Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/30b2aa-2467-4a62-b123-23fffae2cfc5/1/NC065oFbVYvenSTxMJ4Wuc-6FcM.roa
File: NC065oFbVYvenSTxMJ4Wuc-6FcM.roa (raw, json)
Hash identifier: NUkm8DSGZhdCIHSG2EIyb3lgmHDYv8h679qaBgWRI2s=
Subject key identifier: 34:2D:3A:E6:81:5B:55:8B:DE:9D:24:F1:30:9E:16:B9:CF:BA:15:C3
Certificate issuer: /CN=7dbccd4a9b22e2995f6fca554cfd494e421e565e
Certificate serial: 0185728370F10D4C945018ACB9235E349B44
Authority key identifier: 7D:BC:CD:4A:9B:22:E2:99:5F:6F:CA:55:4C:FD:49:4E:42:1E:56:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fbzNSpsi4plfb8pVTP1JTkIeVl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/30b2aa-2467-4a62-b123-23fffae2cfc5/1/NC065oFbVYvenSTxMJ4Wuc-6FcM.roa
Signing time: Mon 02 Jan 2023 12:44:54 +0000
ROA not before: Mon 02 Jan 2023 12:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 195.96.156.0/24 maxlen: 24
2a12:e00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:70:f1:0d:4c:94:50:18:ac:b9:23:5e:34:9b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dbccd4a9b22e2995f6fca554cfd494e421e565e
Validity
Not Before: Jan 2 12:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=342d3ae6815b558bde9d24f1309e16b9cfba15c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ae:4a:ef:4b:05:6c:69:0d:bc:0f:04:53:fa:
52:e3:b5:e5:20:d1:c1:db:fb:b4:a2:3e:21:a1:42:
15:fa:94:71:40:3a:27:99:2b:4b:fa:13:ed:97:9a:
b1:38:80:e2:3c:45:55:1d:ae:ad:bf:87:8b:b7:07:
5a:b8:b0:60:87:b6:b0:c4:a6:c3:86:2c:0f:83:92:
f6:aa:de:a7:d6:19:94:ef:74:89:1e:e3:52:16:5f:
46:2c:bb:91:bf:7f:2a:96:f3:63:1b:cd:5a:46:5b:
6d:28:69:58:db:41:5b:5d:b0:aa:aa:70:ab:89:7d:
77:41:d6:63:65:0c:81:17:9f:93:f4:13:1e:5c:9d:
9c:15:f8:30:0a:0f:6c:c8:0c:f0:19:25:df:96:f9:
26:85:16:0c:47:55:87:f4:d6:61:0a:d4:bf:51:12:
de:23:21:92:24:19:1a:f4:bc:f2:8b:3b:3e:6d:eb:
c4:d4:dc:ec:e2:81:8c:94:34:99:3f:a3:1e:27:dc:
30:85:b6:09:2b:fe:ac:64:52:23:f9:83:31:ff:5d:
21:cb:70:fd:9e:e5:ab:08:02:1b:6b:32:fd:2d:2c:
cc:af:be:0c:51:79:d7:b1:8b:b5:b9:06:80:53:3e:
a2:79:13:ed:e7:6d:a2:f3:b2:53:01:b5:1e:c0:cc:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2D:3A:E6:81:5B:55:8B:DE:9D:24:F1:30:9E:16:B9:CF:BA:15:C3
X509v3 Authority Key Identifier:
keyid:7D:BC:CD:4A:9B:22:E2:99:5F:6F:CA:55:4C:FD:49:4E:42:1E:56:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fbzNSpsi4plfb8pVTP1JTkIeVl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30b2aa-2467-4a62-b123-23fffae2cfc5/1/NC065oFbVYvenSTxMJ4Wuc-6FcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30b2aa-2467-4a62-b123-23fffae2cfc5/1/fbzNSpsi4plfb8pVTP1JTkIeVl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.156.0/24
IPv6:
2a12:e00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:72:d8:55:fe:19:39:4a:b0:b9:74:d3:60:1f:eb:24:4b:f5:
f3:23:91:5f:9b:5b:09:37:a8:e0:6c:c6:a2:cf:d2:1f:ca:e0:
54:03:9b:d6:cd:cd:45:c7:ee:37:89:82:03:cd:20:f3:78:90:
7a:bb:8c:17:9d:36:71:20:7f:48:83:9f:b9:54:d8:61:23:fd:
62:9b:01:31:2f:29:12:8c:76:64:1d:e8:eb:5c:60:33:57:07:
c2:f7:f6:b1:da:4a:14:07:63:3b:0d:7a:13:f5:e7:75:e6:0a:
35:7d:de:d5:66:03:56:c1:7c:7d:ce:f3:ed:00:38:a1:aa:46:
85:72:b5:54:d1:0b:61:2e:3f:d8:fa:8a:c1:ac:2a:f0:67:ef:
5f:ce:03:c6:bf:b3:fa:8a:08:e3:68:4f:db:b9:c2:7c:29:a2:
81:24:3a:88:6b:26:8c:df:2f:d2:2b:16:9a:99:2d:d8:3f:aa:
2c:fd:4f:4c:67:8c:d0:04:af:b4:93:f2:21:af:d1:1c:47:f4:
29:7a:68:ea:67:e1:4f:d3:05:02:94:68:95:6d:7a:57:a1:69:
f4:7c:74:30:83:2f:ec:c7:0f:b6:45:77:a3:10:83:2d:8c:dd:
7a:7d:83:53:42:88:84:91:15:57:90:71:6b:bb:a5:7b:18:3a:
63:59:a0:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg3DxDUyUUBisuSNeNJtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYmNjZDRhOWIyMmUyOTk1ZjZmY2E1NTRjZmQ0OTRlNDIx
ZTU2NWUwHhcNMjMwMTAyMTI0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJkM2FlNjgxNWI1NThiZGU5ZDI0ZjEzMDllMTZiOWNmYmExNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma5K70sFbGkNvA8EU/pS47XlINHB
2/u0oj4hoUIV+pRxQDonmStL+hPtl5qxOIDiPEVVHa6tv4eLtwdauLBgh7awxKbD
hiwPg5L2qt6n1hmU73SJHuNSFl9GLLuRv38qlvNjG81aRlttKGlY20FbXbCqqnCr
iX13QdZjZQyBF5+T9BMeXJ2cFfgwCg9syAzwGSXflvkmhRYMR1WH9NZhCtS/URLe
IyGSJBka9Lzyizs+bevE1Nzs4oGMlDSZP6MeJ9wwhbYJK/6sZFIj+YMx/10hy3D9
nuWrCAIbazL9LSzMr74MUXnXsYu1uQaAUz6ieRPt522i87JTAbUewMydfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDQtOuaBW1WL3p0k8TCeFrnPuhXDMB8GA1UdIwQY
MBaAFH28zUqbIuKZX2/KVUz9SU5CHlZeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmJ6TlNwc2k0cGxmYjhwVlRQMUpUa0llVmw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMGIyYWEtMjQ2Ny00YTYyLWIxMjMt
MjNmZmZhZTJjZmM1LzEvTkMwNjVvRmJWWXZlblNUeE1KNFd1Yy02RmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMGIyYWEtMjQ2Ny00YTYyLWIxMjMtMjNmZmZhZTJjZmM1
LzEvZmJ6TlNwc2k0cGxmYjhwVlRQMUpUa0llVmw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw2CcMA0E
AgACMAcDBQMqEg4AMA0GCSqGSIb3DQEBCwUAA4IBAQAbcthV/hk5SrC5dNNgH+sk
S/XzI5Ffm1sJN6jgbMaiz9IfyuBUA5vWzc1Fx+43iYIDzSDzeJB6u4wXnTZxIH9I
g5+5VNhhI/1imwExLykSjHZkHejrXGAzVwfC9/ax2koUB2M7DXoT9ed15go1fd7V
ZgNWwXx9zvPtADihqkaFcrVU0QthLj/Y+orBrCrwZ+9fzgPGv7P6igjjaE/bucJ8
KaKBJDqIayaM3y/SKxaamS3YP6os/U9MZ4zQBK+0k/Ihr9EcR/QpemjqZ+FP0wUC
lGiVbXpXoWn0fHQwgy/sxw+2RXejEIMtjN16fYNTQoiEkRVXkHFru6V7GDpjWaCO
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:25 2024 by rpki-client on console-ams.rpki-client.org