Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/Nb3OnsQpktQBF1ZyeBUmsDVQ02I.roa
File: Nb3OnsQpktQBF1ZyeBUmsDVQ02I.roa (raw, json)
Hash identifier: DgxWa9mac3g6rjAfZXFARO4hkedVUkHw9GEFPorXsMo=
Subject key identifier: 35:BD:CE:9E:C4:29:92:D4:01:17:56:72:78:15:26:B0:35:50:D3:62
Certificate issuer: /CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Certificate serial: 018C2FEC43B32D6C92CF361A7A38213FF93D
Authority key identifier: 9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/Nb3OnsQpktQBF1ZyeBUmsDVQ02I.roa
Signing time: Sun 03 Dec 2023 13:44:22 +0000
ROA not before: Sun 03 Dec 2023 13:44:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205219
IP address blocks: 217.197.100.0/24 maxlen: 24
2a09:b7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:ec:43:b3:2d:6c:92:cf:36:1a:7a:38:21:3f:f9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Validity
Not Before: Dec 3 13:44:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35bdce9ec42992d401175672781526b03550d362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:9c:62:d3:09:a1:6e:7d:a9:88:84:2b:01:
df:12:8d:31:33:56:74:84:6b:19:77:6a:bc:44:47:
2e:4a:0c:a1:af:95:d6:22:02:05:23:57:96:69:72:
d3:47:6e:d2:9b:f6:69:23:0d:74:1a:14:ff:1e:f6:
9e:8a:ea:0f:fd:4f:60:8c:21:2a:fc:ef:c4:c0:db:
ee:ec:89:05:e0:df:ae:80:b5:23:c6:2b:ac:c6:b6:
c1:92:90:18:98:77:ca:46:dc:d8:cd:20:a2:a4:69:
85:80:43:74:12:70:da:a7:90:d0:36:f8:3c:77:7a:
bb:e8:70:55:ef:6c:14:fa:68:86:b3:ed:40:60:55:
c6:35:4d:c0:42:e1:c1:82:ae:fc:d1:a8:34:10:3d:
b9:f5:28:f5:e5:43:32:5c:94:5f:92:73:85:10:c0:
07:a0:39:e4:1a:29:5e:df:41:6b:52:af:4e:d5:b0:
33:fd:7d:f1:2e:ea:b2:a6:6e:bc:33:c7:8f:b5:a2:
75:75:a6:8e:0b:72:f5:a6:ee:a3:0c:38:2a:64:bf:
13:1d:d4:34:2f:b2:9d:2d:15:10:52:74:50:61:12:
5c:37:49:fa:94:6e:d4:af:fd:98:df:ad:fe:55:7d:
b1:3c:13:09:be:a7:60:66:b1:f0:54:a4:74:95:82:
e4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BD:CE:9E:C4:29:92:D4:01:17:56:72:78:15:26:B0:35:50:D3:62
X509v3 Authority Key Identifier:
keyid:9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/Nb3OnsQpktQBF1ZyeBUmsDVQ02I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.100.0/24
IPv6:
2a09:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:16:0c:fd:12:12:99:e1:96:60:4b:ec:bb:0a:eb:07:d7:05:
1c:05:7a:88:b6:ae:15:f8:f1:1d:17:d9:eb:69:2d:b7:2c:9b:
10:9e:c5:55:dc:fd:be:91:52:c2:ce:94:d4:69:6c:e5:76:c8:
a7:a0:bc:c0:48:71:46:7e:9c:12:68:16:c5:3b:d7:43:83:5d:
8d:2d:5a:6e:2f:91:cb:f3:de:98:14:83:12:fb:2f:c3:be:64:
28:34:67:ed:11:80:22:91:5e:f3:a8:e0:31:4f:b6:25:fd:11:
ad:bd:a8:9d:29:bb:56:cb:0f:94:eb:95:b9:55:9c:dc:e1:97:
c3:a7:56:93:ee:05:32:73:a7:99:72:a6:52:94:3f:1d:40:d0:
32:0a:2b:50:0b:72:4c:29:2c:e6:d6:48:d2:fd:9f:80:7c:b3:
4d:ca:27:18:28:08:09:af:f5:9b:54:ec:2e:96:24:86:7a:30:
dc:cb:12:a4:94:e1:46:e6:bf:58:a5:42:6f:07:89:5c:74:76:
89:e6:16:59:e6:7e:c3:1e:df:69:74:10:28:08:24:3b:38:2a:
2a:eb:84:d0:11:c8:5a:81:34:87:71:d4:54:bb:51:3c:9d:1c:
b1:58:36:ae:f1:dd:5e:e7:24:b1:be:82:6e:3a:0e:f5:96:86:
16:62:ee:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwv7EOzLWySzzYaejghP/k9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjFhNWU0Y2Y2ZTllMmU3MDMzOGFlZWJmYTBkMTU4OGQ3
M2I2ZWYwHhcNMjMxMjAzMTM0NDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJkY2U5ZWM0Mjk5MmQ0MDExNzU2NzI3ODE1MjZiMDM1NTBkMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQWcYtMJoW59qYiEKwHfEo0xM1Z0
hGsZd2q8REcuSgyhr5XWIgIFI1eWaXLTR27Sm/ZpIw10GhT/HvaeiuoP/U9gjCEq
/O/EwNvu7IkF4N+ugLUjxiusxrbBkpAYmHfKRtzYzSCipGmFgEN0EnDap5DQNvg8
d3q76HBV72wU+miGs+1AYFXGNU3AQuHBgq780ag0ED259Sj15UMyXJRfknOFEMAH
oDnkGile30FrUq9O1bAz/X3xLuqypm68M8ePtaJ1daaOC3L1pu6jDDgqZL8THdQ0
L7KdLRUQUnRQYRJcN0n6lG7Ur/2Y363+VX2xPBMJvqdgZrHwVKR0lYLkGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDW9zp7EKZLUARdWcngVJrA1UNNiMB8GA1UdIwQY
MBaAFJwhpeTPbp4ucDOK7r+g0ViNc7bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDIt
NTI4ZWZmNTJmZWJkLzEvTmIzT25zUXBrdFFCRjFaeWVCVW1zRFZRMDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDItNTI4ZWZmNTJmZWJk
LzEvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVkMA0E
AgACMAcDBQMqCbfAMA0GCSqGSIb3DQEBCwUAA4IBAQAtFgz9EhKZ4ZZgS+y7CusH
1wUcBXqItq4V+PEdF9nraS23LJsQnsVV3P2+kVLCzpTUaWzldsinoLzASHFGfpwS
aBbFO9dDg12NLVpuL5HL896YFIMS+y/DvmQoNGftEYAikV7zqOAxT7Yl/RGtvaid
KbtWyw+U65W5VZzc4ZfDp1aT7gUyc6eZcqZSlD8dQNAyCitQC3JMKSzm1kjS/Z+A
fLNNyicYKAgJr/WbVOwuliSGejDcyxKklOFG5r9YpUJvB4lcdHaJ5hZZ5n7DHt9p
dBAoCCQ7OCoq64TQEchagTSHcdRUu1E8nRyxWDau8d1e5ySxvoJuOg71loYWYu6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org