Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyMqQGrQT9rxeSr3npELniGaZeQ.roa
File: nyMqQGrQT9rxeSr3npELniGaZeQ.roa (raw, json)
Hash identifier: 9+3FYagJ12oGX3/EjfRqc3o2DomNIifX3W+KLiNFHWE=
Subject key identifier: 9F:23:2A:40:6A:D0:4F:DA:F1:79:2A:F7:9E:91:0B:9E:21:9A:65:E4
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01876C408C7F7AEA2304EF7CDE1929E73CD7
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyMqQGrQT9rxeSr3npELniGaZeQ.roa
Signing time: Mon 10 Apr 2023 17:39:42 +0000
ROA not before: Mon 10 Apr 2023 17:39:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 80.71.228.0/24 maxlen: 24
81.29.146.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jul 2023 12:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6c:40:8c:7f:7a:ea:23:04:ef:7c:de:19:29:e7:3c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 10 17:39:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f232a406ad04fdaf1792af79e910b9e219a65e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e1:c7:d1:e1:65:66:4c:98:1e:f4:8e:f6:7d:
d4:50:87:4e:9d:e5:d5:63:82:1e:ab:0b:e3:f9:57:
5b:d5:56:6c:95:a8:e7:5b:b0:f0:08:48:c9:48:99:
54:2c:b0:7e:f8:ca:6b:d6:13:7a:56:4b:b3:56:22:
63:88:02:9c:da:c2:ad:f4:81:33:a2:e4:2a:9c:ca:
b9:93:42:36:ab:45:da:d6:84:20:45:57:03:a9:46:
71:6f:9d:81:f9:6a:06:9b:68:42:9e:2c:7d:71:14:
23:4c:10:b9:89:10:e6:09:2a:7c:53:1f:f9:30:a6:
4e:23:d4:e5:cc:dc:28:d3:e4:9a:05:05:ee:cc:26:
a6:66:32:32:f1:eb:81:81:97:4a:33:28:fe:f3:63:
95:c3:65:24:a7:44:ae:9a:61:39:f3:55:de:f3:06:
9a:05:86:d8:8f:d5:c7:f9:8f:d4:60:08:36:c1:cb:
77:05:bf:ea:7b:a9:67:f5:c8:36:21:41:ea:3a:d7:
1c:09:ac:fa:56:5e:69:2e:07:41:3e:12:60:26:93:
b5:1d:0f:01:be:bc:1f:a7:d8:a5:75:d1:2c:c0:ad:
dd:0e:60:7b:10:03:50:34:96:7d:ad:f4:f6:62:dd:
95:b2:49:82:bb:87:77:9c:26:d7:78:91:2d:99:e2:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:23:2A:40:6A:D0:4F:DA:F1:79:2A:F7:9E:91:0B:9E:21:9A:65:E4
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyMqQGrQT9rxeSr3npELniGaZeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/24
81.29.146.0/24
81.29.156.0/24
Signature Algorithm: sha256WithRSAEncryption
95:18:d4:ff:a1:09:b9:35:17:72:7c:54:de:0a:9f:27:32:0a:
3e:06:8f:34:55:7d:b3:fc:3c:78:0f:49:8d:a6:c8:9f:81:5a:
f1:cc:11:91:d1:af:60:b1:c8:2f:25:f7:ef:0b:e1:cc:97:bf:
d3:dd:80:a8:4e:b4:8f:30:52:55:46:1c:3c:d7:fe:18:df:2a:
24:ea:71:b1:b2:1d:dd:a7:29:4b:46:61:41:a2:d9:55:1d:93:
f7:2c:a2:e6:ca:b6:1e:29:25:e8:76:26:79:dc:f9:40:d6:03:
e0:ca:ae:d3:71:0b:51:13:3a:85:d6:f2:76:f1:a9:1e:d4:36:
a9:95:9c:90:4b:9e:e7:12:29:5e:6e:d2:98:ae:b5:aa:00:f2:
a5:d1:92:a8:de:94:59:f6:44:cf:d8:c0:54:f1:ad:af:5f:7b:
24:a8:48:ba:67:12:25:09:f5:7f:a0:99:f1:5f:be:2f:58:5c:
c6:14:19:7f:22:28:5a:e8:9b:12:8d:d1:1d:79:01:7c:86:06:
90:ca:9e:99:36:5e:02:b2:d4:c4:27:3c:68:73:8c:03:68:42:
25:c0:70:ff:c1:4a:33:92:e1:22:03:50:b4:32:b7:f7:c9:d3:
42:98:1c:62:b1:75:30:07:9e:57:5f:66:39:6e:47:6c:74:6d:
b0:e2:73:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdsQIx/euojBO983hkp5zzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDEwMTczOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjIzMmE0MDZhZDA0ZmRhZjE3OTJhZjc5ZTkxMGI5ZTIxOWE2NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOHH0eFlZkyYHvSO9n3UUIdOneXV
Y4Ieqwvj+Vdb1VZslajnW7DwCEjJSJlULLB++Mpr1hN6VkuzViJjiAKc2sKt9IEz
ouQqnMq5k0I2q0Xa1oQgRVcDqUZxb52B+WoGm2hCnix9cRQjTBC5iRDmCSp8Ux/5
MKZOI9TlzNwo0+SaBQXuzCamZjIy8euBgZdKMyj+82OVw2Ukp0SummE581Xe8waa
BYbYj9XH+Y/UYAg2wct3Bb/qe6ln9cg2IUHqOtccCaz6Vl5pLgdBPhJgJpO1HQ8B
vrwfp9ilddEswK3dDmB7EANQNJZ9rfT2Yt2VskmCu4d3nCbXeJEtmeJ0hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8jKkBq0E/a8Xkq956RC54hmmXkMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvbnlNcVFHclFUOXJ4ZVNyM25wRUxuaUdhWmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfkAwQA
UR2SAwQAUR2cMA0GCSqGSIb3DQEBCwUAA4IBAQCVGNT/oQm5NRdyfFTeCp8nMgo+
Bo80VX2z/Dx4D0mNpsifgVrxzBGR0a9gscgvJffvC+HMl7/T3YCoTrSPMFJVRhw8
1/4Y3yok6nGxsh3dpylLRmFBotlVHZP3LKLmyrYeKSXodiZ53PlA1gPgyq7TcQtR
EzqF1vJ28ake1DaplZyQS57nEilebtKYrrWqAPKl0ZKo3pRZ9kTP2MBU8a2vX3sk
qEi6ZxIlCfV/oJnxX74vWFzGFBl/Iiha6JsSjdEdeQF8hgaQyp6ZNl4CstTEJzxo
c4wDaEIlwHD/wUozkuEiA1C0Mrf3ydNCmBxisXUwB55XX2Y5bkdsdG2w4nNT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org