Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ny13XX-RoqIk12HUI9x9p76gZe0.roa
File: ny13XX-RoqIk12HUI9x9p76gZe0.roa (raw, json)
Hash identifier: gaQ9KCpxb/KSpRb+vjdyLVVRjaqe0T2/imeueitqr8E=
Subject key identifier: 9F:2D:77:5D:7F:91:A2:A2:24:D7:61:D4:23:DC:7D:A7:BE:A0:65:ED
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018CC86F7E71821C2AC7A6D23E0F91CF8E3E
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ny13XX-RoqIk12HUI9x9p76gZe0.roa
Signing time: Tue 02 Jan 2024 04:29:59 +0000
ROA not before: Tue 02 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24953
IP address blocks: 194.34.224.0/24 maxlen: 24
194.34.227.0/24 maxlen: 24
2a0d:f9c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Mar 2024 19:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7e:71:82:1c:2a:c7:a6:d2:3e:0f:91:cf:8e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f2d775d7f91a2a224d761d423dc7da7bea065ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2b:37:08:e5:78:8e:9f:97:ac:1b:bf:a5:22:
0b:3d:d3:58:e3:0c:b4:16:38:1d:d4:b7:03:e4:7f:
f9:91:cf:05:d2:c8:b1:c7:73:72:07:1b:81:47:b7:
e8:73:31:e6:bf:17:6d:0a:38:b1:57:be:8b:22:1f:
82:27:25:60:5b:61:c0:f9:83:b5:6e:c5:40:94:00:
16:1a:aa:c2:04:85:b4:c1:e5:32:81:e2:92:9f:92:
a9:f1:08:72:b8:85:8b:29:95:7c:d6:d0:8a:53:03:
ad:82:e7:66:65:4c:89:23:20:08:93:fd:6f:8f:23:
0c:cb:fc:05:73:a6:b4:0b:d4:ba:b5:f5:d2:d6:38:
b0:22:37:7d:89:81:fc:6c:73:7e:49:6f:1a:8d:42:
f2:86:d6:9b:86:4d:9a:7f:0a:d3:7c:8a:45:23:38:
ef:87:fe:04:cb:b3:79:1c:40:7a:e6:2f:41:16:b3:
e9:8b:cd:3e:28:8e:d3:fc:ad:5e:4b:43:23:ae:9d:
63:e4:a7:bd:56:c2:4c:b4:50:cc:38:1c:73:71:42:
be:8b:d9:66:36:04:aa:41:02:a1:4f:40:8d:c0:a6:
50:50:9f:5e:0c:47:0d:ec:25:bf:e4:4f:cb:30:9d:
9f:e2:ea:57:59:42:1c:56:b2:83:f9:fe:b6:46:7c:
b7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2D:77:5D:7F:91:A2:A2:24:D7:61:D4:23:DC:7D:A7:BE:A0:65:ED
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ny13XX-RoqIk12HUI9x9p76gZe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.224.0/24
194.34.227.0/24
IPv6:
2a0d:f9c3::/32
Signature Algorithm: sha256WithRSAEncryption
66:61:7a:86:4f:54:5d:30:c2:c8:64:75:fd:2d:5a:6e:83:48:
ec:fb:f9:be:b6:88:4b:96:2f:dc:09:c0:d4:30:be:e8:84:4d:
c1:c7:dc:03:e6:79:2e:e0:78:2e:fd:d4:1f:9b:93:89:1f:3d:
cf:fa:cb:a5:dd:0d:2a:dd:7f:53:65:3f:d0:ad:f6:78:a9:c5:
62:cd:e7:ec:1f:c0:b1:95:42:e6:2a:c9:5b:22:9a:4d:ee:35:
89:41:10:80:43:df:f6:cf:9d:40:30:93:8f:89:a1:ee:a6:a4:
e6:e6:c4:d6:ad:93:65:57:85:27:21:0d:f1:5c:07:58:4d:3c:
38:0c:72:52:40:d4:27:72:a5:cc:50:13:2e:84:0a:88:b1:c9:
ef:8e:f8:e3:51:8e:9b:71:b2:68:aa:5a:a6:f2:ee:5e:91:89:
ad:da:95:7a:db:97:3c:30:49:8d:2a:2e:8c:fb:94:ac:0b:33:
08:f8:62:92:23:98:17:ed:0b:51:4e:2b:16:10:68:c0:32:24:
f7:c4:f7:29:75:f6:fa:54:5c:d2:c9:36:f9:61:7c:3b:6f:11:
ad:97:20:00:fa:8c:9a:03:4b:4f:de:6f:db:eb:f0:95:2b:34:
09:f9:28:ae:7c:76:ee:dc:a7:1b:bc:c7:f8:7a:07:2f:28:d9:
80:1f:f9:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIb35xghwqx6bSPg+Rz44+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjQwMTAyMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJkNzc1ZDdmOTFhMmEyMjRkNzYxZDQyM2RjN2RhN2JlYTA2NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCs3COV4jp+XrBu/pSILPdNY4wy0
Fjgd1LcD5H/5kc8F0sixx3NyBxuBR7foczHmvxdtCjixV76LIh+CJyVgW2HA+YO1
bsVAlAAWGqrCBIW0weUygeKSn5Kp8QhyuIWLKZV81tCKUwOtgudmZUyJIyAIk/1v
jyMMy/wFc6a0C9S6tfXS1jiwIjd9iYH8bHN+SW8ajULyhtabhk2afwrTfIpFIzjv
h/4Ey7N5HEB65i9BFrPpi80+KI7T/K1eS0Mjrp1j5Ke9VsJMtFDMOBxzcUK+i9lm
NgSqQQKhT0CNwKZQUJ9eDEcN7CW/5E/LMJ2f4upXWUIcVrKD+f62Rny3AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ8td11/kaKiJNdh1CPcfae+oGXtMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvbnkxM1hYLVJvcUlrMTJIVUk5eDlwNzZnWmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwiLgAwQA
wiLjMA0EAgACMAcDBQAqDfnDMA0GCSqGSIb3DQEBCwUAA4IBAQBmYXqGT1RdMMLI
ZHX9LVpug0js+/m+tohLli/cCcDUML7ohE3Bx9wD5nku4Hgu/dQfm5OJHz3P+sul
3Q0q3X9TZT/QrfZ4qcVizefsH8CxlULmKslbIppN7jWJQRCAQ9/2z51AMJOPiaHu
pqTm5sTWrZNlV4UnIQ3xXAdYTTw4DHJSQNQncqXMUBMuhAqIscnvjvjjUY6bcbJo
qlqm8u5ekYmt2pV625c8MEmNKi6M+5SsCzMI+GKSI5gX7QtRTisWEGjAMiT3xPcp
dfb6VFzSyTb5YXw7bxGtlyAA+oyaA0tP3m/b6/CVKzQJ+SiufHbu3KcbvMf4egcv
KNmAH/l9
-----END CERTIFICATE-----
Generated at Thu Mar 14 22:27:11 2024 by rpki-client on console-fra.rpki-client.org