Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/nTu6zpaK75THH-4mQvhGb_NMdC4.roa
File: nTu6zpaK75THH-4mQvhGb_NMdC4.roa (raw, json)
Hash identifier: cFwLXXOrr1Xfa7AOVpeT//pnB4yRrDcnJwAkEluqJ5A=
Subject key identifier: 9D:3B:BA:CE:96:8A:EF:94:C7:1F:EE:26:42:F8:46:6F:F3:4C:74:2E
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0187036164C0C542D232ED713EBC6FDE5956
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/nTu6zpaK75THH-4mQvhGb_NMdC4.roa
Signing time: Tue 21 Mar 2023 08:55:27 +0000
ROA not before: Tue 21 Mar 2023 08:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197478
IP address blocks: 195.57.43.0/24 maxlen: 24
194.224.229.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:61:64:c0:c5:42:d2:32:ed:71:3e:bc:6f:de:59:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 21 08:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d3bbace968aef94c71fee2642f8466ff34c742e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:b2:05:99:f4:3e:f4:7c:36:85:c7:a1:6c:
85:17:d5:bb:68:0e:ae:4b:e0:2c:28:df:42:aa:07:
bc:28:b5:1d:0b:9e:5f:c1:59:d4:53:3d:ff:d6:b0:
bf:04:75:9b:90:43:95:32:23:e6:40:35:18:4f:8d:
f1:2b:83:bc:4f:50:20:15:42:48:2c:ad:b7:cc:cb:
52:9f:75:d3:25:b8:30:35:36:3e:b3:6e:1f:20:6d:
a4:58:c1:54:34:4c:a8:4e:16:69:4b:31:d3:b1:35:
dd:31:7c:ec:0f:28:8e:73:75:a2:c6:4b:6c:7e:db:
8d:ec:cd:ad:f7:b9:8b:b7:ab:ba:99:43:86:78:ad:
06:46:75:ce:ec:a5:0c:c8:74:d6:c6:28:e7:5d:42:
ed:f4:1b:eb:f6:db:da:e8:fc:b8:84:94:2d:03:28:
61:e0:78:a9:03:cc:8f:f5:aa:46:23:96:12:28:97:
ad:26:d6:5e:18:5a:97:5b:8b:9a:1f:27:c8:5d:c4:
78:cd:83:3c:cc:7f:ba:8c:e9:b2:26:f5:f3:f6:80:
4b:b3:f2:f5:99:0b:c9:60:57:9c:95:8c:12:04:84:
41:16:50:8c:c7:e0:b3:74:31:c9:87:1e:52:b0:61:
f7:f3:2b:61:2d:dc:b9:08:0f:a2:eb:f0:d5:d7:45:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3B:BA:CE:96:8A:EF:94:C7:1F:EE:26:42:F8:46:6F:F3:4C:74:2E
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/nTu6zpaK75THH-4mQvhGb_NMdC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.224.229.0/24
195.57.43.0/24
Signature Algorithm: sha256WithRSAEncryption
ea:d3:0b:44:14:9a:0f:cf:e6:49:c5:d2:fb:1b:ab:b4:ce:49:
f8:cb:c0:6d:0b:2c:a8:3d:7c:f9:ff:20:1d:62:6a:f5:71:31:
bc:f8:2b:7d:10:22:d1:d6:a8:75:9e:3a:a8:92:7f:96:1d:88:
00:be:10:cf:62:d3:08:37:fd:30:fb:75:33:60:47:16:0c:a2:
1a:da:4e:3b:35:6c:17:d4:37:76:0e:94:94:72:7f:6d:e4:0e:
a8:5e:d7:23:ed:d1:e1:a6:30:a2:15:80:2b:af:a6:a7:f3:3a:
c4:e8:1b:b9:37:40:52:aa:12:20:90:88:ec:ae:47:3c:fe:23:
93:23:15:57:e3:34:60:a0:4d:eb:1a:71:25:1f:a2:b3:38:bb:
88:81:9a:12:6c:b1:eb:25:fc:ee:7a:af:f2:d3:42:3c:e5:c0:
73:8c:9c:95:b3:d6:ca:f5:ee:31:87:3c:66:48:9c:0d:84:c7:
e4:a2:8b:2b:32:6e:a9:3a:c0:3f:9b:29:a2:36:30:9a:21:0f:
84:df:ba:18:14:ec:a5:ee:52:05:4a:c3:40:63:b6:88:47:94:
2c:66:1a:a5:d8:43:3e:50:a6:c1:33:9c:c1:a1:e5:fd:e4:96:
9f:f4:e7:be:62:70:2f:8c:76:04:28:88:58:0b:c9:89:a7:c9:
7b:e2:f1:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcDYWTAxULSMu1xPrxv3llWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzIxMDg1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNiYmFjZTk2OGFlZjk0YzcxZmVlMjY0MmY4NDY2ZmYzNGM3NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G6yBZn0PvR8NoXHoWyFF9W7aA6u
S+AsKN9Cqge8KLUdC55fwVnUUz3/1rC/BHWbkEOVMiPmQDUYT43xK4O8T1AgFUJI
LK23zMtSn3XTJbgwNTY+s24fIG2kWMFUNEyoThZpSzHTsTXdMXzsDyiOc3Wixkts
ftuN7M2t97mLt6u6mUOGeK0GRnXO7KUMyHTWxijnXULt9Bvr9tva6Py4hJQtAyhh
4HipA8yP9apGI5YSKJetJtZeGFqXW4uaHyfIXcR4zYM8zH+6jOmyJvXz9oBLs/L1
mQvJYFeclYwSBIRBFlCMx+CzdDHJhx5SsGH38ythLdy5CA+i6/DV10UFbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ07us6Wiu+Uxx/uJkL4Rm/zTHQuMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvblR1NnpwYUs3NVRISC00bVF2aEdiX05NZEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwuDlAwQA
wzkrMA0GCSqGSIb3DQEBCwUAA4IBAQDq0wtEFJoPz+ZJxdL7G6u0zkn4y8BtCyyo
PXz5/yAdYmr1cTG8+Ct9ECLR1qh1njqokn+WHYgAvhDPYtMIN/0w+3UzYEcWDKIa
2k47NWwX1Dd2DpSUcn9t5A6oXtcj7dHhpjCiFYArr6an8zrE6Bu5N0BSqhIgkIjs
rkc8/iOTIxVX4zRgoE3rGnElH6KzOLuIgZoSbLHrJfzueq/y00I85cBzjJyVs9bK
9e4xhzxmSJwNhMfkoosrMm6pOsA/mymiNjCaIQ+E37oYFOyl7lIFSsNAY7aIR5Qs
Zhql2EM+UKbBM5zBoeX95Jaf9Oe+YnAvjHYEKIhYC8mJp8l74vGH
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:35 2024 by rpki-client on console-ams.rpki-client.org