Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/NK69KgWQyG8evgc5CUTWvuYuyW8.roa
File: NK69KgWQyG8evgc5CUTWvuYuyW8.roa (raw, json)
Hash identifier: 0+/2+EJEAjvuCTNZye1oZccQ2qF9CCu1vxPD0+dPgVw=
Subject key identifier: 34:AE:BD:2A:05:90:C8:6F:1E:BE:07:39:09:44:D6:BE:E6:2E:C9:6F
Certificate issuer: /CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Certificate serial: 018C5D7F8220B68D29FA6334FE92B06861C6
Authority key identifier: 9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/NK69KgWQyG8evgc5CUTWvuYuyW8.roa
Signing time: Tue 12 Dec 2023 10:08:06 +0000
ROA not before: Tue 12 Dec 2023 10:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35067
IP address blocks: 195.16.76.0/24 maxlen: 24
195.16.76.0/22 maxlen: 22
195.16.77.0/24 maxlen: 24
195.16.78.0/24 maxlen: 24
195.16.79.0/24 maxlen: 24
2001:678:5f0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:7f:82:20:b6:8d:29:fa:63:34:fe:92:b0:68:61:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Validity
Not Before: Dec 12 10:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34aebd2a0590c86f1ebe07390944d6bee62ec96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8c:fa:51:05:d2:ee:45:2d:ac:a2:85:3b:bd:
eb:7f:fb:66:bf:a6:f0:e5:73:93:aa:56:d3:0c:17:
ce:44:09:76:61:17:e9:ec:ed:0c:6a:fd:01:6a:d5:
34:c0:e3:0c:71:3e:a3:5b:63:bc:63:1c:79:84:1e:
ab:6b:49:00:98:7d:9c:21:16:e0:80:c7:9a:bd:d5:
31:e4:4d:72:2b:a7:99:b3:e6:8f:5a:33:9b:d5:20:
91:e8:7f:79:c8:0b:b9:56:ed:71:1f:23:ec:50:27:
d1:4d:83:c4:a9:20:06:fe:0d:d0:ac:23:30:ba:01:
ac:1d:60:47:f4:ad:d0:7b:a6:85:52:65:93:2f:68:
4f:65:8e:a5:bd:de:91:7b:76:44:4d:d7:7d:1d:cb:
d3:d5:33:ec:52:6e:8b:38:03:7f:53:26:04:9a:4b:
f8:37:11:02:ed:fc:de:be:43:5e:5f:1d:f5:f7:1d:
6f:c7:55:44:42:c4:bd:04:6d:ea:90:e3:b2:f0:96:
49:4e:8b:fd:f2:0a:2b:20:56:49:67:32:f4:a3:f6:
61:bd:59:77:bd:ba:cb:4d:f6:e4:6a:34:4e:a6:99:
95:c3:a4:99:ec:4b:1e:18:27:16:e7:3c:f7:5f:6f:
38:5e:2d:ff:7c:e1:10:20:5d:98:12:d7:78:56:d6:
ae:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AE:BD:2A:05:90:C8:6F:1E:BE:07:39:09:44:D6:BE:E6:2E:C9:6F
X509v3 Authority Key Identifier:
keyid:9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/NK69KgWQyG8evgc5CUTWvuYuyW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.76.0/22
IPv6:
2001:678:5f0::/48
Signature Algorithm: sha256WithRSAEncryption
82:12:29:d0:26:a5:92:84:66:a0:b9:d9:5f:10:d3:26:ec:58:
d0:8a:14:67:cf:e7:88:d9:7f:5c:b7:c0:83:b4:58:9d:83:08:
39:f4:d1:e0:b1:f1:b4:f4:a3:1f:10:4a:90:af:77:69:bd:3c:
91:ed:e2:09:93:d3:b6:ad:91:b8:af:dc:ec:71:4d:0e:5b:98:
1b:22:57:18:a5:54:4f:76:e4:00:2d:1e:fe:7b:88:16:c3:44:
fd:54:6e:84:98:fe:34:e9:23:e7:ac:d2:c8:a0:ab:76:41:9d:
33:cf:2a:48:a8:cc:3c:50:cc:e1:f8:7f:10:b8:b3:72:65:99:
0b:62:3d:f4:f4:63:af:a0:61:89:5a:78:e2:25:ab:67:4a:2a:
58:95:22:e4:72:48:ea:21:69:1f:d8:99:8f:4e:83:e6:b9:f1:
dc:8b:d5:01:e0:c4:60:bb:b6:2a:60:eb:bf:2e:7c:24:a6:8d:
cd:48:b6:90:08:3e:96:87:7c:ca:c5:7a:31:68:e7:ee:0e:b7:
ae:92:4b:fd:e4:76:4a:27:45:e7:f1:65:ed:7c:95:b9:96:93:
e5:12:c0:8c:95:ad:0e:6f:f7:33:32:7e:3f:53:0e:f9:05:ce:
64:ca:8b:84:8d:e8:37:e0:9a:c3:79:3f:d0:34:ea:c8:5c:94:
f0:3f:b1:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxdf4Igto0p+mM0/pKwaGHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNGIzMDg2NjE0ZjQ3ODM4YTNlODBhM2U2ZTA1MWQzZDhh
NjkyZjkwHhcNMjMxMjEyMTAwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFlYmQyYTA1OTBjODZmMWViZTA3MzkwOTQ0ZDZiZWU2MmVjOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYz6UQXS7kUtrKKFO73rf/tmv6bw
5XOTqlbTDBfORAl2YRfp7O0Mav0BatU0wOMMcT6jW2O8Yxx5hB6ra0kAmH2cIRbg
gMeavdUx5E1yK6eZs+aPWjOb1SCR6H95yAu5Vu1xHyPsUCfRTYPEqSAG/g3QrCMw
ugGsHWBH9K3Qe6aFUmWTL2hPZY6lvd6Re3ZETdd9HcvT1TPsUm6LOAN/UyYEmkv4
NxEC7fzevkNeXx319x1vx1VEQsS9BG3qkOOy8JZJTov98gorIFZJZzL0o/ZhvVl3
vbrLTfbkajROppmVw6SZ7EseGCcW5zz3X284Xi3/fOEQIF2YEtd4VtauHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDSuvSoFkMhvHr4HOQlE1r7mLslvMB8GA1UdIwQY
MBaAFJxLMIZhT0eDij6Ao+bgUdPYppL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2Et
ODRlZjljYWJiOWI2LzEvTks2OUtnV1F5RzhldmdjNUNVVFd2dVl1eVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2EtODRlZjljYWJiOWI2
LzEvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwxBMMA8E
AgACMAkDBwAgAQZ4BfAwDQYJKoZIhvcNAQELBQADggEBAIISKdAmpZKEZqC52V8Q
0ybsWNCKFGfP54jZf1y3wIO0WJ2DCDn00eCx8bT0ox8QSpCvd2m9PJHt4gmT07at
kbiv3OxxTQ5bmBsiVxilVE925AAtHv57iBbDRP1UboSY/jTpI+es0sigq3ZBnTPP
KkiozDxQzOH4fxC4s3JlmQtiPfT0Y6+gYYlaeOIlq2dKKliVIuRySOohaR/YmY9O
g+a58dyL1QHgxGC7tipg678ufCSmjc1ItpAIPpaHfMrFejFo5+4Ot66SS/3kdkon
RefxZe18lbmWk+USwIyVrQ5v9zMyfj9TDvkFzmTKi4SN6DfgmsN5P9A06shclPA/
sX4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:42 2024 by rpki-client on console-fra.rpki-client.org