Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/N5Lueb69whBXteLOj-Mj4S0oHbY.roa
File: N5Lueb69whBXteLOj-Mj4S0oHbY.roa (raw, json)
Hash identifier: ZxKSCpFOxhsPhH48jBmUf9SfHdDlk+VixrVKxzKaBUk=
Subject key identifier: 37:92:EE:79:BE:BD:C2:10:57:B5:E2:CE:8F:E3:23:E1:2D:28:1D:B6
Certificate issuer: /CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Certificate serial: 01856D417B7853D60933D3AD37C36DDCB06A
Authority key identifier: 00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/N5Lueb69whBXteLOj-Mj4S0oHbY.roa
Signing time: Sun 01 Jan 2023 12:14:45 +0000
ROA not before: Sun 01 Jan 2023 12:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9007
IP address blocks: 192.166.160.0/19 maxlen: 19
192.166.160.0/20 maxlen: 20
2a04:7680::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:7b:78:53:d6:09:33:d3:ad:37:c3:6d:dc:b0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Validity
Not Before: Jan 1 12:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3792ee79bebdc21057b5e2ce8fe323e12d281db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:96:93:e0:54:da:f7:40:74:13:3b:3d:86:
2e:31:9e:34:68:de:9e:b0:5f:9e:11:72:3c:ce:6c:
63:1f:1f:d8:67:d1:52:d5:6e:c2:29:36:b3:31:52:
6c:1a:5a:b0:28:74:b5:f8:b8:2b:9b:87:fb:2a:1b:
f7:76:a3:85:23:54:c4:d5:d3:e2:d4:e6:22:aa:ee:
cc:f6:61:33:65:52:4b:b2:15:1a:e6:6b:1c:67:78:
29:bb:96:a1:55:33:5c:3d:2a:29:64:4a:58:58:e0:
4b:68:d0:ab:9d:e8:65:e3:fa:f1:72:79:ab:d6:d5:
3f:99:b0:39:dc:b8:80:b9:68:d4:ae:b0:6c:0a:9e:
6f:3c:1f:62:b5:e4:e0:11:14:8d:c9:05:c2:c7:8e:
ff:0b:8e:eb:74:d1:2b:9f:a9:59:30:83:63:7b:e6:
e3:86:53:ef:d5:b9:0e:b9:da:11:76:9e:7d:8b:21:
33:d4:4c:78:df:55:5e:c2:c7:cb:18:33:51:4c:15:
71:70:d4:a4:9e:dc:6a:48:0a:bd:4b:91:96:fd:02:
f9:8d:4d:b3:d5:6c:e8:b3:4a:95:8a:b5:93:d6:1c:
c6:b4:93:ab:f6:af:de:8b:44:24:17:80:f9:7e:62:
2e:06:8b:3c:e2:1a:53:4b:9a:16:98:fa:7f:ae:61:
d9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:92:EE:79:BE:BD:C2:10:57:B5:E2:CE:8F:E3:23:E1:2D:28:1D:B6
X509v3 Authority Key Identifier:
keyid:00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/N5Lueb69whBXteLOj-Mj4S0oHbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.160.0/19
IPv6:
2a04:7680::/29
Signature Algorithm: sha256WithRSAEncryption
1a:3c:cc:73:3a:55:f7:a7:de:f3:19:b5:54:12:0b:a7:a3:f7:
34:a4:86:11:f8:4c:d5:e4:d1:b3:ce:8c:77:a8:7d:cc:c4:72:
5a:2e:10:82:1b:26:05:20:93:f7:eb:82:51:2e:00:bd:65:71:
e4:18:26:cc:4c:ef:7b:40:5a:b9:c7:a6:28:f4:f5:11:ed:fe:
65:4e:c7:c4:d6:e3:e4:30:d5:52:1b:01:dc:a3:99:a2:1c:07:
57:e1:d9:b5:04:35:fe:36:3d:3e:e2:74:09:72:1c:fb:bb:3a:
61:02:c3:13:a8:5c:d4:39:f7:e6:2b:5c:2b:2d:60:db:76:35:
e5:51:65:61:63:46:87:18:ca:0b:d2:7f:02:0c:95:db:e2:1a:
02:e9:57:4d:ac:93:c9:9d:d0:94:e6:0f:97:8c:44:45:fe:4e:
c2:ab:32:e0:78:be:6b:ee:45:dd:61:96:d1:c6:18:08:fd:58:
d2:4f:bd:bc:34:da:32:19:a5:17:d5:9e:cb:21:2a:b5:ac:17:
09:ab:b8:e2:c4:30:3e:c5:5a:d4:0d:26:50:f5:98:12:55:90:
17:78:50:67:9c:85:76:97:8c:cd:f8:8f:22:2a:0f:26:c6:51:
e4:9c:47:32:e0:0d:65:7f:3e:5f:7e:89:5b:d9:51:f9:ad:75:
08:50:a3:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQXt4U9YJM9OtN8Nt3LBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWQ2ZDgzYzgwODM3MjlkN2E5ZDg1NzFkNjVjZTk3ZTA1
OGI4MjEwHhcNMjMwMTAxMTIxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzkyZWU3OWJlYmRjMjEwNTdiNWUyY2U4ZmUzMjNlMTJkMjgxZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGGWk+BU2vdAdBM7PYYuMZ40aN6e
sF+eEXI8zmxjHx/YZ9FS1W7CKTazMVJsGlqwKHS1+Lgrm4f7Khv3dqOFI1TE1dPi
1OYiqu7M9mEzZVJLshUa5mscZ3gpu5ahVTNcPSopZEpYWOBLaNCrnehl4/rxcnmr
1tU/mbA53LiAuWjUrrBsCp5vPB9iteTgERSNyQXCx47/C47rdNErn6lZMINje+bj
hlPv1bkOudoRdp59iyEz1Ex431VewsfLGDNRTBVxcNSkntxqSAq9S5GW/QL5jU2z
1Wzos0qVirWT1hzGtJOr9q/ei0QkF4D5fmIuBos84hpTS5oWmPp/rmHZGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDeS7nm+vcIQV7Xizo/jI+EtKB22MB8GA1UdIwQY
MBaAFACtbYPICDcp16nYVx1lzpfgWLghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjkt
YTU1Zjc3YjgzZTZiLzEvTjVMdWViNjl3aEJYdGVMT2otTWo0UzBvSGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjktYTU1Zjc3YjgzZTZi
LzEvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwKagMA0E
AgACMAcDBQMqBHaAMA0GCSqGSIb3DQEBCwUAA4IBAQAaPMxzOlX3p97zGbVUEgun
o/c0pIYR+EzV5NGzzox3qH3MxHJaLhCCGyYFIJP364JRLgC9ZXHkGCbMTO97QFq5
x6Yo9PUR7f5lTsfE1uPkMNVSGwHco5miHAdX4dm1BDX+Nj0+4nQJchz7uzphAsMT
qFzUOffmK1wrLWDbdjXlUWVhY0aHGMoL0n8CDJXb4hoC6VdNrJPJndCU5g+XjERF
/k7CqzLgeL5r7kXdYZbRxhgI/VjST728NNoyGaUX1Z7LISq1rBcJq7jixDA+xVrU
DSZQ9ZgSVZAXeFBnnIV2l4zN+I8iKg8mxlHknEcy4A1lfz5ffolb2VH5rXUIUKOJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:59 2024 by rpki-client on console-fra.rpki-client.org