Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NqmMicqg9mItLeV_siiu9UkN7xI.roa
File: NqmMicqg9mItLeV_siiu9UkN7xI.roa (raw, json)
Hash identifier: X8nE1BmSLXOAOS5bgC3saALvL8TE0sKmSkU/MMBugB0=
Subject key identifier: 36:A9:8C:89:CA:A0:F6:62:2D:2D:E5:7F:B2:28:AE:F5:49:0D:EF:12
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01856F54B4C925FEE4248F5C75A09D384404
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NqmMicqg9mItLeV_siiu9UkN7xI.roa
Signing time: Sun 01 Jan 2023 21:55:00 +0000
ROA not before: Sun 01 Jan 2023 21:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 80.71.226.0/24 maxlen: 24
80.71.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 07:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b4:c9:25:fe:e4:24:8f:5c:75:a0:9d:38:44:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36a98c89caa0f6622d2de57fb228aef5490def12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:0d:f1:94:c3:3d:8d:1b:e5:ba:b0:87:f8:
c7:7b:3a:b5:ed:52:43:bd:2c:d6:f3:34:f1:a9:a0:
f0:77:4e:c2:2a:a3:49:6f:ae:ab:8a:2e:71:e5:86:
c6:d5:13:f8:12:80:2c:34:46:1b:38:4b:dd:35:9b:
ec:10:09:15:29:00:32:3a:8b:0b:26:4a:5c:aa:80:
eb:97:9d:ac:10:99:a5:d8:44:73:ae:79:8e:69:70:
6f:14:d3:46:6d:35:59:12:fa:3c:bf:1d:e8:df:86:
58:7b:30:8c:cd:79:21:27:2c:8a:d2:54:56:61:aa:
24:7d:65:83:27:db:7d:bc:b9:f2:af:bc:16:59:c7:
7a:15:6d:c8:8d:a1:1e:6a:df:ee:c9:34:47:be:ae:
c5:14:df:94:d4:b7:be:aa:0a:a7:13:41:c5:9f:30:
ed:e7:54:f7:94:c7:f1:5e:ff:1c:9f:dc:bf:a1:ee:
06:8c:53:d4:0f:51:8f:88:04:f3:3e:2d:1a:41:61:
6f:ff:01:20:f7:60:47:7d:2e:c3:24:ce:f5:5d:14:
ff:2d:ce:60:ee:86:8e:c3:80:56:b5:48:45:f6:29:
2a:b9:21:40:3c:21:d1:fb:74:da:86:ca:13:81:d9:
43:d6:25:8a:54:1b:11:1c:80:b4:3a:32:29:71:65:
80:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A9:8C:89:CA:A0:F6:62:2D:2D:E5:7F:B2:28:AE:F5:49:0D:EF:12
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NqmMicqg9mItLeV_siiu9UkN7xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.225.0-80.71.226.255
Signature Algorithm: sha256WithRSAEncryption
1a:d7:91:76:07:75:26:22:47:a8:fe:78:e0:73:94:02:48:41:
43:23:37:13:64:cf:46:35:f9:e6:1b:eb:15:90:91:33:ff:4e:
e3:42:0f:e5:05:78:6e:90:80:7e:ec:ef:bf:8a:95:d1:14:cd:
1b:95:8c:3a:64:b0:9f:b7:aa:3f:06:92:29:f3:c7:1e:14:2c:
d1:54:ef:19:67:9d:22:9e:f4:ac:74:4a:e8:0a:9d:1f:5c:2c:
b1:da:d1:84:af:2b:83:e9:36:29:a0:7e:0f:9a:e7:90:ab:cc:
d6:95:f8:d4:13:fa:5d:62:0c:5b:2b:5f:53:0b:ec:0e:38:ef:
02:43:64:55:f7:a2:ef:1a:80:2e:12:4e:98:63:9a:df:b2:47:
e6:29:1c:cb:52:28:8f:0d:93:d8:47:bd:b4:62:b5:a4:8c:86:
b5:f4:44:ba:12:0a:41:7e:be:0f:64:a5:aa:2e:8b:67:f5:f8:
7f:94:e6:e1:c6:0d:5f:d1:38:bf:4a:4e:a5:a3:27:91:6f:98:
28:17:ae:00:c5:da:22:12:a8:8e:66:ca:a3:d2:bc:1d:71:dc:
34:f3:48:ca:72:10:e9:68:4a:7a:95:a8:cc:cf:ef:39:c7:fe:
ac:02:9a:c5:0b:23:16:b7:fe:ce:a5:9d:8e:dd:45:52:04:ff:
89:44:d1:b4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvVLTJJf7kJI9cdaCdOEQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmE5OGM4OWNhYTBmNjYyMmQyZGU1N2ZiMjI4YWVmNTQ5MGRlZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvIN8ZTDPY0b5bqwh/jHezq17VJD
vSzW8zTxqaDwd07CKqNJb66rii5x5YbG1RP4EoAsNEYbOEvdNZvsEAkVKQAyOosL
JkpcqoDrl52sEJml2ERzrnmOaXBvFNNGbTVZEvo8vx3o34ZYezCMzXkhJyyK0lRW
YaokfWWDJ9t9vLnyr7wWWcd6FW3IjaEeat/uyTRHvq7FFN+U1Le+qgqnE0HFnzDt
51T3lMfxXv8cn9y/oe4GjFPUD1GPiATzPi0aQWFv/wEg92BHfS7DJM71XRT/Lc5g
7oaOw4BWtUhF9ikquSFAPCHR+3TahsoTgdlD1iWKVBsRHIC0OjIpcWWA3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDapjInKoPZiLS3lf7IorvVJDe8SMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTnFtTWljcWc5bUl0TGVWX3NpaXU5VWtON3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABQR+ED
BABQR+IwDQYJKoZIhvcNAQELBQADggEBABrXkXYHdSYiR6j+eOBzlAJIQUMjNxNk
z0Y1+eYb6xWQkTP/TuNCD+UFeG6QgH7s77+KldEUzRuVjDpksJ+3qj8Gkinzxx4U
LNFU7xlnnSKe9Kx0SugKnR9cLLHa0YSvK4PpNimgfg+a55CrzNaV+NQT+l1iDFsr
X1ML7A447wJDZFX3ou8agC4STphjmt+yR+YpHMtSKI8Nk9hHvbRitaSMhrX0RLoS
CkF+vg9kpaoui2f1+H+U5uHGDV/ROL9KTqWjJ5FvmCgXrgDF2iISqI5myqPSvB1x
3DTzSMpyEOloSnqVqMzP7znH/qwCmsULIxa3/s6lnY7dRVIE/4lE0bQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org