Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NDv0zHCThJktnRrzXOd9rtcdEdI.roa
File: NDv0zHCThJktnRrzXOd9rtcdEdI.roa (raw, json)
Hash identifier: PnVXowJs1IXi6fBubQZ1ACc9BWUB5Ox/+iuO9ydvZuU=
Subject key identifier: 34:3B:F4:CC:70:93:84:99:2D:9D:1A:F3:5C:E7:7D:AE:D7:1D:11:D2
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018AF8508FCBF740BD5680274C981AE9C8AC
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NDv0zHCThJktnRrzXOd9rtcdEdI.roa
Signing time: Wed 04 Oct 2023 01:32:23 +0000
ROA not before: Wed 04 Oct 2023 01:32:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
195.153.74.0/24 maxlen: 24
154.32.0.0/16 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 06:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f8:50:8f:cb:f7:40:bd:56:80:27:4c:98:1a:e9:c8:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 4 01:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=343bf4cc709384992d9d1af35ce77daed71d11d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a4:7b:af:a9:36:06:39:25:39:c8:21:17:3a:
79:ba:c6:99:31:47:e5:29:98:52:6d:d0:75:08:0f:
d6:b3:88:bb:ea:82:6c:01:1e:45:cc:a4:a2:d4:97:
1d:64:7e:cc:c3:a0:bf:5e:cd:25:25:04:a5:fa:d2:
67:4d:99:2b:3e:2d:1c:4d:b1:5e:83:c3:6c:35:7d:
7d:c7:b0:ff:cf:fd:f3:56:01:b0:aa:7f:e0:8c:43:
5a:27:b2:14:c6:6c:b6:f6:47:b7:dd:76:ca:a5:f1:
25:c8:a0:d5:22:cb:9a:c5:bb:41:ca:5d:06:e0:d2:
bc:f9:38:5d:46:62:9a:cf:2a:3b:d2:9c:78:53:11:
d4:6b:2d:2a:17:47:5c:7d:00:a9:a6:bb:0a:d6:b7:
e3:58:3a:0b:80:57:14:41:3f:19:37:8a:d5:2c:7b:
f2:14:9c:a6:0c:3f:5b:32:cc:2a:11:a2:97:b7:69:
bd:6b:a8:8f:58:56:0a:13:6a:33:b9:2d:85:a3:60:
d7:a3:c0:ad:04:07:79:72:46:26:cb:dd:0b:30:9f:
f9:25:1e:21:14:bd:35:c1:bc:9a:51:48:89:79:3e:
61:69:53:f4:b1:0b:12:40:7f:84:5c:d1:f6:95:47:
d0:94:72:3a:4d:94:2e:09:1d:28:9e:9b:59:0a:94:
98:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3B:F4:CC:70:93:84:99:2D:9D:1A:F3:5C:E7:7D:AE:D7:1D:11:D2
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NDv0zHCThJktnRrzXOd9rtcdEdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
6f:e8:27:4b:e9:13:6e:e9:4d:1a:1b:e5:82:70:c5:a8:1e:1f:
d4:20:91:d4:8b:ad:c4:94:8a:02:cc:73:8c:a5:fe:17:39:55:
f5:08:1b:6d:c9:57:e9:91:0e:ef:ff:9c:7d:57:d0:86:23:f6:
b3:0b:95:e8:78:52:ea:0d:72:96:d1:80:a5:c8:dc:aa:94:d6:
54:c2:9d:43:87:f5:39:33:8e:92:8e:26:18:48:c9:c0:61:7b:
50:c6:f9:e8:6a:e6:c2:7e:e6:98:a8:14:1d:9e:62:21:08:e2:
fb:b0:9c:d8:56:de:ba:d7:9a:cc:22:84:52:de:61:0a:3b:ce:
ba:ca:70:92:83:1d:84:ee:2d:32:6f:90:9e:6f:43:31:da:31:
5b:33:db:d0:86:50:cb:58:d7:b8:cc:09:82:63:d0:a1:c6:01:
eb:ba:d5:18:af:9f:81:7e:4f:d3:a1:62:49:3f:15:af:5f:b7:
79:fb:3e:f4:69:ce:70:48:60:c2:4d:ec:dd:37:28:0c:be:03:
2c:5c:bb:ec:f9:8a:b7:9f:3f:6b:15:55:9b:97:a4:46:61:fb:
1d:4a:db:ef:28:77:3c:bd:32:7a:9c:d6:d2:a3:05:48:43:b5:
26:cd:af:f7:49:47:44:d2:fb:3a:00:d2:50:71:ee:68:ed:2a:
f3:68:c8:dc
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYr4UI/L90C9VoAnTJga6cisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA0MDEzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNiZjRjYzcwOTM4NDk5MmQ5ZDFhZjM1Y2U3N2RhZWQ3MWQxMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6R7r6k2BjklOcghFzp5usaZMUfl
KZhSbdB1CA/Ws4i76oJsAR5FzKSi1JcdZH7Mw6C/Xs0lJQSl+tJnTZkrPi0cTbFe
g8NsNX19x7D/z/3zVgGwqn/gjENaJ7IUxmy29ke33XbKpfElyKDVIsuaxbtByl0G
4NK8+ThdRmKazyo70px4UxHUay0qF0dcfQCpprsK1rfjWDoLgFcUQT8ZN4rVLHvy
FJymDD9bMswqEaKXt2m9a6iPWFYKE2ozuS2Fo2DXo8CtBAd5ckYmy90LMJ/5JR4h
FL01wbyaUUiJeT5haVP0sQsSQH+EXNH2lUfQlHI6TZQuCR0onptZCpSY8QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDQ79Mxwk4SZLZ0a81znfa7XHRHSMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvTkR2MHpIQ1RoSmt0blJyelhPZDlydGNkRWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwMAkmUDAwCa
IDAMAwQFwVJgAwQFwVKAAwQFwVLAAwQFwXUgAwQAw5kTAwQAw5lKAwQCw5lsAwQA
w5l8AwQBw5nYAwQE2ZcgMA0EAgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IB
AQBv6CdL6RNu6U0aG+WCcMWoHh/UIJHUi63ElIoCzHOMpf4XOVX1CBttyVfpkQ7v
/5x9V9CGI/azC5XoeFLqDXKW0YClyNyqlNZUwp1Dh/U5M46SjiYYSMnAYXtQxvno
aubCfuaYqBQdnmIhCOL7sJzYVt6615rMIoRS3mEKO866ynCSgx2E7i0yb5Ceb0Mx
2jFbM9vQhlDLWNe4zAmCY9ChxgHrutUYr5+Bfk/ToWJJPxWvX7d5+z70ac5wSGDC
TezdNygMvgMsXLvs+Yq3nz9rFVWbl6RGYfsdStvvKHc8vTJ6nNbSowVIQ7Umza/3
SUdE0vs6ANJQce5o7SrzaMjc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org