Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nkyzWcXr4NLAFqNCM-rGPPNkD1Q.roa
File: nkyzWcXr4NLAFqNCM-rGPPNkD1Q.roa (raw, json)
Hash identifier: 7fTTHS7hB46JH8L+4rhbyy61ywxD7QRj2He6/smVTok=
Subject key identifier: 9E:4C:B3:59:C5:EB:E0:D2:C0:16:A3:42:33:EA:C6:3C:F3:64:0F:54
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DBBF0254C0314BAE94D37F385BC57373B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nkyzWcXr4NLAFqNCM-rGPPNkD1Q.roa
Signing time: Sun 18 Feb 2024 11:18:14 +0000
ROA not before: Sun 18 Feb 2024 11:18:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 185.199.54.0/24 maxlen: 24
193.58.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:22:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:f0:25:4c:03:14:ba:e9:4d:37:f3:85:bc:57:37:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 18 11:18:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e4cb359c5ebe0d2c016a34233eac63cf3640f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:a6:22:8a:b2:a4:c0:7e:68:2a:fc:3a:ea:
e3:6a:43:94:74:6b:27:13:94:ab:d9:5e:43:43:40:
b1:12:e2:77:94:92:b7:48:fc:f2:6a:2d:5b:4d:4a:
66:73:84:fb:76:b6:bd:d1:eb:c1:a9:c0:6a:b3:c8:
b1:90:1b:16:2c:75:f7:7e:e2:e7:6a:f2:06:5c:93:
30:e7:0d:c0:9b:30:62:76:24:9b:a0:d1:37:3c:1c:
52:8e:6f:da:5f:9d:5f:7a:0d:a2:d5:e6:d0:17:74:
0c:0c:e1:a8:ba:26:44:76:06:55:e3:3a:4b:88:dd:
4f:e5:d6:26:46:81:48:43:ad:48:a5:7f:cb:fd:ba:
23:9e:b3:2e:cb:5d:48:18:0b:3b:bb:7c:d1:90:8b:
99:37:37:4c:bb:be:b7:6f:c0:5b:75:5e:d9:c1:ad:
3d:f3:cf:91:e6:47:41:11:27:c2:d8:96:82:aa:3b:
a9:96:f0:c9:ca:60:4d:e4:d6:29:0a:65:87:9d:b0:
84:06:0f:f4:82:84:12:5f:90:8c:9f:f3:a3:a0:86:
1c:a4:8a:46:82:65:fd:61:d8:72:55:49:d0:1a:d1:
dd:9b:ad:ac:b4:ea:7c:2e:39:fb:23:73:70:22:5a:
b0:03:3b:27:53:03:18:46:94:31:46:7e:74:98:bc:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4C:B3:59:C5:EB:E0:D2:C0:16:A3:42:33:EA:C6:3C:F3:64:0F:54
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nkyzWcXr4NLAFqNCM-rGPPNkD1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.54.0/24
193.58.147.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:5b:40:93:0b:4d:ed:06:92:5f:37:51:83:91:a2:b6:31:1c:
43:17:63:66:82:eb:5b:e6:5a:61:8a:43:68:1c:30:30:d2:7d:
d2:62:69:c1:38:f7:57:8d:51:5e:c3:aa:90:61:0f:a0:e1:9d:
d0:21:bb:47:cf:be:9d:f3:93:2e:bd:71:48:98:9f:c8:e5:c0:
69:4d:51:55:54:80:94:bb:57:9f:7f:9e:b1:4a:4a:1b:1a:d3:
d1:18:a4:3a:59:2c:90:46:47:ca:a8:8b:e9:c8:95:bd:25:c7:
62:9f:80:db:36:f2:09:fc:5a:21:1c:23:13:23:4e:24:d5:4a:
0c:85:12:9d:19:6a:5e:73:63:13:98:4c:a6:ca:49:d4:af:8a:
33:81:e2:62:be:38:7d:66:60:05:0b:ef:c4:b0:10:9a:93:cb:
38:d4:fa:6f:f2:3c:6a:54:70:c1:c9:2a:a0:26:25:dd:1d:c2:
d4:5b:32:7a:bd:2d:82:45:7c:da:9f:1e:56:d2:d0:08:59:60:
3e:04:a5:f9:8f:7b:3d:65:ac:6f:fc:4a:8a:a4:3f:46:8a:a8:
07:6c:44:f5:14:44:25:e1:67:ee:34:f3:d1:08:33:4a:a1:d5:
27:fa:f3:6d:20:f5:75:8d:ac:41:b6:7e:35:66:2d:e2:3e:39:
5b:03:2b:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY278CVMAxS66U0384W8Vzc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjE4MTExODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRjYjM1OWM1ZWJlMGQyYzAxNmEzNDIzM2VhYzYzY2YzNjQwZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdimIoqypMB+aCr8OurjakOUdGsn
E5Sr2V5DQ0CxEuJ3lJK3SPzyai1bTUpmc4T7dra90evBqcBqs8ixkBsWLHX3fuLn
avIGXJMw5w3AmzBidiSboNE3PBxSjm/aX51feg2i1ebQF3QMDOGouiZEdgZV4zpL
iN1P5dYmRoFIQ61IpX/L/bojnrMuy11IGAs7u3zRkIuZNzdMu763b8BbdV7Zwa09
88+R5kdBESfC2JaCqjuplvDJymBN5NYpCmWHnbCEBg/0goQSX5CMn/OjoIYcpIpG
gmX9YdhyVUnQGtHdm62stOp8Ljn7I3NwIlqwAzsnUwMYRpQxRn50mLxglwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5Ms1nF6+DSwBajQjPqxjzzZA9UMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbmt5eldjWHI0TkxBRnFOQ00tckdQUE5rRDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucc2AwQA
wTqTMA0GCSqGSIb3DQEBCwUAA4IBAQCxW0CTC03tBpJfN1GDkaK2MRxDF2Nmgutb
5lphikNoHDAw0n3SYmnBOPdXjVFew6qQYQ+g4Z3QIbtHz76d85MuvXFImJ/I5cBp
TVFVVICUu1eff56xSkobGtPRGKQ6WSyQRkfKqIvpyJW9Jcdin4DbNvIJ/FohHCMT
I04k1UoMhRKdGWpec2MTmEymyknUr4ozgeJivjh9ZmAFC+/EsBCak8s41Ppv8jxq
VHDBySqgJiXdHcLUWzJ6vS2CRXzanx5W0tAIWWA+BKX5j3s9Zaxv/EqKpD9GiqgH
bET1FEQl4WfuNPPRCDNKodUn+vNtIPV1jaxBtn41Zi3iPjlbAytZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org