Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ntROMQ8lVVPibGJrqBX39Js4Ycw.roa
File: ntROMQ8lVVPibGJrqBX39Js4Ycw.roa (raw, json)
Hash identifier: Q+iKza0Z5PElNbtzNom9Kjlfi2VvHdP71jzaFZS9HYs=
Subject key identifier: 9E:D4:4E:31:0F:25:55:53:E2:6C:62:6B:A8:15:F7:F4:9B:38:61:CC
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018AF8508F54BD00E676749B63F607299B2E
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ntROMQ8lVVPibGJrqBX39Js4Ycw.roa
Signing time: Wed 04 Oct 2023 01:32:23 +0000
ROA not before: Wed 04 Oct 2023 01:32:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1290
IP address blocks: 193.82.192.0/19 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.32.0.0/16 maxlen: 24
195.152.0.0/15 maxlen: 15
193.117.32.0/19 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 06:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f8:50:8f:54:bd:00:e6:76:74:9b:63:f6:07:29:9b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 4 01:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ed44e310f255553e26c626ba815f7f49b3861cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e2:b7:7e:f4:fb:1e:c9:f8:4f:7e:75:a1:34:
3c:ec:31:e3:85:6f:a5:e1:7a:e4:78:6d:fd:b8:79:
76:86:ef:53:f6:a3:62:d9:a6:90:bc:5f:86:93:bd:
00:45:be:a7:e7:f4:8f:fc:13:06:12:0c:16:63:44:
59:c2:cd:de:a2:ed:0c:e5:fa:de:89:67:2e:99:25:
38:77:29:7b:d7:83:ce:39:9a:94:c3:b1:e9:7e:91:
4c:1f:e9:6f:41:3d:1f:c0:a0:8e:6c:d8:71:b4:bf:
1e:2b:e0:7b:f3:76:33:b8:ae:3f:62:95:f9:1f:3b:
36:43:c4:59:c1:3f:40:05:71:35:a4:96:ac:1e:61:
ca:82:5b:89:a5:48:df:cc:d6:d5:8e:04:4e:9e:41:
d0:8f:29:64:19:d5:62:81:5a:0b:37:ab:67:bf:b7:
c7:24:3c:c9:fc:ea:74:37:8d:7a:2d:eb:e3:98:be:
cd:3a:09:61:3f:90:b3:a7:d7:b8:b4:83:33:af:a0:
ef:99:e3:79:f4:16:cf:41:22:cc:dc:ad:fe:9a:1e:
eb:a2:80:67:c0:28:5f:b9:ad:53:f5:bf:8b:df:45:
f3:87:9e:d7:fe:85:6c:f3:e3:20:9c:20:6a:5d:03:
54:de:f3:ef:57:4e:cb:b7:3a:57:ec:1c:4e:35:da:
e2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D4:4E:31:0F:25:55:53:E2:6C:62:6B:A8:15:F7:F4:9B:38:61:CC
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ntROMQ8lVVPibGJrqBX39Js4Ycw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.152.0.0/15
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
15:56:b8:f6:18:22:ef:93:66:cf:4e:f1:72:95:d2:55:4d:07:
80:1f:6d:36:a8:e9:98:a6:94:e6:3a:a0:bb:5a:25:c9:e3:c9:
a1:c0:38:e4:83:a5:df:b6:ab:69:9c:84:e2:9a:6f:0b:a5:c0:
d5:d9:99:fb:01:77:b5:2f:56:75:4d:8a:c7:26:22:fe:ad:d1:
a9:23:81:d5:f9:9a:c9:5e:62:78:d2:a4:28:30:2f:be:66:e6:
99:b0:3e:a5:93:fc:bf:29:9f:38:05:f8:88:8c:d6:1a:64:a3:
d9:ed:1b:e6:0b:1f:ab:58:b6:4d:55:30:a5:ea:c0:09:30:1c:
eb:34:73:58:30:0d:c1:77:0a:ea:e1:67:93:87:33:76:9f:63:
d7:82:59:0c:04:4d:51:ea:10:3a:49:ca:50:a7:be:a5:42:16:
8f:34:5e:9c:48:ad:f5:aa:e7:c8:43:b2:8a:92:a7:12:71:8f:
92:24:60:94:6a:b0:ef:60:97:78:59:a3:8d:99:ce:5e:70:e8:
a7:2e:c2:26:60:5c:b2:1e:27:88:7b:03:c7:2d:c4:dc:c0:ea:
a4:df:39:d2:f5:c9:5d:25:e6:ff:e1:b7:68:1e:82:f3:30:5b:
54:71:81:7f:4c:7a:0a:e6:85:99:b7:58:27:27:42:a3:98:d6:
b7:1e:e5:09
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYr4UI9UvQDmdnSbY/YHKZsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA0MDEzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ0NGUzMTBmMjU1NTUzZTI2YzYyNmJhODE1ZjdmNDliMzg2MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuK3fvT7Hsn4T351oTQ87DHjhW+l
4XrkeG39uHl2hu9T9qNi2aaQvF+Gk70ARb6n5/SP/BMGEgwWY0RZws3eou0M5fre
iWcumSU4dyl714POOZqUw7HpfpFMH+lvQT0fwKCObNhxtL8eK+B783YzuK4/YpX5
Hzs2Q8RZwT9ABXE1pJasHmHKgluJpUjfzNbVjgROnkHQjylkGdVigVoLN6tnv7fH
JDzJ/Op0N416LevjmL7NOglhP5Czp9e4tIMzr6DvmeN59BbPQSLM3K3+mh7rooBn
wChfua1T9b+L30Xzh57X/oVs8+MgnCBqXQNU3vPvV07LtzpX7BxONdri9QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJ7UTjEPJVVT4mxia6gV9/SbOGHMMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvbnRST01ROGxWVlBpYkdKcnFCWDM5SnM0WWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwMAkmUDAwCa
IDAMAwQFwVJgAwQFwVKAAwQFwVLAAwQFwXUgAwMBw5gwDQQCAAIwBwMFACoCFiAw
DQYJKoZIhvcNAQELBQADggEBABVWuPYYIu+TZs9O8XKV0lVNB4AfbTao6ZimlOY6
oLtaJcnjyaHAOOSDpd+2q2mchOKabwulwNXZmfsBd7UvVnVNiscmIv6t0akjgdX5
msleYnjSpCgwL75m5pmwPqWT/L8pnzgF+IiM1hpko9ntG+YLH6tYtk1VMKXqwAkw
HOs0c1gwDcF3CurhZ5OHM3afY9eCWQwETVHqEDpJylCnvqVCFo80XpxIrfWq58hD
soqSpxJxj5IkYJRqsO9gl3hZo42Zzl5w6KcuwiZgXLIeJ4h7A8ctxNzA6qTfOdL1
yV0l5v/ht2gegvMwW1RxgX9MegrmhZm3WCcnQqOY1rce5Qk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org