Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/nmQn4NoD9adkEnF9U6ynFR1STcw.roa
File: nmQn4NoD9adkEnF9U6ynFR1STcw.roa (raw, json)
Hash identifier: uihS/IhxgLzGVPFiD5UsVEzLbzp4ncO3HdZkKo9AcUk=
Subject key identifier: 9E:64:27:E0:DA:03:F5:A7:64:12:71:7D:53:AC:A7:15:1D:52:4D:CC
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01856F547B455C1EDC2239F5A6346307F9A5
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/nmQn4NoD9adkEnF9U6ynFR1STcw.roa
Signing time: Sun 01 Jan 2023 21:54:45 +0000
ROA not before: Sun 01 Jan 2023 21:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29310
IP address blocks: 213.244.116.0/24 maxlen: 24
213.244.117.0/24 maxlen: 24
213.244.115.0/24 maxlen: 24
213.244.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 06:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:7b:45:5c:1e:dc:22:39:f5:a6:34:63:07:f9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 21:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6427e0da03f5a76412717d53aca7151d524dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8e:ea:1d:8f:67:ed:be:65:16:61:be:4d:2e:
16:20:22:67:02:41:00:61:b7:44:25:9c:7d:f1:c8:
42:7e:af:49:64:7b:26:fe:21:2f:00:19:73:10:20:
20:4d:26:0c:85:c0:23:da:72:ff:a9:cb:57:67:7a:
6a:28:f8:b6:ad:10:5b:85:3c:d3:5d:4e:c4:e4:99:
41:ca:6a:78:80:e3:df:5e:75:67:fa:ec:30:4a:0f:
fd:1b:4b:9d:14:da:50:d0:26:8d:cc:b3:4b:b6:75:
90:88:b8:9d:55:62:c4:5c:3e:71:8c:46:0e:82:e3:
da:14:4c:27:e9:16:20:69:be:d9:46:72:bc:2e:67:
89:ac:ab:33:09:52:17:00:f2:10:f9:ff:07:32:57:
67:19:63:9f:ef:c5:85:ae:73:c8:44:9f:23:89:1c:
04:a9:b5:8e:a7:26:45:b4:3f:ef:82:02:a7:8e:2e:
c2:cc:a6:6b:d7:f6:b7:cd:e7:c0:c8:2b:83:78:41:
ad:fb:ca:96:dd:19:6a:f6:eb:12:5b:05:bc:fb:10:
aa:2a:e1:bf:1c:df:19:26:c9:47:7e:e8:cb:45:d9:
25:9b:91:27:66:60:e5:58:3a:ba:65:d7:1e:bf:f2:
f3:04:38:28:5f:9c:ee:a5:a6:23:17:7f:ee:56:c1:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:64:27:E0:DA:03:F5:A7:64:12:71:7D:53:AC:A7:15:1D:52:4D:CC
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/nmQn4NoD9adkEnF9U6ynFR1STcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.115.0-213.244.117.255
213.244.122.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:35:35:30:db:23:a5:47:b6:eb:c6:ab:0c:5e:c0:23:35:0e:
1f:c0:1e:f8:6e:f6:79:98:af:be:84:b5:6f:7f:7f:74:d5:f7:
61:6e:f3:de:5a:8f:38:a8:e4:cf:f6:8e:ea:e7:99:89:48:21:
b8:d6:d6:96:28:10:6b:55:c9:a0:04:26:85:30:f1:46:a8:4b:
cf:f0:b7:a0:54:fc:75:ec:22:a7:3e:8a:13:29:11:c0:80:58:
b2:43:b7:3b:df:b3:52:a8:fd:ff:ef:7c:41:11:fd:36:46:3b:
42:af:c8:64:4c:b5:d3:da:85:cb:e7:10:ff:96:71:ca:f1:93:
49:ba:93:6b:55:4d:c9:a5:a7:ee:c3:2d:66:86:1d:99:9b:ec:
59:1c:6d:58:7b:a4:7d:41:77:a6:01:de:67:fb:6b:42:ee:60:
68:67:51:df:58:b5:43:e4:7b:3f:95:99:dc:38:a6:fd:2b:cc:
eb:8d:b1:52:4f:64:aa:96:9b:79:06:9d:b6:10:0f:a9:2b:60:
59:1b:9c:92:27:99:b3:ae:a6:50:09:16:5c:c6:6c:eb:9b:49:
4f:85:d1:0b:1e:fd:35:a7:19:d3:34:5e:20:61:29:06:d0:52:
7b:42:a9:e2:fb:27:51:a8:54:99:2c:46:fb:2c:53:5f:08:cf:
0e:45:1e:80
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvVHtFXB7cIjn1pjRjB/mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjMwMTAxMjE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY0MjdlMGRhMDNmNWE3NjQxMjcxN2Q1M2FjYTcxNTFkNTI0ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo7qHY9n7b5lFmG+TS4WICJnAkEA
YbdEJZx98chCfq9JZHsm/iEvABlzECAgTSYMhcAj2nL/qctXZ3pqKPi2rRBbhTzT
XU7E5JlBymp4gOPfXnVn+uwwSg/9G0udFNpQ0CaNzLNLtnWQiLidVWLEXD5xjEYO
guPaFEwn6RYgab7ZRnK8LmeJrKszCVIXAPIQ+f8HMldnGWOf78WFrnPIRJ8jiRwE
qbWOpyZFtD/vggKnji7CzKZr1/a3zefAyCuDeEGt+8qW3Rlq9usSWwW8+xCqKuG/
HN8ZJslHfujLRdklm5EnZmDlWDq6Zdcev/LzBDgoX5zupaYjF3/uVsG78QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ5kJ+DaA/WnZBJxfVOspxUdUk3MMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvbm1RbjROb0Q5YWRrRW5GOVU2eW5GUjFTVGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADV9HMD
BAHV9HQDBADV9HowDQYJKoZIhvcNAQELBQADggEBAF01NTDbI6VHtuvGqwxewCM1
Dh/AHvhu9nmYr76EtW9/f3TV92Fu895ajzio5M/2jurnmYlIIbjW1pYoEGtVyaAE
JoUw8UaoS8/wt6BU/HXsIqc+ihMpEcCAWLJDtzvfs1Ko/f/vfEER/TZGO0KvyGRM
tdPahcvnEP+Wccrxk0m6k2tVTcmlp+7DLWaGHZmb7FkcbVh7pH1Bd6YB3mf7a0Lu
YGhnUd9YtUPkez+Vmdw4pv0rzOuNsVJPZKqWm3kGnbYQD6krYFkbnJInmbOuplAJ
FlzGbOubSU+F0Qse/TWnGdM0XiBhKQbQUntCqeL7J1GoVJksRvssU18Izw5FHoA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org