Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nhMYTWQWc6Vw5Uq9K0QoBeGTPPk.roa
File: nhMYTWQWc6Vw5Uq9K0QoBeGTPPk.roa (raw, json)
Hash identifier: AloWrHzqPH3CUmgbZuf7JAPncycBDflbCFKjo5OnvHQ=
Subject key identifier: 9E:13:18:4D:64:16:73:A5:70:E5:4A:BD:2B:44:28:05:E1:93:3C:F9
Certificate issuer: /CN=9d6b9774c94876c98321de3201b11b75a1358d19
Certificate serial: 018CB66E22F06100F3DDD766ABE0A1028C10
Authority key identifier: 9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nhMYTWQWc6Vw5Uq9K0QoBeGTPPk.roa
Signing time: Fri 29 Dec 2023 16:35:20 +0000
ROA not before: Fri 29 Dec 2023 16:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211462
IP address blocks: 193.32.87.0/24 maxlen: 24
2a0d:8141::/48 maxlen: 48
2a0d:8140::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:6e:22:f0:61:00:f3:dd:d7:66:ab:e0:a1:02:8c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6b9774c94876c98321de3201b11b75a1358d19
Validity
Not Before: Dec 29 16:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e13184d641673a570e54abd2b442805e1933cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2f:0c:52:98:c1:15:f7:72:8d:7a:c8:5b:0c:
54:07:fe:81:af:fb:0f:5c:70:d7:d1:21:68:4a:90:
26:1d:7c:92:cc:22:3b:7e:67:2f:e6:48:66:16:42:
bf:6a:7c:5b:6e:a7:91:48:b3:5e:f9:aa:41:a5:60:
41:12:68:41:e2:fe:9d:8f:3e:03:e1:d2:f8:94:38:
0e:aa:18:b7:48:38:a8:99:bf:52:39:13:66:56:a6:
3c:12:14:8f:72:23:b5:cf:85:2b:43:c3:fc:6b:cc:
95:ee:ea:ae:05:9e:c5:dc:2a:7b:d2:ed:2b:ea:a1:
96:20:c9:43:86:8f:c9:98:f6:57:a6:1b:f4:15:48:
d9:1b:da:3c:05:f4:cb:7d:3c:be:9f:a5:28:7b:97:
84:95:85:70:30:ae:1f:87:0b:81:dd:0d:16:12:88:
68:99:79:77:f6:40:64:74:5e:da:58:bf:42:3b:a8:
89:cf:00:21:2e:b9:32:b4:0c:a3:98:cb:fd:a6:86:
da:16:e1:f6:99:c7:68:bc:b2:d9:7c:b7:5c:6a:70:
f9:7a:b5:72:e1:53:65:dc:31:93:a1:66:9e:70:72:
c5:00:9a:b8:a6:96:0e:cd:2b:fc:10:aa:bf:4d:46:
47:8b:f5:78:17:61:84:f9:1c:3b:a5:08:5c:e1:0f:
7f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:13:18:4D:64:16:73:A5:70:E5:4A:BD:2B:44:28:05:E1:93:3C:F9
X509v3 Authority Key Identifier:
keyid:9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nhMYTWQWc6Vw5Uq9K0QoBeGTPPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.87.0/24
IPv6:
2a0d:8140::/48
2a0d:8141::/48
Signature Algorithm: sha256WithRSAEncryption
21:01:f1:ef:86:46:75:0e:06:a0:a9:71:1f:95:26:9a:f7:9e:
b4:ae:bf:e1:a7:a0:78:40:40:a5:77:4f:26:53:ef:bd:8a:fc:
e1:0d:71:e3:0f:41:26:29:f9:21:83:1e:fc:e6:68:0c:0c:f3:
36:07:ca:c9:6b:c4:e9:26:14:14:9d:1c:e1:7a:97:6f:1d:8c:
03:c5:45:a5:c3:c6:11:9a:d5:2d:d3:81:b5:62:ac:39:e4:3d:
91:23:d7:82:74:4d:67:56:37:ee:3a:51:7a:2d:56:f7:74:ec:
93:bd:83:3e:b3:8e:0a:cb:f5:3f:4d:81:bb:f5:aa:f7:b7:30:
09:f0:cf:20:80:b3:47:b5:3c:5a:4c:50:1b:40:ce:51:55:d0:
62:61:27:d7:7b:06:15:dc:0e:ad:b8:fc:1a:31:fb:0f:9a:45:
df:0b:69:8e:bd:b8:92:1c:bd:8e:48:3b:99:0c:6e:e1:9b:a2:
e2:a3:24:32:0b:4b:d0:f7:91:05:a2:57:6d:20:c8:26:fe:2f:
19:31:51:fd:21:ca:de:f5:8f:22:dd:d1:c7:c2:6f:ba:a0:3b:
7c:01:af:e0:5b:b8:cd:4a:c3:4c:bc:f1:5a:17:6f:38:1d:3d:
2d:17:24:c5:37:47:7b:d5:54:8c:23:d4:06:15:2d:84:38:37:
c2:a6:a0:bf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYy2biLwYQDz3ddmq+ChAowQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmI5Nzc0Yzk0ODc2Yzk4MzIxZGUzMjAxYjExYjc1YTEz
NThkMTkwHhcNMjMxMjI5MTYzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTEzMTg0ZDY0MTY3M2E1NzBlNTRhYmQyYjQ0MjgwNWUxOTMzY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i8MUpjBFfdyjXrIWwxUB/6Br/sP
XHDX0SFoSpAmHXySzCI7fmcv5khmFkK/anxbbqeRSLNe+apBpWBBEmhB4v6djz4D
4dL4lDgOqhi3SDiomb9SORNmVqY8EhSPciO1z4UrQ8P8a8yV7uquBZ7F3Cp70u0r
6qGWIMlDho/JmPZXphv0FUjZG9o8BfTLfTy+n6Uoe5eElYVwMK4fhwuB3Q0WEoho
mXl39kBkdF7aWL9CO6iJzwAhLrkytAyjmMv9pobaFuH2mcdovLLZfLdcanD5erVy
4VNl3DGToWaecHLFAJq4ppYOzSv8EKq/TUZHi/V4F2GE+Rw7pQhc4Q9/OwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ4TGE1kFnOlcOVKvStEKAXhkzz5MB8GA1UdIwQY
MBaAFJ1rl3TJSHbJgyHeMgGxG3WhNY0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5Njgt
YTU2YmRmYWRiODFlLzEvbmhNWVRXUVdjNlZ3NVVxOUswUW9CZUdUUFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5NjgtYTU2YmRmYWRiODFl
LzEvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwSBXMBgE
AgACMBIDBwAqDYFAAAADBwAqDYFBAAAwDQYJKoZIhvcNAQELBQADggEBACEB8e+G
RnUOBqCpcR+VJpr3nrSuv+GnoHhAQKV3TyZT772K/OENceMPQSYp+SGDHvzmaAwM
8zYHyslrxOkmFBSdHOF6l28djAPFRaXDxhGa1S3TgbVirDnkPZEj14J0TWdWN+46
UXotVvd07JO9gz6zjgrL9T9Ngbv1qve3MAnwzyCAs0e1PFpMUBtAzlFV0GJhJ9d7
BhXcDq24/Box+w+aRd8LaY69uJIcvY5IO5kMbuGbouKjJDILS9D3kQWiV20gyCb+
LxkxUf0hyt71jyLd0cfCb7qgO3wBr+BbuM1Kw0y88VoXbzgdPS0XJMU3R3vVVIwj
1AYVLYQ4N8KmoL8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:37 2024 by rpki-client on console-ams.rpki-client.org