Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/nIoEjhDixAF5zbBsuAUo5_aqJNw.roa
File: nIoEjhDixAF5zbBsuAUo5_aqJNw.roa (raw, json)
Hash identifier: 9Hv3dZdHIUKqu51J0Z5/YXGs1ASTCDPwn5KO5PAP4JY=
Subject key identifier: 9C:8A:04:8E:10:E2:C4:01:79:CD:B0:6C:B8:05:28:E7:F6:AA:24:DC
Certificate issuer: /CN=d09363cfebbbf92a51e428533d3e8ad412aa3374
Certificate serial: 018570E75A047202785E531AF313312EEA1F
Authority key identifier: D0:93:63:CF:EB:BB:F9:2A:51:E4:28:53:3D:3E:8A:D4:12:AA:33:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/nIoEjhDixAF5zbBsuAUo5_aqJNw.roa
Signing time: Mon 02 Jan 2023 05:14:48 +0000
ROA not before: Mon 02 Jan 2023 05:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12779
IP address blocks: 195.238.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:5a:04:72:02:78:5e:53:1a:f3:13:31:2e:ea:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09363cfebbbf92a51e428533d3e8ad412aa3374
Validity
Not Before: Jan 2 05:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c8a048e10e2c40179cdb06cb80528e7f6aa24dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6a:34:58:2c:ec:fb:fd:ba:58:11:e8:a5:ff:
ad:32:55:c1:db:c3:fd:91:37:05:5c:de:56:37:28:
6f:83:05:af:ac:a0:5c:79:28:12:5b:8b:8e:8a:56:
77:55:8f:54:ff:49:51:0d:d4:19:16:a2:77:90:6e:
b6:50:28:5c:0a:ad:83:49:f7:12:3c:d4:e0:60:92:
1c:14:6c:58:08:29:e2:70:3e:55:c8:39:0b:96:36:
1a:d6:1c:eb:0c:fc:9b:08:ad:d9:63:6f:79:dd:52:
fe:5a:d7:7a:91:85:63:81:4c:5d:a8:fe:f4:05:30:
cc:29:90:03:d2:30:21:3b:05:9d:b3:7d:2e:48:58:
17:ab:d2:9a:7c:ec:ea:9f:e7:43:95:42:52:49:eb:
ce:a1:7f:81:38:1b:b7:aa:f7:06:ac:a2:24:e3:9f:
62:1e:e1:a9:38:7a:5a:5e:a1:77:26:72:1d:f3:49:
94:9d:e1:b6:31:73:33:af:05:90:f3:67:bb:8e:57:
2c:4a:1f:d9:b0:22:c6:c5:f9:a5:53:c1:7d:d1:0d:
4c:dc:8e:31:8e:6f:66:31:bf:ad:6a:6b:f2:64:45:
fc:49:4b:be:23:0b:09:ed:ed:ed:31:c5:09:20:d6:
b0:9b:ac:5e:ca:d2:4d:44:06:16:57:fc:bd:d6:be:
01:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8A:04:8E:10:E2:C4:01:79:CD:B0:6C:B8:05:28:E7:F6:AA:24:DC
X509v3 Authority Key Identifier:
keyid:D0:93:63:CF:EB:BB:F9:2A:51:E4:28:53:3D:3E:8A:D4:12:AA:33:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/nIoEjhDixAF5zbBsuAUo5_aqJNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.235.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:97:01:8b:b8:23:21:a8:7f:18:96:83:eb:da:8f:ba:69:b7:
84:a6:b4:75:30:1e:a1:c3:6d:34:40:f1:72:cc:09:69:e5:02:
0c:f1:50:91:05:81:3a:55:92:09:3b:b3:ee:3d:d2:93:c3:f0:
93:01:f3:58:87:61:d1:d8:87:6e:67:b5:e0:a2:1b:7c:46:f5:
6f:fc:37:3a:a6:56:e8:b8:70:30:b6:d4:37:b2:d8:76:72:56:
20:57:43:1d:e7:12:e9:a4:b1:43:4b:30:10:b0:51:cc:0b:0a:
b0:6d:9e:82:2f:14:0e:60:47:b5:67:3e:1c:7e:17:7a:97:8c:
58:b8:98:12:81:50:c1:9c:36:9d:6c:04:84:a0:88:07:52:e2:
c8:fd:09:44:49:00:fe:0d:b8:d0:49:e1:e8:4d:94:0b:24:19:
68:70:c7:a3:e1:8e:f7:23:b8:33:5c:84:72:0f:8e:f0:b9:69:
9d:ec:78:a1:58:d7:8b:29:be:72:3a:17:a8:12:77:14:92:f6:
c2:5c:3e:59:9a:e7:ae:b2:08:77:96:66:e1:b0:35:a4:b9:82:
9f:71:55:58:79:f1:20:98:81:cd:c2:11:77:97:18:55:ea:41:
ae:47:0a:68:d1:08:e8:0f:74:f2:4c:7e:d5:91:b7:02:b5:c9:
ca:64:28:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51oEcgJ4XlMa8xMxLuofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOTM2M2NmZWJiYmY5MmE1MWU0Mjg1MzNkM2U4YWQ0MTJh
YTMzNzQwHhcNMjMwMTAyMDUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhhMDQ4ZTEwZTJjNDAxNzljZGIwNmNiODA1MjhlN2Y2YWEyNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2o0WCzs+/26WBHopf+tMlXB28P9
kTcFXN5WNyhvgwWvrKBceSgSW4uOilZ3VY9U/0lRDdQZFqJ3kG62UChcCq2DSfcS
PNTgYJIcFGxYCCnicD5VyDkLljYa1hzrDPybCK3ZY2953VL+Wtd6kYVjgUxdqP70
BTDMKZAD0jAhOwWds30uSFgXq9KafOzqn+dDlUJSSevOoX+BOBu3qvcGrKIk459i
HuGpOHpaXqF3JnId80mUneG2MXMzrwWQ82e7jlcsSh/ZsCLGxfmlU8F90Q1M3I4x
jm9mMb+tamvyZEX8SUu+IwsJ7e3tMcUJINawm6xeytJNRAYWV/y91r4BlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyKBI4Q4sQBec2wbLgFKOf2qiTcMB8GA1UdIwQY
MBaAFNCTY8/ru/kqUeQoUz0+itQSqjN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpOanotdTctU3BSNUNoVFBUNksxQktxTTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wODE2NGEtODgyMS00N2MxLWJkNDgt
NWY5ZTQ4MmYxYmY0LzEvbklvRWpoRGl4QUY1emJCc3VBVW81X2FxSk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wODE2NGEtODgyMS00N2MxLWJkNDgtNWY5ZTQ4MmYxYmY0
LzEvMEpOanotdTctU3BSNUNoVFBUNksxQktxTTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+7rMA0G
CSqGSIb3DQEBCwUAA4IBAQAslwGLuCMhqH8YloPr2o+6abeEprR1MB6hw200QPFy
zAlp5QIM8VCRBYE6VZIJO7PuPdKTw/CTAfNYh2HR2IduZ7Xgoht8RvVv/Dc6plbo
uHAwttQ3sth2clYgV0Md5xLppLFDSzAQsFHMCwqwbZ6CLxQOYEe1Zz4cfhd6l4xY
uJgSgVDBnDadbASEoIgHUuLI/QlESQD+DbjQSeHoTZQLJBlocMej4Y73I7gzXIRy
D47wuWmd7HihWNeLKb5yOheoEncUkvbCXD5Zmueusgh3lmbhsDWkuYKfcVVYefEg
mIHNwhF3lxhV6kGuRwpo0QjoD3TyTH7VkbcCtcnKZCik
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:24 2024 by rpki-client on console-ams.rpki-client.org