Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/nrAlOKaUQv6pz5eTuiI-1MrG6H4.roa
File: nrAlOKaUQv6pz5eTuiI-1MrG6H4.roa (raw, json)
Hash identifier: DDki4ElGZaasTUVkp//PUxtazJGgNgH6t4uGnuFf/vY=
Subject key identifier: 9E:B0:25:38:A6:94:42:FE:A9:CF:97:93:BA:22:3E:D4:CA:C6:E8:7E
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 01856CC143F27F54DDD0371EE76F1F0BB463
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/nrAlOKaUQv6pz5eTuiI-1MrG6H4.roa
Signing time: Sun 01 Jan 2023 09:54:43 +0000
ROA not before: Sun 01 Jan 2023 09:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201240
IP address blocks: 192.166.240.0/24 maxlen: 24
2a07:eec0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:43:f2:7f:54:dd:d0:37:1e:e7:6f:1f:0b:b4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 1 09:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eb02538a69442fea9cf9793ba223ed4cac6e87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:ce:15:98:9d:66:4c:03:77:00:3d:5f:14:
65:a1:d0:0a:8f:01:6a:6f:4b:60:1f:e9:13:d9:f7:
bc:af:ec:bd:19:11:2e:be:a8:0e:0e:f8:dd:ef:4e:
12:c2:4a:83:be:70:48:1c:9f:c4:f6:01:e2:6f:b9:
7b:4a:4e:47:e3:56:68:26:d0:3b:d9:a7:ea:ea:bb:
c4:e1:fa:90:36:9d:59:cb:b9:18:b5:d8:ca:d2:af:
29:4f:92:e2:69:fb:0f:fa:52:d7:5b:79:e5:4d:f1:
18:1c:e3:f3:39:87:e8:e9:41:24:90:4b:46:90:4d:
0b:bc:ad:18:71:90:83:3d:98:63:0f:7e:76:cd:9c:
2c:59:40:06:61:83:1e:39:17:a3:15:b7:83:29:08:
c0:81:3b:f1:47:0c:2b:e0:19:2b:4e:ed:46:74:e3:
41:dd:29:6a:6c:ed:a1:1b:3e:b1:54:68:1f:58:c3:
c3:38:d8:ef:b9:05:b1:9d:09:e2:21:af:08:69:8f:
07:aa:0c:ac:60:f4:79:e7:81:6d:61:b0:0a:b3:e6:
11:42:20:85:9d:dc:99:9b:66:67:9e:3d:a8:6e:98:
b1:55:c3:c9:b2:ac:37:bb:d5:3d:5a:c7:30:46:ee:
79:ce:4a:0c:dc:52:89:b9:47:b8:89:b7:e4:0a:c6:
19:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B0:25:38:A6:94:42:FE:A9:CF:97:93:BA:22:3E:D4:CA:C6:E8:7E
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/nrAlOKaUQv6pz5eTuiI-1MrG6H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.240.0/24
IPv6:
2a07:eec0::/29
Signature Algorithm: sha256WithRSAEncryption
64:f6:84:6f:62:08:bc:66:f6:c1:88:bd:f1:83:08:8f:86:d0:
16:85:eb:b4:e0:49:43:32:53:9c:c6:64:03:ef:9b:fe:a0:50:
73:a0:ee:e5:1e:f6:06:0f:dd:ee:3e:19:52:07:ef:a0:08:44:
81:94:43:e5:8f:2d:3b:2a:07:ac:20:e8:4e:23:cd:e5:d2:4c:
3b:d4:e2:3e:18:5b:1d:1b:5a:92:b2:ee:bb:5a:85:1d:6b:08:
23:7d:9b:eb:8c:ce:e0:59:b6:87:b5:da:e0:2b:f1:e4:cc:85:
55:ad:d9:46:76:88:54:54:fe:f1:47:4c:28:bd:74:ea:b5:9f:
b1:40:9a:04:ee:fc:92:2c:5c:ef:2e:af:77:bb:69:95:bb:7f:
7f:ea:41:b4:89:ff:ae:15:cb:96:41:73:37:f4:f0:e8:0a:44:
76:f4:fa:5d:85:da:d9:4d:02:7b:13:84:f2:ca:b1:be:e1:ec:
98:cc:ca:ae:11:5b:a2:31:da:24:6e:99:41:4a:10:b4:9f:1e:
2e:87:23:5f:f6:e0:a8:0e:1f:32:5a:0e:d3:16:bd:92:a9:f4:
1b:a4:d5:15:09:4d:c8:70:c5:9f:a3:e6:6e:07:ad:a5:fd:9f:
9f:2a:50:be:70:87:c1:e3:74:be:b5:e3:ca:21:ff:7d:6d:42:
e0:41:5c:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswUPyf1Td0Dce528fC7RjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzMyZGNkMGMzNTQyNjE0NGY5ZjAyNjc1NDE3OWRmYWVi
ZTg5NTgwHhcNMjMwMTAxMDk1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWIwMjUzOGE2OTQ0MmZlYTljZjk3OTNiYTIyM2VkNGNhYzZlODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0jOFZidZkwDdwA9XxRlodAKjwFq
b0tgH+kT2fe8r+y9GREuvqgODvjd704SwkqDvnBIHJ/E9gHib7l7Sk5H41ZoJtA7
2afq6rvE4fqQNp1Zy7kYtdjK0q8pT5LiafsP+lLXW3nlTfEYHOPzOYfo6UEkkEtG
kE0LvK0YcZCDPZhjD352zZwsWUAGYYMeORejFbeDKQjAgTvxRwwr4BkrTu1GdONB
3SlqbO2hGz6xVGgfWMPDONjvuQWxnQniIa8IaY8HqgysYPR554FtYbAKs+YRQiCF
ndyZm2Znnj2obpixVcPJsqw3u9U9WscwRu55zkoM3FKJuUe4ibfkCsYZTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ6wJTimlEL+qc+Xk7oiPtTKxuh+MB8GA1UdIwQY
MBaAFDlzLc0MNUJhRPnwJnVBed+uvolYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODIt
ZjYwYWYyYTgyMDYwLzEvbnJBbE9LYVVRdjZwejVlVHVpSS0xTXJHNkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODItZjYwYWYyYTgyMDYw
LzEvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwKbwMA0E
AgACMAcDBQMqB+7AMA0GCSqGSIb3DQEBCwUAA4IBAQBk9oRvYgi8ZvbBiL3xgwiP
htAWheu04ElDMlOcxmQD75v+oFBzoO7lHvYGD93uPhlSB++gCESBlEPljy07Kges
IOhOI83l0kw71OI+GFsdG1qSsu67WoUdawgjfZvrjM7gWbaHtdrgK/HkzIVVrdlG
dohUVP7xR0wovXTqtZ+xQJoE7vySLFzvLq93u2mVu39/6kG0if+uFcuWQXM39PDo
CkR29PpdhdrZTQJ7E4TyyrG+4eyYzMquEVuiMdokbplBShC0nx4uhyNf9uCoDh8y
Wg7TFr2SqfQbpNUVCU3IcMWfo+ZuB62l/Z+fKlC+cIfB43S+tePKIf99bULgQVxt
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:11 2024 by rpki-client on console-fra.rpki-client.org