Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/N3jmw1yU5ykBUxiW8oYv_5NiHcE.roa
File: N3jmw1yU5ykBUxiW8oYv_5NiHcE.roa (raw, json)
Hash identifier: v3H4R9cbYRulE+H2hztQQ4NhSVw+rdTk4G4q0BJMPl4=
Subject key identifier: 37:78:E6:C3:5C:94:E7:29:01:53:18:96:F2:86:2F:FF:93:62:1D:C1
Certificate issuer: /CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Certificate serial: 01893A7197D1E164CA70A5ECABE370E3F518
Authority key identifier: F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/N3jmw1yU5ykBUxiW8oYv_5NiHcE.roa
Signing time: Sun 09 Jul 2023 11:37:50 +0000
ROA not before: Sun 09 Jul 2023 11:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49225
IP address blocks: 195.160.172.0/23 maxlen: 24
195.160.172.0/24 maxlen: 24
195.160.173.0/24 maxlen: 24
2001:678:560::/48 maxlen: 48
2001:678:760::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:71:97:d1:e1:64:ca:70:a5:ec:ab:e3:70:e3:f5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Validity
Not Before: Jul 9 11:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3778e6c35c94e72901531896f2862fff93621dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a7:69:3e:b8:d9:98:a0:f3:1f:a4:16:24:b2:
97:c9:08:e6:f4:6d:bf:93:46:e4:60:bb:22:5c:31:
38:16:ac:a1:29:f9:69:c9:10:6a:ea:3d:d5:53:c5:
74:1a:0e:d4:43:75:17:13:e8:ba:e8:d6:f7:22:2e:
aa:e7:01:f2:57:60:8f:fd:0f:b5:1b:90:2b:25:ce:
be:0a:8b:21:d1:85:ab:02:95:8f:ef:c3:4e:7a:8b:
bd:dd:54:bd:1e:8a:01:5a:53:fe:97:b3:ad:93:2e:
87:45:e2:17:e7:62:9d:c8:e0:d5:11:26:c1:91:fd:
43:fd:97:27:92:16:ce:41:cc:8f:35:2f:cf:8c:8d:
b0:85:46:ba:e4:2f:cc:23:db:89:d4:18:81:f6:85:
0f:8a:de:a6:d9:d6:c9:f5:d6:8d:41:78:a4:6b:fa:
b8:31:46:4b:e6:e6:c0:1a:3f:d2:cf:24:dd:03:3a:
73:67:b9:af:b2:d7:24:79:46:56:2c:3e:64:02:54:
60:6c:1a:ee:5a:55:2b:80:46:e3:c9:28:97:9c:3f:
db:81:b7:7b:40:fb:80:ba:cf:98:5b:29:8f:f1:95:
a7:72:9c:82:45:7f:f3:29:5d:30:78:0a:54:fd:9c:
8b:91:1f:2d:06:37:3c:e5:10:8c:c2:d1:51:11:25:
0c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:78:E6:C3:5C:94:E7:29:01:53:18:96:F2:86:2F:FF:93:62:1D:C1
X509v3 Authority Key Identifier:
keyid:F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/N3jmw1yU5ykBUxiW8oYv_5NiHcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.172.0/23
IPv6:
2001:678:560::/48
2001:678:760::/48
Signature Algorithm: sha256WithRSAEncryption
8f:cc:a7:a7:8f:95:ef:b6:80:9a:0e:ff:a7:f3:27:63:bd:5f:
d9:26:5e:0d:c3:27:0c:28:16:bd:de:10:76:c2:7f:2b:e0:a1:
e5:9c:d0:97:cb:25:ff:dd:4e:21:67:3f:f8:fe:a7:ad:82:96:
6b:d9:14:b3:d3:b3:28:2e:88:b0:da:d6:3d:78:c3:fb:bb:5f:
9a:5b:16:5e:dd:2d:d3:f5:32:a6:ec:28:72:e6:c2:b5:cc:92:
cb:77:af:2e:7b:b5:26:c7:63:6a:c0:54:ad:f3:53:82:45:dc:
5d:61:2f:2e:5e:ed:22:64:71:a6:89:6c:b1:4f:f7:50:9f:40:
3e:7f:8d:89:0b:bd:7b:56:e1:6a:1f:d2:07:c9:c9:de:1c:77:
94:3b:b4:ef:cb:94:5e:04:96:d8:19:03:f3:52:05:f1:93:0c:
d9:1a:2e:72:be:3f:da:96:f4:a1:9b:69:77:52:b8:55:3a:4a:
69:d8:85:d3:92:2a:03:b2:bf:ea:a2:dc:09:bd:e9:1b:e1:76:
3b:65:26:29:8e:02:67:a3:9a:65:ac:ca:cc:c9:b8:7b:0c:8e:
b0:8c:66:97:ce:8f:48:af:e2:82:2c:62:aa:4e:18:70:31:03:
fb:eb:0d:7a:7e:eb:ab:d6:ed:5f:91:e9:66:fb:42:a4:e2:fc:
b6:99:43:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYk6cZfR4WTKcKXsq+Nw4/UYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWM4YzdlMzJiYWY3NzhiOGM0NTFhMmQyNGNjNjgxOTY5
NjRiZmMwHhcNMjMwNzA5MTEzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzc4ZTZjMzVjOTRlNzI5MDE1MzE4OTZmMjg2MmZmZjkzNjIxZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3adpPrjZmKDzH6QWJLKXyQjm9G2/
k0bkYLsiXDE4FqyhKflpyRBq6j3VU8V0Gg7UQ3UXE+i66Nb3Ii6q5wHyV2CP/Q+1
G5ArJc6+Cosh0YWrApWP78NOeou93VS9HooBWlP+l7Otky6HReIX52KdyODVESbB
kf1D/ZcnkhbOQcyPNS/PjI2whUa65C/MI9uJ1BiB9oUPit6m2dbJ9daNQXika/q4
MUZL5ubAGj/SzyTdAzpzZ7mvstckeUZWLD5kAlRgbBruWlUrgEbjySiXnD/bgbd7
QPuAus+YWymP8ZWncpyCRX/zKV0weApU/ZyLkR8tBjc85RCMwtFRESUM1wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDd45sNclOcpAVMYlvKGL/+TYh3BMB8GA1UdIwQY
MBaAFPOsjH4yuvd4uMRRotJMxoGWlkv8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjkt
NDVjNTY4ZjhhMjdjLzEvTjNqbXcxeVU1eWtCVXhpVzhvWXZfNU5pSGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjktNDVjNTY4ZjhhMjdj
LzEvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBw6CsMBgE
AgACMBIDBwAgAQZ4BWADBwAgAQZ4B2AwDQYJKoZIhvcNAQELBQADggEBAI/Mp6eP
le+2gJoO/6fzJ2O9X9kmXg3DJwwoFr3eEHbCfyvgoeWc0JfLJf/dTiFnP/j+p62C
lmvZFLPTsyguiLDa1j14w/u7X5pbFl7dLdP1MqbsKHLmwrXMkst3ry57tSbHY2rA
VK3zU4JF3F1hLy5e7SJkcaaJbLFP91CfQD5/jYkLvXtW4Wof0gfJyd4cd5Q7tO/L
lF4EltgZA/NSBfGTDNkaLnK+P9qW9KGbaXdSuFU6SmnYhdOSKgOyv+qi3Am96Rvh
djtlJimOAmejmmWsyszJuHsMjrCMZpfOj0iv4oIsYqpOGHAxA/vrDXp+66vW7V+R
6Wb7QqTi/LaZQ4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:20 2024 by rpki-client on console-fra.rpki-client.org