIITZP9CLT83G7PK64P
y/8KxxD8PWV5Mpx88cBdIQ/m5IErJQjxJQLWB01PdYhTpsc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:08 2024 by rpki-client on console-fra.rpki-client.org