Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/liYqP9G0DH4c6_wG3XeyL_v_NRU.roa
File: liYqP9G0DH4c6_wG3XeyL_v_NRU.roa (raw, json)
Hash identifier: 0FGBFnOWykl6xpRqu6vFBE3e8ZCDHi+I9uO9CpwPtZQ=
Subject key identifier: 96:26:2A:3F:D1:B4:0C:7E:1C:EB:FC:06:DD:77:B2:2F:FB:FF:35:15
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 0187B8A25FA8675622AB451313AB64DC42BF
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/liYqP9G0DH4c6_wG3XeyL_v_NRU.roa
Signing time: Tue 25 Apr 2023 13:37:41 +0000
ROA not before: Tue 25 Apr 2023 13:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
93.187.80.0/21 maxlen: 24
193.201.74.0/23 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
217.65.224.0/20 maxlen: 24
2a01:b8c0::/32 maxlen: 64
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:a2:5f:a8:67:56:22:ab:45:13:13:ab:64:dc:42:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 25 13:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96262a3fd1b40c7e1cebfc06dd77b22ffbff3515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5a:38:1b:3b:6d:24:0e:20:ea:e8:3a:1f:9c:
7b:56:1f:2d:32:8f:c7:2a:f2:fb:7c:69:6d:c5:a3:
2c:d2:dc:cd:dc:7a:bc:84:be:99:11:50:2f:84:5f:
79:42:5c:c6:f8:55:91:dd:02:a8:d9:9d:76:fb:ad:
00:72:1e:0e:32:9d:20:f2:23:37:17:b9:c0:a3:23:
21:da:48:6d:66:99:4c:35:df:13:96:11:1a:72:2e:
35:cc:f4:0e:a4:3f:9e:08:03:8a:6c:d7:9e:31:32:
02:55:3b:7d:b6:34:63:ae:ea:93:22:da:a9:ac:f1:
8c:c6:5a:69:39:8b:7f:ba:e1:1f:d9:78:0f:d9:85:
97:82:40:2a:b5:3a:96:2e:2c:92:48:4c:6e:80:82:
59:16:11:66:12:62:d5:5b:4e:4b:52:0d:85:21:7b:
33:68:59:0e:f4:62:73:12:05:f8:18:26:3c:9d:15:
2d:a3:dd:e9:5f:30:87:00:86:00:2b:b9:45:8d:a9:
fe:fd:63:20:aa:ab:9c:a8:a2:7e:e2:28:14:a1:4f:
f5:a6:5c:65:ea:4a:c2:d8:aa:e6:45:3f:f0:02:63:
eb:01:19:f4:31:56:c3:47:b7:19:79:da:14:4f:9b:
7f:83:d6:5e:a5:a2:46:5d:65:ad:40:85:b4:d9:6a:
6d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:26:2A:3F:D1:B4:0C:7E:1C:EB:FC:06:DD:77:B2:2F:FB:FF:35:15
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/liYqP9G0DH4c6_wG3XeyL_v_NRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
89.233.96.0/21
93.187.80.0/21
185.36.28.0/22
193.169.42.0/23
193.201.74.0/23
217.65.224.0/20
IPv6:
2a01:b8c0::/32
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
04:ab:76:d0:29:54:d6:c7:54:dc:2d:9e:c4:dc:b2:d6:d3:0e:
16:04:a3:d0:2d:fd:64:ef:f7:96:a3:a3:74:17:f2:8f:d2:b5:
61:57:21:ec:48:b6:ac:a7:44:83:3b:12:af:68:08:b1:23:fb:
09:b0:cc:8c:8b:4a:9b:4f:87:9f:01:a6:8a:8d:1e:90:64:94:
b4:89:ce:61:d6:77:b5:46:6a:03:12:de:67:6e:40:49:f6:a4:
09:80:17:8f:d6:ec:f9:4f:17:60:74:64:28:4e:2c:2a:f5:cd:
8a:c3:8d:c3:7d:e1:b3:05:4b:2c:8d:85:01:f2:dc:6f:fe:32:
94:ba:5c:9b:dd:45:28:cc:d9:80:f6:22:67:5c:53:97:d6:8d:
a2:88:78:d1:bb:dc:8e:bd:93:6e:bc:1a:04:c4:38:98:50:44:
4c:7c:cd:85:b9:5e:ea:11:8f:9d:8a:f6:e5:d5:07:60:84:93:
e0:82:cb:bf:ad:10:f1:41:93:68:47:2c:09:3c:b1:61:8a:83:
35:61:da:95:af:f4:86:df:70:0f:0b:cf:58:93:e0:29:4b:22:
ae:69:cf:7c:c7:ab:6e:17:3a:75:ff:5f:c5:58:94:6b:cd:05:
54:c0:2d:11:36:33:e6:bc:dc:94:ad:e0:71:bb:6f:87:82:d5:
f4:ab:7c:55
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYe4ol+oZ1Yiq0UTE6tk3EK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDI1MTMzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjI2MmEzZmQxYjQwYzdlMWNlYmZjMDZkZDc3YjIyZmZiZmYzNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVo4GzttJA4g6ug6H5x7Vh8tMo/H
KvL7fGltxaMs0tzN3Hq8hL6ZEVAvhF95QlzG+FWR3QKo2Z12+60Ach4OMp0g8iM3
F7nAoyMh2khtZplMNd8TlhEaci41zPQOpD+eCAOKbNeeMTICVTt9tjRjruqTItqp
rPGMxlppOYt/uuEf2XgP2YWXgkAqtTqWLiySSExugIJZFhFmEmLVW05LUg2FIXsz
aFkO9GJzEgX4GCY8nRUto93pXzCHAIYAK7lFjan+/WMgqqucqKJ+4igUoU/1plxl
6krC2KrmRT/wAmPrARn0MVbDR7cZedoUT5t/g9ZepaJGXWWtQIW02WptgQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJYmKj/RtAx+HOv8Bt13si/7/zUVMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvbGlZcVA5RzBESDRjNl93RzNYZXlMX3ZfTlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDBeKgAwQD
WelgAwQDXbtQAwQCuSQcAwQBwakqAwQBwclKAwQE2UHgMBQEAgACMA4DBQAqAbjA
AwUAKgNiQDANBgkqhkiG9w0BAQsFAAOCAQEABKt20ClU1sdU3C2exNyy1tMOFgSj
0C39ZO/3lqOjdBfyj9K1YVch7Ei2rKdEgzsSr2gIsSP7CbDMjItKm0+HnwGmio0e
kGSUtInOYdZ3tUZqAxLeZ25ASfakCYAXj9bs+U8XYHRkKE4sKvXNisONw33hswVL
LI2FAfLcb/4ylLpcm91FKMzZgPYiZ1xTl9aNooh40bvcjr2TbrwaBMQ4mFBETHzN
hble6hGPnYr25dUHYIST4ILLv60Q8UGTaEcsCTyxYYqDNWHala/0ht9wDwvPWJPg
KUsirmnPfMerbhc6df9fxViUa80FVMAtETYz5rzclK3gcbtvh4LV9Kt8VQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:43 2023 by rpki-client on console-ams.rpki-client.org