Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/n5uNcT7LZDIidLOJAEX2TGKp-xE.roa
File: n5uNcT7LZDIidLOJAEX2TGKp-xE.roa (raw, json)
Hash identifier: EtkkFsdhXO5vOBmbThRgMpq/5dKmFKaeV8NqGMYLPCg=
Subject key identifier: 9F:9B:8D:71:3E:CB:64:32:22:74:B3:89:00:45:F6:4C:62:A9:FB:11
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF41368F124AFA3B914CD0B58A940
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/n5uNcT7LZDIidLOJAEX2TGKp-xE.roa
Signing time: Sun 01 Jan 2023 08:24:48 +0000
ROA not before: Sun 01 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30885
IP address blocks: 86.105.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f4:13:68:f1:24:af:a3:b9:14:cd:0b:58:a9:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f9b8d713ecb64322274b3890045f64c62a9fb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:9f:3d:6b:ff:f5:ca:eb:32:da:5c:e2:7f:
fa:50:98:ce:fc:9b:e9:33:f6:58:82:e7:6c:34:31:
4e:4f:ad:28:95:17:8e:eb:09:c9:a6:67:55:d2:35:
10:bc:e6:c6:33:94:3f:8a:19:2d:85:95:35:10:11:
97:8e:ed:be:a7:58:be:d5:eb:65:e7:0f:e9:4c:1b:
ae:d7:e7:73:7e:44:b0:78:41:86:6e:ff:74:68:d5:
55:7f:1d:27:69:d9:54:9b:b2:3f:69:f1:1e:6f:30:
db:5a:98:10:44:b2:ec:0f:ab:be:a9:5e:30:8c:db:
a0:5b:10:60:d1:e0:7f:0f:f7:d4:b1:8a:19:ef:f6:
34:e1:cf:cc:63:37:e0:2d:9a:18:be:34:64:b2:63:
9f:7f:23:95:e1:73:0f:8a:c9:af:df:19:c6:23:db:
18:d7:33:da:fa:0b:32:79:7d:c4:9f:a2:9b:b5:e7:
d2:36:96:52:ce:a7:a4:ff:5e:08:15:14:17:d1:9c:
e0:a2:88:2b:b6:da:61:9a:da:8c:63:75:1a:58:62:
4d:97:75:be:50:60:c5:d9:90:7c:2a:9e:2d:ab:2f:
11:01:e5:a4:56:e7:6b:51:9f:27:40:cd:f9:70:c8:
be:1d:71:ba:7d:32:b4:fb:ef:04:67:46:ef:b6:a8:
fa:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:9B:8D:71:3E:CB:64:32:22:74:B3:89:00:45:F6:4C:62:A9:FB:11
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/n5uNcT7LZDIidLOJAEX2TGKp-xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.193.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:73:4c:ee:60:a1:74:d5:14:16:16:d6:12:b4:3a:c1:28:93:
c9:d3:94:76:87:21:1a:6a:88:e9:4b:94:2e:c7:e8:fd:ca:c7:
43:54:db:67:db:77:f4:3c:ad:de:25:a8:b5:24:60:de:07:1b:
3b:84:76:52:c4:b3:90:56:a5:76:d5:b4:a3:b5:dc:ea:30:b3:
5a:8c:f6:5f:7d:30:02:af:44:62:7b:2f:74:01:ba:24:5c:0f:
a2:b3:66:c8:78:eb:18:be:df:40:08:57:b0:c5:a7:d3:aa:f3:
a6:bb:52:ab:85:d5:4b:fd:12:6a:d7:85:91:28:2f:2e:de:1e:
21:ac:54:ae:6e:32:d6:b4:92:b4:0c:73:4b:56:6c:fa:0c:59:
07:25:ee:e6:1b:d5:eb:3e:ce:30:77:2f:c2:ab:c6:29:ed:48:
da:66:bd:40:33:5b:fd:32:e1:a3:af:7a:9c:44:94:5a:a8:6c:
cc:1b:8f:23:07:ae:4a:08:1e:7b:54:8d:50:24:b9:13:bd:41:
05:bb:8b:13:9f:f3:da:69:67:f8:de:eb:3a:04:bb:44:dc:b0:
57:6a:0e:ce:74:62:33:bc:05:89:f3:0c:4f:d3:ab:cf:93:32:
25:34:ee:a1:49:37:a3:97:8e:10:a3:e4:c0:d5:66:7a:59:47:
27:2b:36:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvQTaPEkr6O5FM0LWKlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjliOGQ3MTNlY2I2NDMyMjI3NGIzODkwMDQ1ZjY0YzYyYTlmYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9ufPWv/9crrMtpc4n/6UJjO/Jvp
M/ZYgudsNDFOT60olReO6wnJpmdV0jUQvObGM5Q/ihkthZU1EBGXju2+p1i+1etl
5w/pTBuu1+dzfkSweEGGbv90aNVVfx0nadlUm7I/afEebzDbWpgQRLLsD6u+qV4w
jNugWxBg0eB/D/fUsYoZ7/Y04c/MYzfgLZoYvjRksmOffyOV4XMPismv3xnGI9sY
1zPa+gsyeX3En6KbtefSNpZSzqek/14IFRQX0ZzgoogrttphmtqMY3UaWGJNl3W+
UGDF2ZB8Kp4tqy8RAeWkVudrUZ8nQM35cMi+HXG6fTK0++8EZ0bvtqj6dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+bjXE+y2QyInSziQBF9kxiqfsRMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvbjV1TmNUN0xaRElpZExPSkFFWDJUR0twLXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmnBMA0G
CSqGSIb3DQEBCwUAA4IBAQC2c0zuYKF01RQWFtYStDrBKJPJ05R2hyEaaojpS5Qu
x+j9ysdDVNtn23f0PK3eJai1JGDeBxs7hHZSxLOQVqV21bSjtdzqMLNajPZffTAC
r0Riey90AbokXA+is2bIeOsYvt9ACFewxafTqvOmu1KrhdVL/RJq14WRKC8u3h4h
rFSubjLWtJK0DHNLVmz6DFkHJe7mG9XrPs4wdy/Cq8Yp7UjaZr1AM1v9MuGjr3qc
RJRaqGzMG48jB65KCB57VI1QJLkTvUEFu4sTn/PaaWf43us6BLtE3LBXag7OdGIz
vAWJ8wxP06vPkzIlNO6hSTejl44Qo+TA1WZ6WUcnKzaw
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:28 2024 by rpki-client on console-fra.rpki-client.org