Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/N9CvNXlvdB9iPZQbHO0taIepOkk.roa
File: N9CvNXlvdB9iPZQbHO0taIepOkk.roa (raw, json)
Hash identifier: UiJk32o3ljVhYp4MzmMRe7VCldLRnJYEOGUrE8Wp7HQ=
Subject key identifier: 37:D0:AF:35:79:6F:74:1F:62:3D:94:1B:1C:ED:2D:68:87:A9:3A:49
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018570306781B809985E19C839A08C91CC1C
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/N9CvNXlvdB9iPZQbHO0taIepOkk.roa
Signing time: Mon 02 Jan 2023 01:54:58 +0000
ROA not before: Mon 02 Jan 2023 01:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43711
IP address blocks: 195.56.170.0/24 maxlen: 24
195.56.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:67:81:b8:09:98:5e:19:c8:39:a0:8c:91:cc:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37d0af35796f741f623d941b1ced2d6887a93a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:21:5d:18:99:63:da:99:d1:eb:f7:8a:68:56:
a8:ac:5d:06:87:65:ed:a1:86:f3:85:7e:17:09:1c:
4e:76:5a:1d:3d:46:e3:2b:f6:53:91:b6:60:e2:03:
78:81:fc:fd:64:89:d7:36:2b:4c:ae:52:d8:12:26:
55:09:ea:3e:27:7a:2b:48:c0:e5:06:90:09:26:b1:
fd:f2:8c:ba:80:b3:8a:06:0b:18:af:a5:17:ec:fa:
17:b3:59:b1:05:ae:8d:61:0d:83:c3:4f:ca:35:3b:
13:c3:c3:cc:4e:78:23:cc:41:87:93:e5:d6:29:de:
f1:f6:5d:17:b0:00:18:91:72:4b:50:56:ec:42:af:
1f:61:49:8a:7f:82:6d:85:1d:bd:28:e1:28:24:60:
70:bb:c5:65:51:d3:d4:b6:63:c1:ca:ee:13:9f:74:
9e:c6:39:c6:e0:78:4f:dd:2e:08:29:62:4b:38:c1:
3d:0a:0e:15:f3:1c:ec:07:52:f2:4b:ad:c3:59:56:
42:e2:fc:82:de:f1:33:45:15:4e:d8:98:7d:d4:ae:
ea:dd:9a:9c:bf:8c:a9:af:99:ce:f0:91:a5:08:20:
62:37:d7:1c:aa:43:ee:56:44:5a:67:00:1d:bf:da:
2a:30:23:d5:71:23:0b:82:a7:ea:80:0f:05:75:6b:
42:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D0:AF:35:79:6F:74:1F:62:3D:94:1B:1C:ED:2D:68:87:A9:3A:49
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/N9CvNXlvdB9iPZQbHO0taIepOkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.56.170.0/24
195.56.172.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e3:65:52:47:28:1f:33:00:4a:db:e6:2f:c1:a3:67:8b:29:
5c:56:a3:de:ec:86:99:45:9e:d4:22:c9:6d:4d:95:68:60:2c:
79:f6:90:f6:f2:24:ad:d2:ac:fb:1a:16:f0:ed:65:55:82:e6:
da:f6:57:02:8e:6a:13:1f:a6:4d:1c:6f:de:a4:2b:82:c6:65:
94:f8:7a:60:77:07:2b:cf:19:35:2a:97:d7:5a:f6:17:b5:9e:
96:42:b7:a1:8a:6a:12:fd:15:ba:5c:30:ee:1d:3e:15:59:a5:
75:c6:fc:76:69:ef:88:9a:f2:52:c1:76:6a:8b:0c:11:a6:17:
4d:16:3f:81:21:05:72:4a:7f:09:4e:3c:4d:7b:36:6e:87:8b:
17:41:81:1b:4f:03:53:5d:a3:3d:09:a5:e3:9e:ec:de:1c:62:
9f:14:eb:58:8f:34:0c:75:04:54:25:ee:94:ac:29:fd:1a:be:
4a:32:19:d6:b3:63:2a:fb:29:69:90:75:b8:15:e9:dd:b5:97:
2e:39:4f:7f:d0:ad:78:ac:b3:5b:04:37:de:87:d0:7b:36:bb:
9f:78:85:e1:74:cb:8c:51:8c:18:28:18:50:fb:e8:c8:b4:a0:
e9:b6:72:35:ce:4e:96:8f:c2:d2:b6:00:cb:28:03:fc:97:0d:
9c:da:38:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwMGeBuAmYXhnIOaCMkcwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2QwYWYzNTc5NmY3NDFmNjIzZDk0MWIxY2VkMmQ2ODg3YTkzYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSFdGJlj2pnR6/eKaFaorF0Gh2Xt
oYbzhX4XCRxOdlodPUbjK/ZTkbZg4gN4gfz9ZInXNitMrlLYEiZVCeo+J3orSMDl
BpAJJrH98oy6gLOKBgsYr6UX7PoXs1mxBa6NYQ2Dw0/KNTsTw8PMTngjzEGHk+XW
Kd7x9l0XsAAYkXJLUFbsQq8fYUmKf4JthR29KOEoJGBwu8VlUdPUtmPByu4Tn3Se
xjnG4HhP3S4IKWJLOME9Cg4V8xzsB1LyS63DWVZC4vyC3vEzRRVO2Jh91K7q3Zqc
v4ypr5nO8JGlCCBiN9ccqkPuVkRaZwAdv9oqMCPVcSMLgqfqgA8FdWtCpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDfQrzV5b3QfYj2UGxztLWiHqTpJMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvTjlDdk5YbHZkQjlpUFpRYkhPMHRhSWVwT2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwziqAwQA
wzisMA0GCSqGSIb3DQEBCwUAA4IBAQA342VSRygfMwBK2+YvwaNniylcVqPe7IaZ
RZ7UIsltTZVoYCx59pD28iSt0qz7Ghbw7WVVguba9lcCjmoTH6ZNHG/epCuCxmWU
+Hpgdwcrzxk1KpfXWvYXtZ6WQrehimoS/RW6XDDuHT4VWaV1xvx2ae+ImvJSwXZq
iwwRphdNFj+BIQVySn8JTjxNezZuh4sXQYEbTwNTXaM9CaXjnuzeHGKfFOtYjzQM
dQRUJe6UrCn9Gr5KMhnWs2Mq+ylpkHW4FendtZcuOU9/0K14rLNbBDfeh9B7Nruf
eIXhdMuMUYwYKBhQ++jItKDptnI1zk6Wj8LStgDLKAP8lw2c2jgR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org