Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/nvBKKihHkaL9uJ9RDiX2MlklBNg.roa
File: nvBKKihHkaL9uJ9RDiX2MlklBNg.roa (raw, json)
Hash identifier: gQ7QGFSiZpBNGL0OmTidEO/T5+hj2BnAxcgffQoc3/Y=
Subject key identifier: 9E:F0:4A:2A:28:47:91:A2:FD:B8:9F:51:0E:25:F6:32:59:25:04:D8
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 01899CE3E0B330A9079FFF23C1C72653C724
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/nvBKKihHkaL9uJ9RDiX2MlklBNg.roa
Signing time: Fri 28 Jul 2023 14:25:27 +0000
ROA not before: Fri 28 Jul 2023 14:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209411
IP address blocks: 209.16.142.0/23 maxlen: 23
2a0e:ce40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:e3:e0:b3:30:a9:07:9f:ff:23:c1:c7:26:53:c7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jul 28 14:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ef04a2a284791a2fdb89f510e25f632592504d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6c:9a:d5:68:7b:b5:55:99:1b:37:b0:3f:47:
41:62:94:62:2b:0e:d4:16:c2:72:94:76:c0:f8:a7:
39:ba:8f:59:45:1a:eb:5b:75:57:34:83:5d:ed:28:
a6:7a:b6:8a:c6:56:e5:bf:40:44:77:19:c8:72:c7:
b9:58:59:cb:aa:a2:43:d9:e4:23:a1:8c:66:89:a5:
ff:84:b8:44:83:e0:ea:60:9f:f3:52:78:29:a1:d5:
0d:30:f4:b6:af:e2:a9:4a:8b:86:c8:ae:1d:b7:75:
71:bd:41:97:96:a3:b4:5c:0d:f4:eb:8d:18:df:43:
e6:56:a3:8d:41:8e:26:bb:b9:f2:0c:9f:b8:74:1f:
c6:ea:2e:00:c2:6d:bb:7d:16:83:ac:aa:50:e9:40:
75:1a:b7:a5:1f:38:6e:56:14:f9:2c:2a:fe:df:af:
30:c4:96:e6:10:3b:e9:e4:fd:da:8c:14:02:8d:a2:
e8:24:27:f1:46:23:dd:f8:ee:03:20:08:05:c8:3f:
ea:5e:9a:d9:db:d7:35:53:ff:11:f6:0c:0e:f6:8c:
30:fe:d6:b1:f7:7a:c0:5c:f2:b4:54:31:be:57:b5:
b4:a3:be:57:ab:98:91:af:be:4b:bb:82:f1:e6:a0:
dd:bd:30:12:83:9b:43:13:36:8c:03:d7:5d:ef:6d:
11:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F0:4A:2A:28:47:91:A2:FD:B8:9F:51:0E:25:F6:32:59:25:04:D8
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/nvBKKihHkaL9uJ9RDiX2MlklBNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.16.142.0/23
IPv6:
2a0e:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
88:cd:c4:ba:ef:f1:e1:af:d1:9f:4e:df:57:96:16:e1:1e:98:
5a:f7:f2:be:7c:bd:f0:5a:56:84:54:83:6d:be:b6:31:cd:e4:
03:97:e2:e8:ff:b5:4b:60:47:f6:2c:8a:80:a7:d9:9a:52:d2:
f2:9d:34:ce:fa:ee:cb:56:ad:e1:3c:92:7a:63:db:41:de:25:
8a:d6:ef:c0:fb:6b:35:22:d9:2e:04:c7:b9:ec:77:4b:71:b5:
77:24:37:c3:92:5e:82:4a:71:a8:84:d4:38:8b:56:5b:06:0e:
38:b5:e9:12:1a:42:0c:22:0e:3c:ba:b4:be:bd:82:c2:03:c3:
88:58:d7:15:5f:cc:12:d0:63:b0:0a:11:21:a2:04:c8:e4:80:
e3:29:a7:0b:c4:68:75:d9:34:bd:30:a5:93:ad:50:b9:e5:96:
a6:2d:c4:9c:91:8c:6e:9f:d6:d9:86:2e:48:2e:e8:88:96:11:
f4:0b:a9:04:bb:5e:84:1d:d7:05:68:e4:ba:5d:ad:dc:3f:bd:
3a:0c:da:9f:68:7f:67:0a:11:b2:33:d8:f9:5e:33:f6:20:80:
d5:01:94:a4:d4:4f:35:ad:7f:d4:2a:0a:0a:50:4e:ba:05:c6:
da:20:80:18:90:a1:03:36:22:53:a4:f3:0c:75:69:39:16:54:
36:15:c0:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmc4+CzMKkHn/8jwccmU8ckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNzI4MTQyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWYwNGEyYTI4NDc5MWEyZmRiODlmNTEwZTI1ZjYzMjU5MjUwNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWya1Wh7tVWZGzewP0dBYpRiKw7U
FsJylHbA+Kc5uo9ZRRrrW3VXNINd7SimeraKxlblv0BEdxnIcse5WFnLqqJD2eQj
oYxmiaX/hLhEg+DqYJ/zUngpodUNMPS2r+KpSouGyK4dt3VxvUGXlqO0XA30640Y
30PmVqONQY4mu7nyDJ+4dB/G6i4Awm27fRaDrKpQ6UB1GrelHzhuVhT5LCr+368w
xJbmEDvp5P3ajBQCjaLoJCfxRiPd+O4DIAgFyD/qXprZ29c1U/8R9gwO9oww/tax
93rAXPK0VDG+V7W0o75Xq5iRr75Lu4Lx5qDdvTASg5tDEzaMA9dd720R6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7wSiooR5Gi/bifUQ4l9jJZJQTYMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvbnZCS0tpaEhrYUw5dUo5UkRpWDJNbGtsQk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB0RCOMA0E
AgACMAcDBQMqDs5AMA0GCSqGSIb3DQEBCwUAA4IBAQCIzcS67/Hhr9GfTt9Xlhbh
Hpha9/K+fL3wWlaEVINtvrYxzeQDl+Lo/7VLYEf2LIqAp9maUtLynTTO+u7LVq3h
PJJ6Y9tB3iWK1u/A+2s1ItkuBMe57HdLcbV3JDfDkl6CSnGohNQ4i1ZbBg44tekS
GkIMIg48urS+vYLCA8OIWNcVX8wS0GOwChEhogTI5IDjKacLxGh12TS9MKWTrVC5
5ZamLcSckYxun9bZhi5ILuiIlhH0C6kEu16EHdcFaOS6Xa3cP706DNqfaH9nChGy
M9j5XjP2IIDVAZSk1E81rX/UKgoKUE66BcbaIIAYkKEDNiJTpPMMdWk5FlQ2FcAO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org