Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nxaZeKXp5jj_evBEXQ5HJG9hN5Y.roa
File: nxaZeKXp5jj_evBEXQ5HJG9hN5Y.roa (raw, json)
Hash identifier: PgEwHKEUOa10Dag5cGydLqV2MobVU57RhqKp/IDZMPw=
Subject key identifier: 9F:16:99:78:A5:E9:E6:38:FF:7A:F0:44:5D:0E:47:24:6F:61:37:96
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018C5A04B15DE0E0FFD28C3699F427DA0CA8
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nxaZeKXp5jj_evBEXQ5HJG9hN5Y.roa
Signing time: Mon 11 Dec 2023 17:55:06 +0000
ROA not before: Mon 11 Dec 2023 17:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 171.22.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 23:40:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:04:b1:5d:e0:e0:ff:d2:8c:36:99:f4:27:da:0c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 11 17:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f169978a5e9e638ff7af0445d0e47246f613796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:8f:46:59:70:0e:b3:67:09:2e:12:e0:3b:
22:f4:04:db:11:b5:7f:07:68:8f:12:0b:cd:00:f8:
ad:3a:c0:96:25:44:9a:0c:e5:92:c5:33:b8:8f:4b:
87:cb:22:e6:12:ae:41:9e:c9:e3:27:74:4d:8c:de:
96:b8:88:2a:5b:85:87:5b:ec:7d:1a:24:9d:38:7b:
bc:b8:d7:a7:2c:47:56:67:39:d0:93:ad:75:d5:81:
ba:6f:ae:69:4c:ef:7a:98:68:61:96:b9:ed:b4:33:
97:b1:22:35:60:34:8a:71:d0:4f:2f:14:58:8a:07:
8b:b4:77:0b:24:bc:fe:d2:a2:e9:05:a4:4e:93:ce:
c0:f4:a7:c6:3a:41:54:cb:4d:aa:db:15:14:51:7f:
2d:39:c7:51:ef:06:a2:9f:44:50:ee:c6:6a:fa:cb:
88:44:86:f7:b2:3a:6c:82:d8:8d:45:5d:18:72:2b:
ef:9f:b7:73:76:d6:f0:4b:23:a7:69:22:66:10:f8:
77:ab:8f:d5:28:1f:6e:d0:35:0e:f5:2d:65:90:bc:
82:10:0c:e0:dd:dd:ab:e4:2a:13:3e:1f:93:16:cd:
94:f0:df:87:aa:8e:e7:24:e8:85:0f:e5:7a:be:1e:
c5:da:12:32:1e:26:01:04:f0:54:0d:73:3d:d3:aa:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:16:99:78:A5:E9:E6:38:FF:7A:F0:44:5D:0E:47:24:6F:61:37:96
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/nxaZeKXp5jj_evBEXQ5HJG9hN5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:67:e1:53:3a:58:3d:c4:b3:af:e2:49:7a:6d:50:df:7e:04:
98:df:26:39:23:ec:84:4d:ff:7c:28:36:b7:88:3c:6a:9d:f6:
01:e9:21:f5:c8:c1:ca:2a:7b:2d:40:1f:f5:81:61:a7:0b:df:
60:e1:5f:2a:74:88:fe:99:bf:3c:b4:0c:d3:be:6c:d0:47:35:
3b:67:21:53:bc:4e:68:f1:e9:02:6a:0e:78:83:8e:d1:47:1b:
75:bb:5b:84:a2:e2:38:fa:a2:de:ba:8f:55:60:dc:3f:4c:0c:
dc:28:f3:34:f1:10:b2:5d:26:78:58:24:e0:6a:6c:83:b8:78:
ee:9c:3d:f1:ae:14:6f:f7:ad:d1:7b:76:7d:8e:82:3b:12:46:
54:40:f2:4e:df:32:7c:53:63:bf:da:1e:4a:c1:72:65:2b:b5:
20:68:40:ed:56:82:22:c8:00:4e:ee:06:ef:50:c1:c6:c7:11:
b3:8a:fd:95:0d:1d:c3:91:55:f6:af:5f:84:c6:3a:f6:4f:4a:
1c:4d:66:25:5d:b2:44:bd:63:2b:ca:3f:a7:8e:8b:3b:ee:ed:
34:a0:50:0b:05:4b:5b:75:74:76:33:58:22:b0:48:5c:ad:0d:
d3:50:bf:9f:78:7b:15:02:5c:1b:92:12:fd:0c:2b:10:6b:c2:
3a:ab:31:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxaBLFd4OD/0ow2mfQn2gyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMxMjExMTc1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE2OTk3OGE1ZTllNjM4ZmY3YWYwNDQ1ZDBlNDcyNDZmNjEzNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRePRllwDrNnCS4S4Dsi9ATbEbV/
B2iPEgvNAPitOsCWJUSaDOWSxTO4j0uHyyLmEq5BnsnjJ3RNjN6WuIgqW4WHW+x9
GiSdOHu8uNenLEdWZznQk6111YG6b65pTO96mGhhlrnttDOXsSI1YDSKcdBPLxRY
igeLtHcLJLz+0qLpBaROk87A9KfGOkFUy02q2xUUUX8tOcdR7wain0RQ7sZq+suI
RIb3sjpsgtiNRV0Ycivvn7dzdtbwSyOnaSJmEPh3q4/VKB9u0DUO9S1lkLyCEAzg
3d2r5CoTPh+TFs2U8N+Hqo7nJOiFD+V6vh7F2hIyHiYBBPBUDXM906q4TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8WmXil6eY4/3rwRF0ORyRvYTeWMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvbnhhWmVLWHA1ampfZXZCRVhRNUhKRzloTjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaTMA0G
CSqGSIb3DQEBCwUAA4IBAQA7Z+FTOlg9xLOv4kl6bVDffgSY3yY5I+yETf98KDa3
iDxqnfYB6SH1yMHKKnstQB/1gWGnC99g4V8qdIj+mb88tAzTvmzQRzU7ZyFTvE5o
8ekCag54g47RRxt1u1uEouI4+qLeuo9VYNw/TAzcKPM08RCyXSZ4WCTgamyDuHju
nD3xrhRv963Re3Z9joI7EkZUQPJO3zJ8U2O/2h5KwXJlK7UgaEDtVoIiyABO7gbv
UMHGxxGziv2VDR3DkVX2r1+Exjr2T0ocTWYlXbJEvWMryj+njos77u00oFALBUtb
dXR2M1gisEhcrQ3TUL+feHsVAlwbkhL9DCsQa8I6qzGm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org