Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NnhZM3_LqXfIkVPOnd23jXvzRBc.roa
File: NnhZM3_LqXfIkVPOnd23jXvzRBc.roa (raw, json)
Hash identifier: DRA7+Q3Ax3Xh2EXPBnEazUHUUIyi7s8Z/RgRme8y+Vk=
Subject key identifier: 36:78:59:33:7F:CB:A9:77:C8:91:53:CE:9D:DD:B7:8D:7B:F3:44:17
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01856C9CE2FD1951115B20F11D924F46EA65
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NnhZM3_LqXfIkVPOnd23jXvzRBc.roa
Signing time: Sun 01 Jan 2023 09:14:59 +0000
ROA not before: Sun 01 Jan 2023 09:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39412
IP address blocks: 95.131.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e2:fd:19:51:11:5b:20:f1:1d:92:4f:46:ea:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=367859337fcba977c89153ce9dddb78d7bf34417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c5:6f:ae:2c:11:f3:63:bc:2e:5f:da:8d:16:
78:2b:61:78:71:ba:39:a6:d3:5c:8a:99:37:32:bf:
6a:1e:29:c8:62:c3:26:a0:47:f5:8e:b1:69:73:d4:
5d:38:da:af:93:da:8a:fd:3e:b3:dd:a4:e1:0a:36:
39:6b:d1:55:c7:f3:56:cf:8c:75:0a:18:78:f6:f1:
77:4f:bb:71:1d:31:4f:7a:51:6c:20:1d:6f:64:d3:
2e:82:91:75:ff:fb:e3:ff:a7:ac:aa:91:f8:ed:f6:
4b:c0:da:3a:9b:da:1e:31:50:5f:37:70:62:0d:8c:
2e:b6:dd:ea:8b:6b:24:c7:86:eb:90:13:31:7d:39:
d3:3b:8d:26:51:dd:7a:2f:1a:36:d6:60:7c:6e:23:
ba:44:e0:30:82:ef:35:14:6a:f1:e4:f4:1a:34:35:
59:2e:06:3c:b8:f1:22:2a:d5:05:de:42:d4:ca:d2:
df:e8:c3:e5:f7:b5:db:88:2a:85:26:89:7a:1f:4c:
da:cf:a1:50:50:f9:5b:c5:6c:12:b1:b0:25:7d:7b:
37:8c:30:d2:2b:5c:13:79:8d:37:e3:f4:24:0b:29:
d7:e3:a3:23:88:24:91:98:62:74:28:a0:11:d7:64:
02:63:95:46:56:01:d7:70:2b:ce:b9:97:39:05:45:
fa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:78:59:33:7F:CB:A9:77:C8:91:53:CE:9D:DD:B7:8D:7B:F3:44:17
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NnhZM3_LqXfIkVPOnd23jXvzRBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.39.0/24
Signature Algorithm: sha256WithRSAEncryption
52:02:06:e2:5c:5a:0a:ff:27:5d:c3:1f:ff:99:a0:e0:2e:85:
8a:f0:90:0f:d2:87:88:19:4d:60:24:af:e3:40:f3:34:db:03:
0a:9c:b2:5f:c0:34:a2:8e:9f:29:79:74:84:72:5a:da:57:11:
4c:9a:c3:6d:59:92:e2:4c:28:4c:68:b4:91:9c:b7:02:35:bf:
2f:e9:df:ec:4e:22:d5:e3:52:40:ce:02:46:96:d6:73:03:5c:
42:bd:75:9b:26:1c:a9:86:68:a8:b0:55:74:dc:f0:a3:5a:79:
11:b8:34:2a:4b:da:24:8f:f8:69:53:90:02:76:ae:c8:e4:7e:
2c:b9:c5:c2:83:b7:e6:57:cc:b4:9a:3b:40:fe:d6:6f:73:e2:
e7:6b:f6:74:70:ec:3e:f5:d4:4e:c3:75:38:c7:f6:21:14:c8:
01:bd:69:4b:8d:6c:68:8f:71:5c:be:bc:d7:fc:3e:16:2e:29:
46:d2:54:20:ce:4b:a9:cc:70:d8:ce:4a:69:36:41:2c:ea:cc:
a2:ed:12:00:5b:10:f0:62:ef:db:1b:26:4d:3e:53:11:88:ce:
fe:5e:fc:e8:d7:28:c2:96:aa:47:12:2c:6d:8b:0e:7e:53:ff:
d4:5a:fb:65:05:83:ff:b1:90:89:b0:13:d1:29:19:21:98:49:
d6:9d:f0:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnOL9GVERWyDxHZJPRuplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjMwMTAxMDkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc4NTkzMzdmY2JhOTc3Yzg5MTUzY2U5ZGRkYjc4ZDdiZjM0NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsVvriwR82O8Ll/ajRZ4K2F4cbo5
ptNcipk3Mr9qHinIYsMmoEf1jrFpc9RdONqvk9qK/T6z3aThCjY5a9FVx/NWz4x1
Chh49vF3T7txHTFPelFsIB1vZNMugpF1//vj/6esqpH47fZLwNo6m9oeMVBfN3Bi
DYwutt3qi2skx4brkBMxfTnTO40mUd16Lxo21mB8biO6ROAwgu81FGrx5PQaNDVZ
LgY8uPEiKtUF3kLUytLf6MPl97XbiCqFJol6H0zaz6FQUPlbxWwSsbAlfXs3jDDS
K1wTeY034/QkCynX46MjiCSRmGJ0KKAR12QCY5VGVgHXcCvOuZc5BUX6DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZ4WTN/y6l3yJFTzp3dt41780QXMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvTm5oWk0zX0xxWGZJa1ZQT25kMjNqWHZ6UkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4MnMA0G
CSqGSIb3DQEBCwUAA4IBAQBSAgbiXFoK/yddwx//maDgLoWK8JAP0oeIGU1gJK/j
QPM02wMKnLJfwDSijp8peXSEclraVxFMmsNtWZLiTChMaLSRnLcCNb8v6d/sTiLV
41JAzgJGltZzA1xCvXWbJhyphmiosFV03PCjWnkRuDQqS9okj/hpU5ACdq7I5H4s
ucXCg7fmV8y0mjtA/tZvc+Lna/Z0cOw+9dROw3U4x/YhFMgBvWlLjWxoj3FcvrzX
/D4WLilG0lQgzkupzHDYzkppNkEs6syi7RIAWxDwYu/bGyZNPlMRiM7+Xvzo1yjC
lqpHEixtiw5+U//UWvtlBYP/sZCJsBPRKRkhmEnWnfDC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org