Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/NzBBXcA3GsbebX6_K_E5eKrXX6Q.roa
File: NzBBXcA3GsbebX6_K_E5eKrXX6Q.roa (raw, json)
Hash identifier: dJLiOA4JVKJ+/LbSKPal/8aMugDlFfYi3ldtq57cAS0=
Subject key identifier: 37:30:41:5D:C0:37:1A:C6:DE:6D:7E:BF:2B:F1:39:78:AA:D7:5F:A4
Certificate issuer: /CN=afa474a5ea601c809291ee79bae3918964d0871e
Certificate serial: 0185708CE54B3F76D501E9218283B1500F19
Authority key identifier: AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/NzBBXcA3GsbebX6_K_E5eKrXX6Q.roa
Signing time: Mon 02 Jan 2023 03:35:59 +0000
ROA not before: Mon 02 Jan 2023 03:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39803
IP address blocks: 195.189.138.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e5:4b:3f:76:d5:01:e9:21:82:83:b1:50:0f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa474a5ea601c809291ee79bae3918964d0871e
Validity
Not Before: Jan 2 03:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3730415dc0371ac6de6d7ebf2bf13978aad75fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:18:1c:ea:80:06:cb:73:28:0a:09:2f:6b:e9:
a9:82:6a:51:47:84:df:e4:58:db:b2:1a:94:84:5d:
05:85:b7:17:48:ca:6f:8d:be:34:12:b5:c5:b2:a3:
d5:ba:22:36:34:87:9a:f4:dd:ed:c5:7f:55:10:4f:
7b:48:f5:25:73:4d:ee:b1:b6:01:c9:7f:27:43:d7:
b1:5e:ef:b3:13:82:1f:76:56:b5:76:e3:4b:8d:fc:
70:5d:1a:0c:60:a4:54:63:9c:78:bb:fd:26:c3:4f:
7a:5d:88:f5:36:a1:73:bf:d8:7a:48:ac:33:38:f6:
e8:72:f0:a8:cf:af:e9:a1:ec:f2:40:69:fd:8b:bd:
b1:84:d7:a7:53:c6:55:70:52:11:72:31:5c:4d:e1:
7e:04:d7:4d:c8:db:b5:ee:46:c0:05:82:41:f1:68:
d4:20:4f:17:b3:09:de:82:b5:25:e9:38:5c:d5:94:
3b:98:50:c6:c0:2e:ad:af:ba:23:a1:60:f0:2e:a6:
5c:d1:a1:18:81:95:30:54:53:02:3d:7c:e9:ab:df:
55:24:b6:5f:24:eb:fc:2e:95:6f:e9:57:83:e5:ee:
85:2a:e4:80:f4:7e:2a:d1:65:01:3a:5f:cb:27:9d:
b7:59:73:f1:de:9f:74:3c:f4:4c:be:24:71:b8:32:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:30:41:5D:C0:37:1A:C6:DE:6D:7E:BF:2B:F1:39:78:AA:D7:5F:A4
X509v3 Authority Key Identifier:
keyid:AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/NzBBXcA3GsbebX6_K_E5eKrXX6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/r6R0pepgHICSke55uuORiWTQhx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.138.0/23
Signature Algorithm: sha256WithRSAEncryption
81:ca:62:63:df:4e:0c:fa:88:bd:64:35:4a:4f:87:fe:e6:b2:
b6:1d:47:48:bc:e4:40:f9:ab:e9:a6:05:95:13:d8:4c:8c:28:
25:9b:ad:c0:bf:89:43:88:a8:e9:85:b6:b4:57:12:e6:8d:a2:
5c:68:8d:56:83:b2:6e:cc:b8:50:ee:3c:75:77:f7:6b:2a:86:
5b:eb:5b:58:8b:8b:6a:01:b7:0c:4e:76:bb:23:00:f7:29:18:
1d:6f:fe:a9:ff:6e:3a:c8:54:46:c4:5d:f8:08:fb:f7:7e:a5:
3a:f3:bf:ca:bc:d0:a2:f5:75:23:40:69:66:4e:43:6e:52:d1:
94:98:21:ed:27:62:dd:32:74:e6:a6:3d:86:94:30:02:1b:9b:
44:9c:d0:7b:16:7d:e9:aa:e9:f0:4e:92:53:84:ad:e4:e1:bf:
cd:5c:52:aa:ad:20:02:3d:73:b7:5e:13:a9:d0:33:c0:11:a8:
b9:fc:2c:99:bd:4d:bb:48:25:e0:4d:84:0a:a6:b2:65:f7:db:
23:77:60:9e:a2:81:81:44:9c:0d:e6:5e:e8:b8:00:0d:c2:63:
e6:ed:05:89:96:35:e0:49:54:1d:fa:48:ef:65:4b:a9:fc:e2:
c1:ba:bd:c0:1e:26:b9:3e:b6:8a:95:b1:4c:c9:50:73:35:aa:
d9:29:c9:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOVLP3bVAekhgoOxUA8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTQ3NGE1ZWE2MDFjODA5MjkxZWU3OWJhZTM5MTg5NjRk
MDg3MWUwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzMwNDE1ZGMwMzcxYWM2ZGU2ZDdlYmYyYmYxMzk3OGFhZDc1ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhgc6oAGy3MoCgkva+mpgmpRR4Tf
5FjbshqUhF0FhbcXSMpvjb40ErXFsqPVuiI2NIea9N3txX9VEE97SPUlc03usbYB
yX8nQ9exXu+zE4Ifdla1duNLjfxwXRoMYKRUY5x4u/0mw096XYj1NqFzv9h6SKwz
OPbocvCoz6/poezyQGn9i72xhNenU8ZVcFIRcjFcTeF+BNdNyNu17kbABYJB8WjU
IE8XswnegrUl6Thc1ZQ7mFDGwC6tr7ojoWDwLqZc0aEYgZUwVFMCPXzpq99VJLZf
JOv8LpVv6VeD5e6FKuSA9H4q0WUBOl/LJ523WXPx3p90PPRMviRxuDLIBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcwQV3ANxrG3m1+vyvxOXiq11+kMB8GA1UdIwQY
MBaAFK+kdKXqYByAkpHuebrjkYlk0IceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDIt
MTkzY2M2MWJjZTYxLzEvTnpCQlhjQTNHc2JlYlg2X0tfRTVlS3JYWDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDItMTkzY2M2MWJjZTYx
LzEvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw72KMA0G
CSqGSIb3DQEBCwUAA4IBAQCBymJj304M+oi9ZDVKT4f+5rK2HUdIvORA+avppgWV
E9hMjCglm63Av4lDiKjphba0VxLmjaJcaI1Wg7JuzLhQ7jx1d/drKoZb61tYi4tq
AbcMTna7IwD3KRgdb/6p/246yFRGxF34CPv3fqU687/KvNCi9XUjQGlmTkNuUtGU
mCHtJ2LdMnTmpj2GlDACG5tEnNB7Fn3pqunwTpJThK3k4b/NXFKqrSACPXO3XhOp
0DPAEai5/CyZvU27SCXgTYQKprJl99sjd2CeooGBRJwN5l7ouAANwmPm7QWJljXg
SVQd+kjvZUup/OLBur3AHia5PraKlbFMyVBzNarZKcnS
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:35 2024 by rpki-client on console-fra.rpki-client.org