Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nV95qybIgkaxbjZg3TtzfFoqVXA.roa
File: nV95qybIgkaxbjZg3TtzfFoqVXA.roa (raw, json)
Hash identifier: gmjoDqhNJfNAHdZx3gtN8jSTQsHB0B7nRFuPHQgTKoI=
Subject key identifier: 9D:5F:79:AB:26:C8:82:46:B1:6E:36:60:DD:3B:73:7C:5A:2A:55:70
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DD5BF5FAD37C3B01E5E6DE2165F54
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nV95qybIgkaxbjZg3TtzfFoqVXA.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211709
IP address blocks: 213.14.231.0/24 maxlen: 24
213.14.233.0/24 maxlen: 24
213.14.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 08:07:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d5:bf:5f:ad:37:c3:b0:1e:5e:6d:e2:16:5f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d5f79ab26c88246b16e3660dd3b737c5a2a5570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:68:9f:19:e0:01:ed:77:45:b7:95:05:2e:5a:
2b:1c:b1:94:61:56:1d:91:ed:d0:4a:34:08:55:f5:
1c:a0:d3:3e:24:24:fd:a9:59:70:46:79:f5:bf:95:
91:42:78:3d:f8:e1:cc:68:5c:3f:ad:4d:d8:3e:d6:
ba:3a:c8:fa:bd:af:c3:e7:cf:09:a0:92:8b:7d:a8:
b7:4b:66:cd:da:01:af:3c:ed:0e:22:aa:1f:0e:7b:
fc:88:56:e9:c8:4b:66:2b:6f:61:ef:f7:c6:73:db:
42:68:fe:35:db:61:3b:03:b6:b8:9e:a5:50:80:78:
84:5c:0c:21:f0:ab:ac:68:66:2b:ca:0e:ab:db:b2:
9e:bf:0a:6c:43:79:63:c8:0a:6a:f9:8e:2f:16:54:
be:2b:c3:86:ad:3d:5d:d0:fd:82:c8:c4:51:f0:97:
c6:d2:d4:de:61:13:19:3e:12:f6:93:66:b6:f4:88:
53:ca:22:f0:92:38:f3:d9:df:39:84:35:b1:93:7c:
99:6f:69:fa:50:38:04:f3:b7:b0:e8:44:ab:c1:0b:
0c:ad:4a:3d:27:f1:4f:49:9e:0c:01:26:cf:b2:9b:
53:bc:ea:e1:ef:f7:27:9b:49:82:d5:1e:84:5c:54:
af:b4:5a:1f:cf:95:ac:af:5d:5c:83:4e:0f:e7:88:
da:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5F:79:AB:26:C8:82:46:B1:6E:36:60:DD:3B:73:7C:5A:2A:55:70
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/nV95qybIgkaxbjZg3TtzfFoqVXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.14.231.0/24
213.14.233.0-213.14.234.255
Signature Algorithm: sha256WithRSAEncryption
64:e7:9a:3c:d1:4a:ca:52:97:44:62:25:8e:2f:d0:d4:4b:fb:
68:df:c2:1a:1e:e9:a9:1e:a9:ad:03:a7:c8:fb:82:4d:df:da:
f4:aa:1f:29:e9:c2:8a:4f:c7:73:ac:73:33:84:c3:24:54:24:
81:60:03:a0:bc:6c:bc:ac:e7:2b:22:e7:ef:8e:d7:dc:8f:c8:
76:7a:e5:cf:38:91:25:bf:f9:34:96:6d:5c:6f:a8:54:dd:4c:
5a:91:17:ce:23:6a:2b:1b:50:b4:df:8e:47:12:70:93:97:4e:
db:b8:89:45:32:42:9a:27:21:e0:bc:5d:e7:d5:09:bf:44:b1:
02:aa:e7:9b:cb:c2:e1:da:d3:90:3e:d1:e9:d8:3d:88:e1:0c:
9e:91:11:25:d5:43:2f:f2:b6:58:3f:35:89:5c:6b:29:be:dd:
55:3f:df:b2:d4:f9:ee:31:d3:3f:7f:06:ae:fe:e4:dc:5c:af:
ae:07:39:77:47:4b:5d:a5:9f:7a:0e:50:39:fc:c7:8f:5f:a2:
0d:e4:54:88:70:3e:e9:9f:c8:76:67:ac:19:c1:36:40:fe:ff:
1e:7b:a7:32:be:e8:15:df:14:31:fc:48:3c:8f:66:16:b3:6a:
73:dd:fa:6e:c3:6c:6f:8c:f1:9e:36:5b:79:73:78:46:65:4c:
37:79:f0:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvndW/X603w7AeXm3iFl9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDVmNzlhYjI2Yzg4MjQ2YjE2ZTM2NjBkZDNiNzM3YzVhMmE1NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GifGeAB7XdFt5UFLlorHLGUYVYd
ke3QSjQIVfUcoNM+JCT9qVlwRnn1v5WRQng9+OHMaFw/rU3YPta6Osj6va/D588J
oJKLfai3S2bN2gGvPO0OIqofDnv8iFbpyEtmK29h7/fGc9tCaP4122E7A7a4nqVQ
gHiEXAwh8KusaGYryg6r27KevwpsQ3ljyApq+Y4vFlS+K8OGrT1d0P2CyMRR8JfG
0tTeYRMZPhL2k2a29IhTyiLwkjjz2d85hDWxk3yZb2n6UDgE87ew6ESrwQsMrUo9
J/FPSZ4MASbPsptTvOrh7/cnm0mC1R6EXFSvtFofz5Wsr11cg04P54jarQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ1feasmyIJGsW42YN07c3xaKlVwMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvblY5NXF5Yklna2F4YmpaZzNUdHpmRm9xVlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1Q7nMAwD
BADVDukDBADVDuowDQYJKoZIhvcNAQELBQADggEBAGTnmjzRSspSl0RiJY4v0NRL
+2jfwhoe6akeqa0Dp8j7gk3f2vSqHynpwopPx3OsczOEwyRUJIFgA6C8bLys5ysi
5++O19yPyHZ65c84kSW/+TSWbVxvqFTdTFqRF84jaisbULTfjkcScJOXTtu4iUUy
QponIeC8XefVCb9EsQKq55vLwuHa05A+0enYPYjhDJ6RESXVQy/ytlg/NYlcaym+
3VU/37LU+e4x0z9/Bq7+5Nxcr64HOXdHS12ln3oOUDn8x49fog3kVIhwPumfyHZn
rBnBNkD+/x57pzK+6BXfFDH8SDyPZhazanPd+m7DbG+M8Z42W3lzeEZlTDd58Ec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org