Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/t1nhNfVUM7pUhfzabpDdbCyBwbY.roa
File: t1nhNfVUM7pUhfzabpDdbCyBwbY.roa (raw, json)
Hash identifier: ZxVvyDcJ9rX3XcGmsbZgHuhBeofolyRWIzhPE4nie7I=
Subject key identifier: B7:59:E1:35:F5:54:33:BA:54:85:FC:DA:6E:90:DD:6C:2C:81:C1:B6
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 01856D93E6F905C589AC283E404B2A8C9B8A
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/t1nhNfVUM7pUhfzabpDdbCyBwbY.roa
Signing time: Sun 01 Jan 2023 13:44:47 +0000
ROA not before: Sun 01 Jan 2023 13:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 719
IP address blocks: 194.137.159.0/24 maxlen: 24
192.58.49.0/24 maxlen: 24
192.103.94.0/24 maxlen: 24
192.103.93.0/24 maxlen: 24
192.103.98.0/24 maxlen: 24
192.103.101.0/24 maxlen: 24
192.103.109.0/24 maxlen: 24
192.103.108.0/24 maxlen: 24
192.103.87.0/24 maxlen: 24
194.137.11.0/24 maxlen: 24
192.103.90.0/24 maxlen: 24
192.103.89.0/24 maxlen: 24
192.103.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:e6:f9:05:c5:89:ac:28:3e:40:4b:2a:8c:9b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 13:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b759e135f55433ba5485fcda6e90dd6c2c81c1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:57:2e:51:0a:2b:c6:c6:60:5d:46:da:67:fc:
75:12:90:12:de:f1:fd:d0:d5:d5:e4:03:90:aa:ff:
b3:93:e4:59:ba:18:17:f4:5e:e8:19:91:13:58:3e:
df:3c:e6:6b:83:e0:ea:43:49:3a:f5:ed:ca:79:68:
10:23:af:a3:7a:06:93:36:60:db:3c:af:24:7d:78:
09:1a:31:a1:b3:56:b8:52:78:20:3f:ca:ab:1c:3a:
b8:ee:d1:7e:8d:d0:dc:11:78:d1:54:0a:13:96:43:
6c:7c:2e:db:ec:a9:81:4d:4d:97:90:d5:ea:b1:14:
5c:ab:2e:09:7d:01:1e:e0:4a:f8:4f:9f:9e:4d:6d:
dd:dd:98:9b:af:4e:ae:e7:46:c4:37:ce:af:86:27:
7c:a9:64:97:94:72:70:ef:ee:07:b8:e9:ab:99:a1:
37:c7:f1:02:a2:b2:ad:52:d4:13:09:18:da:69:ab:
dd:4f:be:8e:1a:f5:e3:72:57:ef:2b:e4:6d:ee:ae:
db:ab:de:07:d1:70:2c:5b:5c:ee:29:48:da:c9:05:
68:24:39:23:47:c5:c5:45:ee:01:df:3c:21:80:62:
4e:80:b8:74:0a:11:9c:bb:e2:37:06:a0:67:a5:00:
54:62:78:33:38:3c:b0:1c:06:6a:aa:81:4b:f3:14:
67:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:59:E1:35:F5:54:33:BA:54:85:FC:DA:6E:90:DD:6C:2C:81:C1:B6
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/t1nhNfVUM7pUhfzabpDdbCyBwbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.58.49.0/24
192.103.87.0-192.103.90.255
192.103.93.0-192.103.94.255
192.103.98.0/24
192.103.101.0/24
192.103.108.0/23
194.137.11.0/24
194.137.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:88:f7:ab:e1:60:ec:95:ce:1f:0e:c8:00:10:04:89:62:fb:
89:18:c2:24:af:e6:0c:4b:05:95:c8:b1:51:8d:c9:de:d6:a6:
15:d8:10:47:f1:03:c4:e3:e5:be:85:f5:4a:3e:37:b0:b2:c6:
53:bc:6a:44:6d:72:03:8f:e3:f3:fb:51:ef:0a:5b:29:05:15:
e3:f9:89:5c:e0:9b:dd:52:78:22:0b:61:c2:e4:38:e1:9a:e1:
6f:b0:4c:be:ee:86:55:ef:cf:86:48:94:19:cb:68:24:00:da:
f7:93:fd:8b:67:7c:d3:f1:36:a9:fa:d4:68:5b:64:60:89:ed:
47:29:2c:96:8a:f9:fe:e1:d5:5e:91:8b:c3:5c:ea:79:87:c9:
86:6d:cd:de:ec:f1:8f:0b:bc:ae:d9:c6:ad:c0:6c:3f:81:f9:
e5:48:24:3e:ad:fd:1f:9b:d1:2b:43:77:ca:70:e3:34:47:e6:
78:f1:78:da:3f:32:a3:82:e3:71:06:a2:86:32:76:73:e3:12:
29:00:2d:5b:2b:6f:62:68:6f:3b:3d:e1:4b:92:75:ce:f7:0a:
73:70:74:dd:ad:f0:e6:25:26:9e:a2:87:2b:2e:1f:97:f2:91:
72:1b:4e:2b:e7:ed:85:f6:62:b5:ac:ae:ae:e0:6e:33:37:b0:
4e:16:51:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVtk+b5BcWJrCg+QEsqjJuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjMwMTAxMTM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU5ZTEzNWY1NTQzM2JhNTQ4NWZjZGE2ZTkwZGQ2YzJjODFjMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1cuUQorxsZgXUbaZ/x1EpAS3vH9
0NXV5AOQqv+zk+RZuhgX9F7oGZETWD7fPOZrg+DqQ0k69e3KeWgQI6+jegaTNmDb
PK8kfXgJGjGhs1a4UnggP8qrHDq47tF+jdDcEXjRVAoTlkNsfC7b7KmBTU2XkNXq
sRRcqy4JfQEe4Er4T5+eTW3d3Zibr06u50bEN86vhid8qWSXlHJw7+4HuOmrmaE3
x/ECorKtUtQTCRjaaavdT76OGvXjclfvK+Rt7q7bq94H0XAsW1zuKUjayQVoJDkj
R8XFRe4B3zwhgGJOgLh0ChGcu+I3BqBnpQBUYngzODywHAZqqoFL8xRnkQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFLdZ4TX1VDO6VIX82m6Q3WwsgcG2MB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvdDFuaE5mVlVNN3BVaGZ6YWJwRGRiQ3lCd2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAwDoxMAwD
BADAZ1cDBADAZ1owDAMEAMBnXQMEAMBnXgMEAMBnYgMEAMBnZQMEAcBnbAMEAMKJ
CwMEAMKJnzANBgkqhkiG9w0BAQsFAAOCAQEAqIj3q+Fg7JXOHw7IABAEiWL7iRjC
JK/mDEsFlcixUY3J3tamFdgQR/EDxOPlvoX1Sj43sLLGU7xqRG1yA4/j8/tR7wpb
KQUV4/mJXOCb3VJ4IgthwuQ44Zrhb7BMvu6GVe/PhkiUGctoJADa95P9i2d80/E2
qfrUaFtkYIntRykslor5/uHVXpGLw1zqeYfJhm3N3uzxjwu8rtnGrcBsP4H55Ugk
Pq39H5vRK0N3ynDjNEfmePF42j8yo4LjcQaihjJ2c+MSKQAtWytvYmhvOz3hS5J1
zvcKc3B03a3w5iUmnqKHKy4fl/KRchtOK+fthfZitayuruBuMzewThZRfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:43 2024 by rpki-client on console-ams.rpki-client.org