Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/nLsYTJuLm56XIBbkfJnxtrfH5kU.roa
File: nLsYTJuLm56XIBbkfJnxtrfH5kU.roa (raw, json)
Hash identifier: 4Pt6u7p+ycWA4+TjJiDkoZkQVAzS+0IB73XYks3rGWA=
Subject key identifier: 9C:BB:18:4C:9B:8B:9B:9E:97:20:16:E4:7C:99:F1:B6:B7:C7:E6:45
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 018977EDE67C38718DE3AA2F7DB4DAB56813
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/nLsYTJuLm56XIBbkfJnxtrfH5kU.roa
Signing time: Fri 21 Jul 2023 10:10:27 +0000
ROA not before: Fri 21 Jul 2023 10:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 195.34.94.0/23 maxlen: 23
91.204.78.0/24 maxlen: 24
91.204.77.0/24 maxlen: 24
91.204.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 22:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:ed:e6:7c:38:71:8d:e3:aa:2f:7d:b4:da:b5:68:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: Jul 21 10:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbb184c9b8b9b9e972016e47c99f1b6b7c7e645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:83:d1:ce:6f:c2:85:eb:e0:dc:b4:8b:dc:45:
9d:53:73:3c:b6:07:56:7e:80:be:66:e8:cd:4c:e5:
3d:63:cb:6a:e3:68:ab:77:dc:24:0f:3c:bc:8f:0b:
88:b2:f3:36:a9:85:a5:14:73:44:05:bd:50:e1:c7:
3a:f4:d9:85:74:08:21:8c:13:64:50:90:38:82:7a:
d1:a2:27:55:f2:07:fe:27:72:79:a6:97:60:54:51:
f4:48:1d:2f:80:86:93:18:00:9d:b5:0c:5e:fc:d1:
61:81:f8:3e:9c:78:07:e9:e6:50:f4:fc:d1:01:3d:
b5:75:e9:2f:50:12:4a:2b:43:fc:6d:28:b9:54:40:
f3:18:7a:0e:ed:55:e8:80:b7:fc:d0:e3:f1:74:2d:
5d:b4:19:54:32:d1:4d:1d:a7:5f:47:5b:62:34:48:
99:de:ee:78:f8:55:0e:03:49:68:b2:ae:45:8f:7a:
5a:2c:72:bf:6d:ac:e5:41:20:30:93:42:bc:7b:a7:
c0:ef:48:0b:74:ad:16:36:5a:4b:98:ae:fc:6c:6b:
28:5d:eb:d1:93:92:91:1a:ca:1e:a7:28:10:ce:2a:
f8:56:46:20:1c:6d:7f:69:8c:d4:c1:29:50:8a:69:
12:b5:25:49:7b:2e:b1:44:5d:cf:75:0f:75:41:75:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BB:18:4C:9B:8B:9B:9E:97:20:16:E4:7C:99:F1:B6:B7:C7:E6:45
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/nLsYTJuLm56XIBbkfJnxtrfH5kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0-91.204.78.255
195.34.94.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:d6:2b:27:14:a5:05:72:9b:96:90:bd:23:64:c7:52:ef:d9:
8f:80:83:0d:6f:6c:41:22:2c:9c:ac:f7:9e:74:33:43:8e:61:
88:47:cd:e5:83:52:98:60:95:8e:65:6a:89:91:ae:7a:13:0e:
df:0a:f3:62:fc:7b:4e:b1:ab:6b:25:87:e8:3d:a0:f6:83:da:
bb:1e:0b:37:44:1c:24:d7:0f:34:8f:2b:22:3f:17:fe:c1:3d:
1e:ff:be:40:28:6c:2b:48:76:da:c9:98:e5:02:da:6e:90:63:
cc:d6:50:40:e8:33:f9:c2:d1:79:94:df:80:9a:6e:eb:a2:f8:
e9:ae:c8:95:73:86:d3:3e:69:74:f6:21:0e:d2:ae:5c:97:ca:
28:f8:2f:21:62:7f:9e:01:4b:fa:69:2d:24:cc:d9:0d:36:ca:
ba:7d:dc:ab:17:50:8c:fc:ce:37:ee:f9:95:75:96:f4:8b:dd:
a1:e8:5d:5d:55:8b:ac:a2:9c:f2:67:10:7b:ae:d5:a0:ec:98:
fd:0e:7a:d6:48:dc:b6:c4:eb:72:10:28:28:e5:ff:97:86:10:
39:0b:5b:27:a9:c5:44:f8:be:6a:3f:78:b3:2e:13:66:78:66:
1c:fe:c8:b7:a2:eb:8e:ab:86:cc:c1:a1:ea:51:7d:2c:0f:cf:
8e:bb:36:3f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYl37eZ8OHGN46ovfbTatWgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwNzIxMTAxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JiMTg0YzliOGI5YjllOTcyMDE2ZTQ3Yzk5ZjFiNmI3YzdlNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4PRzm/Chevg3LSL3EWdU3M8tgdW
foC+ZujNTOU9Y8tq42ird9wkDzy8jwuIsvM2qYWlFHNEBb1Q4cc69NmFdAghjBNk
UJA4gnrRoidV8gf+J3J5ppdgVFH0SB0vgIaTGACdtQxe/NFhgfg+nHgH6eZQ9PzR
AT21dekvUBJKK0P8bSi5VEDzGHoO7VXogLf80OPxdC1dtBlUMtFNHadfR1tiNEiZ
3u54+FUOA0losq5Fj3paLHK/bazlQSAwk0K8e6fA70gLdK0WNlpLmK78bGsoXevR
k5KRGsoepygQzir4VkYgHG1/aYzUwSlQimkStSVJey6xRF3PdQ91QXUhrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJy7GEybi5uelyAW5HyZ8ba3x+ZFMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvbkxzWVRKdUxtNTZYSUJia2ZKbnh0cmZINWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJbzEwD
BABbzE4DBAHDIl4wDQYJKoZIhvcNAQELBQADggEBALvWKycUpQVym5aQvSNkx1Lv
2Y+Agw1vbEEiLJys9550M0OOYYhHzeWDUphglY5laomRrnoTDt8K82L8e06xq2sl
h+g9oPaD2rseCzdEHCTXDzSPKyI/F/7BPR7/vkAobCtIdtrJmOUC2m6QY8zWUEDo
M/nC0XmU34Cabuui+OmuyJVzhtM+aXT2IQ7SrlyXyij4LyFif54BS/ppLSTM2Q02
yrp93KsXUIz8zjfu+ZV1lvSL3aHoXV1Vi6yinPJnEHuu1aDsmP0OetZI3LbE63IQ
KCjl/5eGEDkLWyepxUT4vmo/eLMuE2Z4Zhz+yLei646rhszBoepRfSwPz467Nj8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-fra.rpki-client.org