Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nksV0eTQuEYhg6wsDhZMO_oaVnc.roa
File: nksV0eTQuEYhg6wsDhZMO_oaVnc.roa (raw, json)
Hash identifier: 5EDu7E/BvcU0DNVcJxk1wxMweGxdtVbk1QOr6C4tKEE=
Subject key identifier: 9E:4B:15:D1:E4:D0:B8:46:21:83:AC:2C:0E:16:4C:3B:FA:1A:56:77
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 01856C6F20B9FEF3FA7DBEE1CABFBFF5B1E2
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nksV0eTQuEYhg6wsDhZMO_oaVnc.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207083
IP address blocks: 193.142.146.0/24 maxlen: 24
193.142.59.0/24 maxlen: 24
2a0f:ca80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:20:b9:fe:f3:fa:7d:be:e1:ca:bf:bf:f5:b1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e4b15d1e4d0b8462183ac2c0e164c3bfa1a5677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c6:b3:43:33:22:8d:cb:66:25:41:dd:15:bb:
96:71:c8:c9:ec:c2:af:ce:81:86:80:e4:61:4e:b3:
0b:15:77:67:62:2a:4a:13:a6:dc:d3:b9:22:39:e7:
2c:08:ba:3c:f9:bc:f3:72:05:17:20:30:eb:c8:28:
ee:e3:bf:6f:e0:fd:4a:d5:83:37:44:f1:6e:ff:54:
a2:e9:b8:02:2f:e8:1d:3f:e7:d3:46:33:76:06:05:
0c:8e:7a:dc:5d:ef:3c:8f:e8:48:85:44:5c:62:ce:
2e:99:ac:b1:52:f2:b0:13:cd:66:e6:a0:1d:29:a8:
65:5a:13:94:de:44:32:a8:b8:d6:1f:99:1d:d1:f3:
1d:1a:3f:15:82:4b:db:e5:03:a8:74:51:36:23:18:
ce:8f:18:5f:be:9a:94:f0:a1:ac:16:db:31:91:3d:
af:07:0e:d2:db:ce:c0:66:f1:67:8d:30:7e:3f:2f:
8d:a0:06:38:c9:f5:b9:43:b3:4f:45:2a:dd:17:6e:
f5:51:86:0d:31:d0:03:75:3a:2c:9e:bc:b9:ec:b7:
8f:3c:68:7c:65:e2:83:08:93:84:00:f4:a4:cf:8f:
0f:41:63:9b:a4:68:20:10:19:f5:fa:3f:01:a9:eb:
31:26:37:53:e3:ea:62:86:c9:6f:08:20:24:2f:6f:
dc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4B:15:D1:E4:D0:B8:46:21:83:AC:2C:0E:16:4C:3B:FA:1A:56:77
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nksV0eTQuEYhg6wsDhZMO_oaVnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.59.0/24
193.142.146.0/24
IPv6:
2a0f:ca80::/48
Signature Algorithm: sha256WithRSAEncryption
cc:8d:4f:b7:d4:72:d4:e5:6b:e1:fa:bf:f5:ef:0d:02:e8:fa:
a6:6d:fc:d2:83:14:a1:1e:09:2a:22:0c:b0:62:9f:07:3d:f5:
76:1b:be:42:c3:4a:d8:a1:9d:c1:da:e5:47:ce:df:df:19:01:
72:c1:eb:dd:c6:fe:eb:81:90:d4:42:36:53:5b:2d:89:08:81:
c9:5c:a7:9a:84:b1:52:16:35:19:6f:bb:cd:a1:b8:78:78:a7:
82:d8:25:28:d6:8e:a9:83:56:b2:26:24:23:41:8b:7c:4b:83:
74:e1:00:c7:16:5b:14:52:73:40:2c:a6:f7:e6:78:a0:7b:7e:
c5:a9:80:98:90:95:3a:d8:44:9c:c8:a6:79:39:b2:49:13:1a:
ee:a1:ae:68:e4:46:99:1e:a4:75:d3:08:23:ba:75:b4:74:c2:
fb:19:17:c8:8e:7d:0c:a6:c9:79:9a:23:18:05:e0:45:7a:c2:
fc:ac:d3:53:c3:33:a3:d4:33:0c:ab:23:ec:9f:ed:26:1b:e2:
0e:04:6f:7b:2f:26:89:5f:6b:ac:05:e1:7c:ee:65:5e:40:97:
cc:93:48:fd:19:32:25:fc:d5:86:30:7a:2e:69:a7:aa:21:2b:
78:82:6a:96:92:6e:e9:d2:07:5f:52:3b:d3:ec:2d:b6:ad:d8:
b5:e2:df:b7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsbyC5/vP6fb7hyr+/9bHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRiMTVkMWU0ZDBiODQ2MjE4M2FjMmMwZTE2NGMzYmZhMWE1Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sazQzMijctmJUHdFbuWccjJ7MKv
zoGGgORhTrMLFXdnYipKE6bc07kiOecsCLo8+bzzcgUXIDDryCju479v4P1K1YM3
RPFu/1Si6bgCL+gdP+fTRjN2BgUMjnrcXe88j+hIhURcYs4umayxUvKwE81m5qAd
KahlWhOU3kQyqLjWH5kd0fMdGj8Vgkvb5QOodFE2IxjOjxhfvpqU8KGsFtsxkT2v
Bw7S287AZvFnjTB+Py+NoAY4yfW5Q7NPRSrdF271UYYNMdADdTosnry57LePPGh8
ZeKDCJOEAPSkz48PQWObpGggEBn1+j8BqesxJjdT4+pihslvCCAkL2/clQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJ5LFdHk0LhGIYOsLA4WTDv6GlZ3MB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvbmtzVjBlVFF1RVloZzZ3c0RoWk1PX29hVm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwY47AwQA
wY6SMA8EAgACMAkDBwAqD8qAAAAwDQYJKoZIhvcNAQELBQADggEBAMyNT7fUctTl
a+H6v/XvDQLo+qZt/NKDFKEeCSoiDLBinwc99XYbvkLDStihncHa5UfO398ZAXLB
693G/uuBkNRCNlNbLYkIgclcp5qEsVIWNRlvu82huHh4p4LYJSjWjqmDVrImJCNB
i3xLg3ThAMcWWxRSc0AspvfmeKB7fsWpgJiQlTrYRJzIpnk5skkTGu6hrmjkRpke
pHXTCCO6dbR0wvsZF8iOfQymyXmaIxgF4EV6wvys01PDM6PUMwyrI+yf7SYb4g4E
b3svJolfa6wF4XzuZV5Al8yTSP0ZMiX81YYwei5pp6ohK3iCapaSbunSB19SO9Ps
Lbat2LXi37c=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:49 2024 by rpki-client on console-fra.rpki-client.org