Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Np2Yzvlf4gxpBWJ5OrQ-fP_ptKc.roa
File: Np2Yzvlf4gxpBWJ5OrQ-fP_ptKc.roa (raw, json)
Hash identifier: bRxdDXYBUcfjgijIcCPJy6KCdLcDeYr4qdqWYxIYzPU=
Subject key identifier: 36:9D:98:CE:F9:5F:E2:0C:69:05:62:79:3A:B4:3E:7C:FF:E9:B4:A7
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018570F0AA37D0241ED0E1FBF9A22FCB1AE3
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Np2Yzvlf4gxpBWJ5OrQ-fP_ptKc.roa
Signing time: Mon 02 Jan 2023 05:24:58 +0000
ROA not before: Mon 02 Jan 2023 05:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.37.196.0/22 maxlen: 24
45.67.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 10:21:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:aa:37:d0:24:1e:d0:e1:fb:f9:a2:2f:cb:1a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 05:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=369d98cef95fe20c690562793ab43e7cffe9b4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7b:45:6f:de:96:20:73:37:79:1b:9b:28:06:
75:e4:dc:5a:b5:99:b1:64:be:e5:b0:79:31:83:c2:
aa:b7:be:49:0e:00:b9:2f:bd:ef:a9:05:af:67:41:
ac:4c:65:7b:11:df:23:e3:f0:9d:86:0d:d6:d2:79:
81:6e:8a:ab:fc:d2:6a:dd:2b:a1:72:59:ef:ae:16:
87:ed:a8:6c:f4:3a:4c:71:2b:3e:2e:54:ad:15:1a:
f3:a8:6c:a8:f7:d6:dc:cd:88:3a:01:6a:18:6a:94:
f4:27:e8:bc:51:13:bd:d0:f6:68:b0:37:1f:b2:3f:
1d:6e:c9:77:dc:6d:35:8a:ea:e6:13:ec:37:31:8c:
0f:1e:ad:1a:58:a5:56:c5:cf:10:a5:43:45:41:48:
ac:79:27:28:07:3e:c3:ef:f4:49:43:b3:df:42:57:
4c:43:c2:7d:47:8a:7c:c5:b7:1e:bb:ec:d6:d7:44:
1e:e2:50:73:6c:df:5b:ea:f6:ab:a7:af:bf:a0:97:
c7:d4:23:8c:8e:ac:3e:c3:ef:67:d0:57:a6:56:61:
28:ba:98:ef:f9:bb:07:c6:be:28:db:ce:e5:e0:12:
8e:a3:8b:47:ae:bb:f9:ec:d3:cb:df:f0:ca:c3:5a:
71:47:b3:f0:6a:e1:24:66:31:5f:0b:68:c5:23:38:
5d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9D:98:CE:F9:5F:E2:0C:69:05:62:79:3A:B4:3E:7C:FF:E9:B4:A7
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Np2Yzvlf4gxpBWJ5OrQ-fP_ptKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.200.0/22
193.37.196.0/22
Signature Algorithm: sha256WithRSAEncryption
71:94:6a:86:91:a3:cf:9b:2f:5d:56:1c:82:c5:34:79:74:33:
71:c7:f2:64:0e:62:84:16:92:9d:48:df:e0:fa:a0:ce:ad:b6:
d3:1e:bb:a3:d7:da:ab:4a:e7:20:38:fe:7d:12:18:93:dd:79:
4c:d7:29:1f:b2:3b:9c:09:3d:9c:18:66:28:9e:96:32:ec:31:
72:22:22:6f:dc:d9:fc:cd:ad:30:49:22:11:10:86:68:42:30:
db:15:1b:69:f3:21:ee:e0:4f:0d:bd:5b:67:56:e9:10:a8:ab:
d6:f0:6b:3d:b8:ac:f7:fd:ae:e3:4e:94:f2:d6:a7:31:93:d9:
23:4e:7a:14:19:9c:30:f4:22:4e:86:e0:c8:0c:de:e3:94:77:
f6:35:d1:da:d9:c5:20:7a:1e:94:09:1d:c6:ae:7b:34:f4:e4:
ca:ee:1c:a5:1d:3f:97:f3:46:ea:1a:1a:a8:80:5b:b6:2d:a7:
6c:f1:ea:2d:fe:cd:5c:ac:74:f8:c1:0d:2f:e9:8d:4a:c7:85:
bd:f8:34:e3:63:fa:20:b4:a9:30:35:5c:2b:7e:e3:fc:92:2b:
e1:aa:7b:c9:2d:e6:f7:ed:69:30:51:ed:c8:c7:2f:27:e1:68:
2b:77:22:fe:95:63:e6:10:e5:77:7a:3c:a5:fe:02:27:27:99:
ca:fc:48:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8Ko30CQe0OH7+aIvyxrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjlkOThjZWY5NWZlMjBjNjkwNTYyNzkzYWI0M2U3Y2ZmZTliNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHtFb96WIHM3eRubKAZ15NxatZmx
ZL7lsHkxg8Kqt75JDgC5L73vqQWvZ0GsTGV7Ed8j4/Cdhg3W0nmBboqr/NJq3Suh
clnvrhaH7ahs9DpMcSs+LlStFRrzqGyo99bczYg6AWoYapT0J+i8URO90PZosDcf
sj8dbsl33G01iurmE+w3MYwPHq0aWKVWxc8QpUNFQUiseScoBz7D7/RJQ7PfQldM
Q8J9R4p8xbceu+zW10Qe4lBzbN9b6varp6+/oJfH1COMjqw+w+9n0FemVmEoupjv
+bsHxr4o287l4BKOo4tHrrv57NPL3/DKw1pxR7PwauEkZjFfC2jFIzhdlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDadmM75X+IMaQVieTq0Pnz/6bSnMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvTnAyWXp2bGY0Z3hwQldKNU9yUS1mUF9wdEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUPIAwQC
wSXEMA0GCSqGSIb3DQEBCwUAA4IBAQBxlGqGkaPPmy9dVhyCxTR5dDNxx/JkDmKE
FpKdSN/g+qDOrbbTHruj19qrSucgOP59EhiT3XlM1ykfsjucCT2cGGYonpYy7DFy
IiJv3Nn8za0wSSIREIZoQjDbFRtp8yHu4E8NvVtnVukQqKvW8Gs9uKz3/a7jTpTy
1qcxk9kjTnoUGZww9CJOhuDIDN7jlHf2NdHa2cUgeh6UCR3Grns09OTK7hylHT+X
80bqGhqogFu2Lads8eot/s1crHT4wQ0v6Y1Kx4W9+DTjY/ogtKkwNVwrfuP8kivh
qnvJLeb37WkwUe3Ixy8n4WgrdyL+lWPmEOV3ejyl/gInJ5nK/Egh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org