Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/NfsUd6tCMUBO5DHqqc4iAmCgQnA.roa
File: NfsUd6tCMUBO5DHqqc4iAmCgQnA.roa (raw, json)
Hash identifier: eh7cxKkCZsBZWur1/GW2IxUCemGEz0ZVJOcIGcwVexI=
Subject key identifier: 35:FB:14:77:AB:42:31:40:4E:E4:31:EA:A9:CE:22:02:60:A0:42:70
Certificate issuer: /CN=b9a9088bb4201ce46d8eb83dc9f38c78b8f3be1b
Certificate serial: 0185708CCF05399FA3EE03701BE6A682A142
Authority key identifier: B9:A9:08:8B:B4:20:1C:E4:6D:8E:B8:3D:C9:F3:8C:78:B8:F3:BE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uakIi7QgHORtjrg9yfOMeLjzvhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/NfsUd6tCMUBO5DHqqc4iAmCgQnA.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51450
IP address blocks: 91.217.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:cf:05:39:9f:a3:ee:03:70:1b:e6:a6:82:a1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9a9088bb4201ce46d8eb83dc9f38c78b8f3be1b
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35fb1477ab4231404ee431eaa9ce220260a04270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e7:ff:ac:8b:88:c4:15:9e:fc:9a:a9:c0:68:
0e:59:66:72:e7:16:b7:6f:dc:d1:c9:aa:4c:46:ae:
d7:c5:9c:e3:d1:26:3b:cc:c8:b6:9b:19:de:1b:21:
ab:46:01:20:2d:75:bb:9d:4c:08:e7:30:87:fa:c8:
21:41:37:4b:c8:44:be:69:e8:ee:28:3a:26:e1:a4:
01:57:a5:45:b6:bb:79:81:8d:0e:78:71:32:32:9e:
59:fa:bf:7a:5f:90:a8:68:36:fb:2d:db:6c:65:be:
73:c2:22:5b:54:66:5b:a7:57:86:75:6b:6b:a0:67:
4c:bf:a3:ce:b4:c8:c3:35:23:e4:b5:93:01:3b:49:
65:46:80:8a:73:9f:39:a5:77:db:8b:c8:06:8a:bf:
60:f6:e6:99:d3:b3:19:00:62:46:95:0d:34:61:94:
b4:d9:e0:d9:86:dc:be:ba:8c:08:ce:e6:bf:c0:e7:
42:75:11:d7:95:8c:d4:b2:e4:25:57:5c:62:29:2d:
bb:e0:8b:fc:61:be:be:1d:df:5e:54:57:eb:56:c5:
9a:5a:3f:49:63:3f:d6:7c:61:94:06:0b:8a:f5:e7:
94:b0:ac:ea:5e:74:95:34:86:27:8f:05:37:19:cf:
ad:e0:10:50:9a:f3:63:56:76:55:a2:df:ef:39:83:
28:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FB:14:77:AB:42:31:40:4E:E4:31:EA:A9:CE:22:02:60:A0:42:70
X509v3 Authority Key Identifier:
keyid:B9:A9:08:8B:B4:20:1C:E4:6D:8E:B8:3D:C9:F3:8C:78:B8:F3:BE:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uakIi7QgHORtjrg9yfOMeLjzvhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/NfsUd6tCMUBO5DHqqc4iAmCgQnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/uakIi7QgHORtjrg9yfOMeLjzvhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:27:ec:b1:d9:33:9f:db:33:cf:66:1d:11:7f:a8:ec:b4:ed:
81:e6:ce:13:a6:60:3c:7c:69:68:b4:ba:00:1b:95:e9:04:e7:
40:e8:cd:40:86:68:bf:66:b7:f1:34:06:7a:67:8c:20:6a:9d:
6d:e5:28:21:8c:3d:39:22:2b:c6:75:c3:91:48:0b:4f:36:5b:
0c:ff:23:7f:b2:9d:cc:78:1b:cc:dd:d2:80:15:a3:29:63:79:
e5:ea:bb:00:eb:f0:15:d5:94:b4:4b:cd:9c:17:c1:8b:a3:07:
c5:a7:23:c7:f0:1e:a8:bc:27:d2:40:76:9f:c7:c1:e9:a5:6e:
20:81:80:bb:c3:0f:d0:5f:ee:ca:e1:1e:a5:a2:76:2a:fe:e5:
65:4e:16:5d:ee:e0:b2:3f:1e:72:5c:40:49:e7:43:17:ed:f0:
4a:88:4d:66:c4:51:91:51:fc:af:6e:80:38:ba:c4:d2:79:af:
8e:72:b3:fb:c0:df:a8:68:41:21:a0:52:32:a6:0c:12:9b:5f:
f9:e3:36:5b:b1:54:3e:cc:d0:0a:45:d9:dc:3b:ce:74:f1:f8:
0b:0c:f4:03:26:36:ab:45:1f:d7:92:60:5d:24:19:8d:86:cb:
cc:9f:1b:f4:5e:93:cf:30:16:f0:69:27:fb:32:71:6d:62:6d:
9d:79:1e:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjM8FOZ+j7gNwG+amgqFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTkwODhiYjQyMDFjZTQ2ZDhlYjgzZGM5ZjM4Yzc4Yjhm
M2JlMWIwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZiMTQ3N2FiNDIzMTQwNGVlNDMxZWFhOWNlMjIwMjYwYTA0MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguf/rIuIxBWe/JqpwGgOWWZy5xa3
b9zRyapMRq7XxZzj0SY7zMi2mxneGyGrRgEgLXW7nUwI5zCH+sghQTdLyES+aeju
KDom4aQBV6VFtrt5gY0OeHEyMp5Z+r96X5CoaDb7LdtsZb5zwiJbVGZbp1eGdWtr
oGdMv6POtMjDNSPktZMBO0llRoCKc585pXfbi8gGir9g9uaZ07MZAGJGlQ00YZS0
2eDZhty+uowIzua/wOdCdRHXlYzUsuQlV1xiKS274Iv8Yb6+Hd9eVFfrVsWaWj9J
Yz/WfGGUBguK9eeUsKzqXnSVNIYnjwU3Gc+t4BBQmvNjVnZVot/vOYMoEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX7FHerQjFATuQx6qnOIgJgoEJwMB8GA1UdIwQY
MBaAFLmpCIu0IBzkbY64PcnzjHi4874bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFrSWk3UWdIT1J0anJnOXlmT01lTGp6dmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jY2FmMzQtM2RlZS00ZmUyLWIyZmMt
OGRkNDUzYWI0MjNkLzEvTmZzVWQ2dENNVUJPNURIcXFjNGlBbUNnUW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jY2FmMzQtM2RlZS00ZmUyLWIyZmMtOGRkNDUzYWI0MjNk
LzEvdWFrSWk3UWdIT1J0anJnOXlmT01lTGp6dmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mqMA0G
CSqGSIb3DQEBCwUAA4IBAQB9J+yx2TOf2zPPZh0Rf6jstO2B5s4TpmA8fGlotLoA
G5XpBOdA6M1Ahmi/ZrfxNAZ6Z4wgap1t5SghjD05IivGdcORSAtPNlsM/yN/sp3M
eBvM3dKAFaMpY3nl6rsA6/AV1ZS0S82cF8GLowfFpyPH8B6ovCfSQHafx8HppW4g
gYC7ww/QX+7K4R6lonYq/uVlThZd7uCyPx5yXEBJ50MX7fBKiE1mxFGRUfyvboA4
usTSea+OcrP7wN+oaEEhoFIypgwSm1/54zZbsVQ+zNAKRdncO8508fgLDPQDJjar
RR/XkmBdJBmNhsvMnxv0XpPPMBbwaSf7MnFtYm2deR5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:28 2024 by rpki-client on console-ams.rpki-client.org