Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/NIueB9MKtlv77c9nOvB1ZbqUAk0.roa
File: NIueB9MKtlv77c9nOvB1ZbqUAk0.roa (raw, json)
Hash identifier: xIU/dYTtMdBrJ5UL5MfvIhQEwCZAkHyZlqHZPfGCuL4=
Subject key identifier: 34:8B:9E:07:D3:0A:B6:5B:FB:ED:CF:67:3A:F0:75:65:BA:94:02:4D
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018A50448D31A12E222844F56E7F5A8E9442
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/NIueB9MKtlv77c9nOvB1ZbqUAk0.roa
Signing time: Fri 01 Sep 2023 10:23:04 +0000
ROA not before: Fri 01 Sep 2023 10:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47844
IP address blocks: 62.122.88.0/21 maxlen: 21
31.130.0.0/19 maxlen: 24
31.130.12.0/22 maxlen: 22
31.130.16.0/20 maxlen: 20
178.212.80.0/21 maxlen: 21
93.157.163.0/24 maxlen: 24
93.157.160.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 01 Sep 2023 10:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:44:8d:31:a1:2e:22:28:44:f5:6e:7f:5a:8e:94:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Sep 1 10:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=348b9e07d30ab65bfbedcf673af07565ba94024d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:71:bd:60:ef:e9:86:0b:b3:74:2f:de:e7:05:
6b:c7:0f:aa:e8:fe:d9:3b:70:62:7c:31:52:af:fa:
ad:92:6c:f8:de:f7:33:7c:49:6b:2b:b4:86:ab:0e:
f0:b3:6f:33:d1:bd:3c:c7:be:8c:8c:29:56:a9:f5:
c0:d9:42:a1:61:39:8f:9f:2c:0d:84:8e:9c:b6:cf:
03:82:27:bd:43:f8:92:28:4a:5f:5a:16:c6:e5:0b:
c5:cb:52:47:16:54:db:1d:eb:bf:74:75:da:d3:3e:
d9:5d:26:b4:e8:3f:fd:e9:8a:87:bf:33:f6:70:ec:
90:ad:1c:d2:d7:d0:ad:a2:2c:6d:27:4b:2b:bf:53:
78:77:6e:ab:2e:88:99:79:0f:26:a3:8d:78:eb:3c:
af:25:31:25:13:3b:15:9e:9d:c0:c2:b7:46:77:55:
48:f8:8b:08:6c:e1:89:b4:1f:27:43:0a:8e:98:9e:
88:e6:1f:7d:50:a0:02:4a:e6:0c:71:4d:e6:95:c2:
17:b6:0d:cf:49:18:c8:2c:7a:e6:ce:c3:49:c1:ae:
be:98:04:f1:37:ca:d8:d2:e0:27:09:2e:9f:90:b9:
ec:43:d6:47:0f:e1:73:44:ef:1e:1f:f9:1f:82:04:
27:9e:32:ac:45:27:25:e4:28:e3:76:ae:8b:6c:09:
91:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8B:9E:07:D3:0A:B6:5B:FB:ED:CF:67:3A:F0:75:65:BA:94:02:4D
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/NIueB9MKtlv77c9nOvB1ZbqUAk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.0.0/19
62.122.88.0/21
93.157.160.0/21
178.212.80.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:7f:24:5c:b2:e7:6e:ba:4c:96:f6:b3:65:07:15:4a:5e:72:
33:10:60:2b:6b:48:4d:27:fb:63:f4:78:ec:2d:f9:1b:f2:b9:
c8:88:ae:dd:85:bb:4b:e0:34:f9:21:62:0b:96:a5:2a:10:b2:
80:cc:0a:9c:a8:64:5f:e1:df:8e:ab:89:61:4b:b8:15:b9:9a:
07:67:ac:c3:a5:47:61:8b:31:36:fd:a7:f3:5a:ad:b8:75:5d:
9c:76:03:b4:9c:85:60:4c:19:de:f2:19:15:2a:e8:3d:ed:08:
3f:81:f2:18:91:a1:6a:bd:e7:33:f1:f1:cb:df:ba:c2:b9:a6:
44:00:a6:db:50:59:fe:d7:b5:26:67:13:3b:e2:8c:c1:34:ee:
9b:39:2f:55:40:5a:1b:8a:32:20:f9:59:ba:c3:83:dc:e1:81:
a3:08:68:73:d1:0b:cd:2c:ad:a5:77:7b:43:37:2e:cd:22:7a:
0e:2a:e5:bf:c4:2c:ab:9e:e0:3c:ce:a9:db:14:b3:12:95:99:
e2:8a:97:38:2c:44:c9:c1:2c:68:8b:1f:8e:25:5e:14:ac:48:
ae:ce:86:0c:7a:4a:36:c4:17:68:48:a6:63:73:16:37:0b:aa:
0f:e6:75:cb:10:4a:c3:62:64:a6:6b:2e:7a:b9:39:3d:ce:53:
a9:33:3d:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpQRI0xoS4iKET1bn9ajpRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMwOTAxMTAyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhiOWUwN2QzMGFiNjViZmJlZGNmNjczYWYwNzU2NWJhOTQwMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nG9YO/phguzdC/e5wVrxw+q6P7Z
O3BifDFSr/qtkmz43vczfElrK7SGqw7ws28z0b08x76MjClWqfXA2UKhYTmPnywN
hI6cts8Dgie9Q/iSKEpfWhbG5QvFy1JHFlTbHeu/dHXa0z7ZXSa06D/96YqHvzP2
cOyQrRzS19CtoixtJ0srv1N4d26rLoiZeQ8mo4146zyvJTElEzsVnp3AwrdGd1VI
+IsIbOGJtB8nQwqOmJ6I5h99UKACSuYMcU3mlcIXtg3PSRjILHrmzsNJwa6+mATx
N8rY0uAnCS6fkLnsQ9ZHD+FzRO8eH/kfggQnnjKsRScl5Cjjdq6LbAmRTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDSLngfTCrZb++3PZzrwdWW6lAJNMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvTkl1ZUI5TUt0bHY3N2M5bk92QjFaYnFVQWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFH4IAAwQD
PnpYAwQDXZ2gAwQDstRQMA0GCSqGSIb3DQEBCwUAA4IBAQCkfyRcsuduukyW9rNl
BxVKXnIzEGAra0hNJ/tj9HjsLfkb8rnIiK7dhbtL4DT5IWILlqUqELKAzAqcqGRf
4d+Oq4lhS7gVuZoHZ6zDpUdhizE2/afzWq24dV2cdgO0nIVgTBne8hkVKug97Qg/
gfIYkaFqvecz8fHL37rCuaZEAKbbUFn+17UmZxM74ozBNO6bOS9VQFobijIg+Vm6
w4Pc4YGjCGhz0QvNLK2ld3tDNy7NInoOKuW/xCyrnuA8zqnbFLMSlZniipc4LETJ
wSxoix+OJV4UrEiuzoYMeko2xBdoSKZjcxY3C6oP5nXLEErDYmSmay56uTk9zlOp
Mz30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:21 2024 by rpki-client on console-fra.rpki-client.org