Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/nxJt8Kp3frZRiz9nTgL8QGjletE.roa
File: nxJt8Kp3frZRiz9nTgL8QGjletE.roa (raw, json)
Hash identifier: o9TJYtPaOucWv/IbSf43GJROwjadnW2CbpKQcNL+MNY=
Subject key identifier: 9F:12:6D:F0:AA:77:7E:B6:51:8B:3F:67:4E:02:FC:40:68:E5:7A:D1
Certificate issuer: /CN=a5e7c6ca7370d90d7924a65d860ec9246f4d38a9
Certificate serial: 01856AF7DAD8697BB6E222BD29840A1965D5
Authority key identifier: A5:E7:C6:CA:73:70:D9:0D:79:24:A6:5D:86:0E:C9:24:6F:4D:38:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pefGynNw2Q15JKZdhg7JJG9NOKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/nxJt8Kp3frZRiz9nTgL8QGjletE.roa
Signing time: Sun 01 Jan 2023 01:35:06 +0000
ROA not before: Sun 01 Jan 2023 01:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 212.24.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:da:d8:69:7b:b6:e2:22:bd:29:84:0a:19:65:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5e7c6ca7370d90d7924a65d860ec9246f4d38a9
Validity
Not Before: Jan 1 01:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f126df0aa777eb6518b3f674e02fc4068e57ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:b4:c4:35:ce:95:3c:74:dc:a8:04:7b:19:
bf:67:4e:95:1f:a1:14:6e:1f:fb:0f:ab:29:77:dc:
52:63:e8:90:70:bc:51:6e:cf:e2:e9:ff:30:75:43:
1f:16:7c:8e:1d:22:36:63:cf:85:fa:2a:93:53:c4:
74:a9:97:0b:24:2b:6a:70:c9:b9:96:88:e2:49:85:
0d:bf:0c:62:09:74:3f:ea:dc:21:e7:fc:ef:ca:40:
7f:a0:53:e6:12:3f:b6:4c:59:9b:30:46:c9:6a:43:
2a:5d:c4:9a:1a:7f:7b:63:cb:02:ef:5a:2b:26:10:
b1:5d:7e:90:03:cf:ea:c0:7f:b2:98:4e:83:10:0f:
64:78:f9:c2:1b:0a:b3:21:b4:ae:aa:cb:18:4c:9a:
f7:00:08:c2:ca:84:e5:6d:3e:53:78:e0:a3:89:e4:
19:84:46:6b:4f:33:9c:8d:64:54:18:1a:e9:89:23:
e1:04:eb:67:39:3e:73:08:cf:49:19:30:df:45:21:
7a:60:ab:7a:a8:cf:e4:58:d1:8a:fc:6e:3c:f6:f1:
5a:0d:b4:0a:b4:bd:f7:44:e7:c7:74:17:6c:3f:48:
84:e1:f7:d3:d5:e3:dd:3d:7e:41:f8:24:0d:2d:b3:
b2:4b:60:fb:47:f0:31:6a:46:1a:79:e0:78:69:11:
0d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:12:6D:F0:AA:77:7E:B6:51:8B:3F:67:4E:02:FC:40:68:E5:7A:D1
X509v3 Authority Key Identifier:
keyid:A5:E7:C6:CA:73:70:D9:0D:79:24:A6:5D:86:0E:C9:24:6F:4D:38:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pefGynNw2Q15JKZdhg7JJG9NOKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/nxJt8Kp3frZRiz9nTgL8QGjletE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/pefGynNw2Q15JKZdhg7JJG9NOKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.113.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ba:5b:9a:d8:a8:72:73:4e:21:33:8a:39:2b:97:48:99:ec:
bc:ce:62:99:c7:8f:a2:c8:56:7a:53:3c:34:a6:6d:f3:5b:4b:
c8:67:0c:b1:58:ab:3c:73:38:99:e9:f7:9b:1e:ad:89:a2:71:
8e:9d:fc:7f:dc:bc:86:70:f7:03:e2:30:4f:f8:9d:be:1a:d5:
84:3a:85:98:0b:81:63:67:41:50:ff:62:45:b6:5d:56:ab:93:
f0:e1:7e:78:c5:8c:73:8c:f9:95:b4:5b:3e:d2:57:8f:67:48:
ca:ff:59:a7:bf:3b:f2:ea:1a:35:53:44:1a:5d:0f:ba:0e:5c:
0f:de:aa:e3:59:8d:40:0d:bf:29:51:97:03:98:e1:fe:cd:b7:
7d:bb:87:6f:18:04:34:01:82:c7:5d:f0:32:0d:ba:c8:97:68:
db:e3:a4:90:42:80:05:ea:13:87:b6:ff:79:25:e5:b4:52:21:
3d:90:2a:c3:fb:97:df:03:b9:5e:0d:92:ad:0c:a5:eb:cc:76:
61:61:25:a0:20:a9:80:9b:df:31:a7:9f:80:9e:08:84:06:c9:
97:a0:f0:3c:e6:b2:47:69:e7:da:52:55:fc:21:e3:96:f1:0a:
e6:d8:8e:2a:9b:ef:e7:0d:ac:6a:37:fd:f5:23:c7:e9:07:99:
d2:b4:93:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVq99rYaXu24iK9KYQKGWXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZTdjNmNhNzM3MGQ5MGQ3OTI0YTY1ZDg2MGVjOTI0NmY0
ZDM4YTkwHhcNMjMwMTAxMDEzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjEyNmRmMGFhNzc3ZWI2NTE4YjNmNjc0ZTAyZmM0MDY4ZTU3YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowG0xDXOlTx03KgEexm/Z06VH6EU
bh/7D6spd9xSY+iQcLxRbs/i6f8wdUMfFnyOHSI2Y8+F+iqTU8R0qZcLJCtqcMm5
lojiSYUNvwxiCXQ/6twh5/zvykB/oFPmEj+2TFmbMEbJakMqXcSaGn97Y8sC71or
JhCxXX6QA8/qwH+ymE6DEA9kePnCGwqzIbSuqssYTJr3AAjCyoTlbT5TeOCjieQZ
hEZrTzOcjWRUGBrpiSPhBOtnOT5zCM9JGTDfRSF6YKt6qM/kWNGK/G489vFaDbQK
tL33ROfHdBdsP0iE4ffT1ePdPX5B+CQNLbOyS2D7R/AxakYaeeB4aRENgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8SbfCqd362UYs/Z04C/EBo5XrRMB8GA1UdIwQY
MBaAFKXnxspzcNkNeSSmXYYOySRvTTipMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGVmR3luTncyUTE1SktaZGhnN0pKRzlOT0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wOWUxNmUtM2IzZS00Y2NiLTg4NmUt
OTg5MWIzMjhlZDRhLzEvbnhKdDhLcDNmclpSaXo5blRnTDhRR2psZXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wOWUxNmUtM2IzZS00Y2NiLTg4NmUtOTg5MWIzMjhlZDRh
LzEvcGVmR3luTncyUTE1SktaZGhnN0pKRzlOT0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BhxMA0G
CSqGSIb3DQEBCwUAA4IBAQCCulua2Khyc04hM4o5K5dImey8zmKZx4+iyFZ6Uzw0
pm3zW0vIZwyxWKs8cziZ6febHq2JonGOnfx/3LyGcPcD4jBP+J2+GtWEOoWYC4Fj
Z0FQ/2JFtl1Wq5Pw4X54xYxzjPmVtFs+0lePZ0jK/1mnvzvy6ho1U0QaXQ+6DlwP
3qrjWY1ADb8pUZcDmOH+zbd9u4dvGAQ0AYLHXfAyDbrIl2jb46SQQoAF6hOHtv95
JeW0UiE9kCrD+5ffA7leDZKtDKXrzHZhYSWgIKmAm98xp5+AngiEBsmXoPA85rJH
aefaUlX8IeOW8Qrm2I4qm+/nDaxqN/31I8fpB5nStJPj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:27 2023 by rpki-client on console-ams.rpki-client.org