Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/4msO8aeuks3eTBiRSx9jknkHg8Q.roa
File: 4msO8aeuks3eTBiRSx9jknkHg8Q.roa (raw, json)
Hash identifier: VsrVp2F1ReoNyYBqoGsaYWlxkGEQ22+uUXFjDd8lJ+c=
Subject key identifier: E2:6B:0E:F1:A7:AE:92:CD:DE:4C:18:91:4B:1F:63:92:79:07:83:C4
Certificate issuer: /CN=9e7fa4d71ff61ddd752a56e5e9ca31697a952b34
Certificate serial: 01856C0A32B5EEC513488D444E613ED7D6E2
Authority key identifier: 9E:7F:A4:D7:1F:F6:1D:DD:75:2A:56:E5:E9:CA:31:69:7A:95:2B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nn-k1x_2Hd11Klbl6coxaXqVKzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/4msO8aeuks3eTBiRSx9jknkHg8Q.roa
Signing time: Sun 01 Jan 2023 06:34:45 +0000
ROA not before: Sun 01 Jan 2023 06:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20795
IP address blocks: 193.109.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:32:b5:ee:c5:13:48:8d:44:4e:61:3e:d7:d6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e7fa4d71ff61ddd752a56e5e9ca31697a952b34
Validity
Not Before: Jan 1 06:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e26b0ef1a7ae92cdde4c18914b1f6392790783c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:67:01:ed:da:3d:33:a5:82:ae:b5:d7:b5:
d7:10:cc:ba:d9:d3:d3:ab:37:15:c0:0f:19:54:2c:
ad:fa:7d:5f:f2:35:98:7c:10:27:bf:d0:3c:c7:54:
75:00:23:52:42:96:98:87:9e:bc:8a:64:2e:59:92:
c9:29:15:72:69:b7:2d:6d:6b:55:8a:c1:82:1a:84:
c1:90:21:cc:71:4d:68:9b:e0:8e:61:49:e4:56:1e:
83:3b:9e:c2:f8:23:51:84:d5:3d:42:24:9f:1f:86:
4e:58:34:f2:3b:ea:84:1a:99:48:e7:74:3e:5b:be:
75:62:b5:a6:4d:dd:55:4d:92:d6:03:43:39:ed:d2:
07:01:e5:fe:41:54:63:78:81:c5:9b:27:c4:39:26:
3d:75:31:1f:ad:cd:11:58:b0:f7:5a:8e:ac:49:20:
f4:bc:21:a2:00:35:29:8c:03:29:fb:09:7e:59:28:
a5:c2:b1:8b:36:6c:2e:44:63:d9:76:64:50:08:35:
33:00:37:af:a4:02:7d:c9:19:62:26:15:ac:82:94:
4b:f4:d8:53:0b:ce:b0:61:0f:d6:d7:30:23:b0:c6:
14:84:73:92:2f:ac:08:96:af:ad:35:53:d0:3d:a3:
c9:55:47:7d:1f:39:9c:47:ed:e2:6e:a2:5a:dc:dd:
a8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6B:0E:F1:A7:AE:92:CD:DE:4C:18:91:4B:1F:63:92:79:07:83:C4
X509v3 Authority Key Identifier:
keyid:9E:7F:A4:D7:1F:F6:1D:DD:75:2A:56:E5:E9:CA:31:69:7A:95:2B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nn-k1x_2Hd11Klbl6coxaXqVKzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/4msO8aeuks3eTBiRSx9jknkHg8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/nn-k1x_2Hd11Klbl6coxaXqVKzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.96.0/22
Signature Algorithm: sha256WithRSAEncryption
71:70:32:58:cc:05:3d:46:63:6f:2a:6a:19:48:97:48:d1:f3:
bc:45:be:ac:64:5b:66:9d:c0:70:fe:0e:1c:9e:b7:1e:ca:81:
5f:56:ac:c4:1c:67:0a:8e:26:7b:3d:6c:db:fb:8f:8f:57:8f:
b0:3f:d9:e4:7c:39:63:9d:19:c5:a4:31:0f:30:12:fd:a8:17:
fc:3d:1a:a4:b4:33:2e:aa:0c:eb:45:d4:5a:0d:a5:9a:3c:9b:
d9:4e:a8:80:32:fb:4c:b4:75:7a:77:b8:2d:c6:40:db:71:06:
35:dc:3a:3f:9a:22:3f:3d:9d:7e:e7:fd:5f:15:a0:69:f3:1d:
96:8d:e5:99:94:36:51:dc:b2:25:e8:bf:fd:c3:dd:3d:03:a2:
0b:4e:79:96:96:9b:fd:a6:39:4c:03:a9:37:29:eb:7d:d1:57:
72:1f:b3:9b:11:20:f0:e9:ea:7a:77:d6:2e:11:e9:35:c9:97:
fd:ea:b6:e2:dc:35:fa:7e:19:c7:0a:b7:bd:0a:51:f1:5a:22:
48:7e:4e:c2:2f:17:38:00:ae:ee:c0:b8:42:d0:48:06:71:e5:
64:e5:4b:d4:a2:d7:a6:76:6b:b3:b1:48:d5:36:fe:cf:db:10:
b0:b4:e1:a7:dd:35:4f:a8:c9:97:23:d2:d8:0c:a9:0e:29:2b:
70:51:fe:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjK17sUTSI1ETmE+19biMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllN2ZhNGQ3MWZmNjFkZGQ3NTJhNTZlNWU5Y2EzMTY5N2E5
NTJiMzQwHhcNMjMwMTAxMDYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZiMGVmMWE3YWU5MmNkZGU0YzE4OTE0YjFmNjM5Mjc5MDc4M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoNnAe3aPTOlgq6117XXEMy62dPT
qzcVwA8ZVCyt+n1f8jWYfBAnv9A8x1R1ACNSQpaYh568imQuWZLJKRVyabctbWtV
isGCGoTBkCHMcU1om+COYUnkVh6DO57C+CNRhNU9QiSfH4ZOWDTyO+qEGplI53Q+
W751YrWmTd1VTZLWA0M57dIHAeX+QVRjeIHFmyfEOSY9dTEfrc0RWLD3Wo6sSSD0
vCGiADUpjAMp+wl+WSilwrGLNmwuRGPZdmRQCDUzADevpAJ9yRliJhWsgpRL9NhT
C86wYQ/W1zAjsMYUhHOSL6wIlq+tNVPQPaPJVUd9HzmcR+3ibqJa3N2odwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJrDvGnrpLN3kwYkUsfY5J5B4PEMB8GA1UdIwQY
MBaAFJ5/pNcf9h3ddSpW5enKMWl6lSs0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm4tazF4XzJIZDExS2xibDZjb3hhWHFWS3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kMzc5ZGItZDkwZS00M2I5LWEyMTQt
MThlMzZiZGRjMjFjLzEvNG1zTzhhZXVrczNlVEJpUlN4OWprbmtIZzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kMzc5ZGItZDkwZS00M2I5LWEyMTQtMThlMzZiZGRjMjFj
LzEvbm4tazF4XzJIZDExS2xibDZjb3hhWHFWS3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwW1gMA0G
CSqGSIb3DQEBCwUAA4IBAQBxcDJYzAU9RmNvKmoZSJdI0fO8Rb6sZFtmncBw/g4c
nrceyoFfVqzEHGcKjiZ7PWzb+4+PV4+wP9nkfDljnRnFpDEPMBL9qBf8PRqktDMu
qgzrRdRaDaWaPJvZTqiAMvtMtHV6d7gtxkDbcQY13Do/miI/PZ1+5/1fFaBp8x2W
jeWZlDZR3LIl6L/9w909A6ILTnmWlpv9pjlMA6k3Ket90VdyH7ObESDw6ep6d9Yu
Eek1yZf96rbi3DX6fhnHCre9ClHxWiJIfk7CLxc4AK7uwLhC0EgGceVk5UvUotem
dmuzsUjVNv7P2xCwtOGn3TVPqMmXI9LYDKkOKStwUf7R
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:58 2024 by rpki-client on console-fra.rpki-client.org