Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/nm79SAIvqJFtIqWfMERvSVMAndk.roa
File: nm79SAIvqJFtIqWfMERvSVMAndk.roa (raw, json)
Hash identifier: jIv13DZDHiv4qRQXa84R0MlHU1pKmrsvp4FY8RAd+sI=
Subject key identifier: 9E:6E:FD:48:02:2F:A8:91:6D:22:A5:9F:30:44:6F:49:53:00:9D:D9
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018CA0569673174FE91E7B1662A12E2C89A4
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/nm79SAIvqJFtIqWfMERvSVMAndk.roa
Signing time: Mon 25 Dec 2023 09:37:58 +0000
ROA not before: Mon 25 Dec 2023 09:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197695
IP address blocks: 89.104.64.0/21 maxlen: 24
79.174.80.0/21 maxlen: 24
79.174.88.0/21 maxlen: 24
89.111.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:56:96:73:17:4f:e9:1e:7b:16:62:a1:2e:2c:89:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Dec 25 09:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6efd48022fa8916d22a59f30446f4953009dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a0:81:ec:8e:72:33:e0:63:e8:99:91:bc:27:
87:e6:fe:85:43:ab:87:83:80:b1:f9:cc:8c:14:82:
ec:df:08:79:a3:66:ff:be:20:ba:98:fd:34:f5:bc:
c8:1b:34:17:e5:47:4e:2a:67:69:92:17:61:2b:c8:
b8:a9:dc:7f:89:89:04:0c:9b:53:0c:4a:a5:52:39:
d6:60:57:d4:0e:67:a5:7a:76:6a:30:a3:29:07:bd:
c8:47:4c:c0:72:f7:18:67:05:11:1b:65:30:e6:b0:
eb:a8:a7:48:ba:62:b7:38:46:c1:6d:b0:29:50:2c:
b5:92:9d:55:de:a7:a3:ee:37:1d:c0:49:89:d0:20:
40:58:e8:ea:d9:fb:4b:79:ac:7e:1e:9a:e3:9e:06:
3b:1a:59:a6:13:12:3d:3c:c8:49:97:44:72:99:02:
fd:be:2c:56:06:88:31:6e:70:77:4b:c4:a8:41:14:
47:44:c5:bf:47:5c:5c:c7:18:9d:f2:f7:09:e3:b5:
59:ac:eb:a6:05:a9:42:00:f8:24:6e:3e:02:aa:06:
1c:d4:16:0b:95:c9:8d:52:e5:fd:cf:f2:4c:5d:c0:
83:ca:c6:8c:6c:07:5e:e5:f3:a0:29:eb:df:ea:dc:
71:43:37:62:cb:a1:fe:c4:55:6b:dd:60:18:b4:15:
93:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6E:FD:48:02:2F:A8:91:6D:22:A5:9F:30:44:6F:49:53:00:9D:D9
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/nm79SAIvqJFtIqWfMERvSVMAndk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.80.0/20
89.104.64.0/21
89.111.168.0/21
Signature Algorithm: sha256WithRSAEncryption
59:39:30:19:51:f0:07:c2:20:7f:ef:4b:d8:a9:4a:b8:b8:f8:
e1:fb:d1:bc:d7:a3:db:26:06:f5:33:3d:ab:5c:90:46:7e:da:
10:7f:60:76:c3:9d:59:65:09:64:3b:67:4a:6e:ee:31:8b:79:
7a:74:b3:97:05:8f:6e:32:3f:e2:db:01:2d:07:94:e0:d2:e7:
ae:6c:6e:c5:a5:73:f2:7e:f2:3c:56:2d:8d:bd:b0:1b:97:d9:
0a:51:55:0d:bc:fe:95:da:fc:25:03:b3:f4:50:d1:6d:e9:e6:
0c:d4:f4:e5:71:b8:91:a2:fe:09:5f:cf:34:08:30:7d:0f:10:
49:68:dc:01:53:79:a3:03:21:5b:22:4e:7c:1e:ca:e3:83:9b:
d4:f2:1b:9e:b8:ea:d6:5f:f0:63:48:a0:01:72:9f:2e:d6:d9:
e6:f3:7f:0f:3c:a5:66:06:48:ec:83:31:90:af:ba:73:0e:1c:
4f:a0:4b:0b:43:89:ce:66:37:ee:0b:44:86:18:a9:b9:26:4e:
1f:f8:1f:ed:e4:13:19:ec:b5:ca:f5:dd:40:02:1f:e5:f8:b9:
c0:97:cc:d5:be:c4:c2:0d:04:dc:ae:8b:05:91:e5:4b:3f:3f:
66:b6:5b:09:f3:fe:8f:d9:d5:0f:ec:7c:a8:50:42:12:33:50:
b0:ec:11:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYygVpZzF0/pHnsWYqEuLImkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjMxMjI1MDkzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZlZmQ0ODAyMmZhODkxNmQyMmE1OWYzMDQ0NmY0OTUzMDA5ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqCB7I5yM+Bj6JmRvCeH5v6FQ6uH
g4Cx+cyMFILs3wh5o2b/viC6mP009bzIGzQX5UdOKmdpkhdhK8i4qdx/iYkEDJtT
DEqlUjnWYFfUDmelenZqMKMpB73IR0zAcvcYZwURG2Uw5rDrqKdIumK3OEbBbbAp
UCy1kp1V3qej7jcdwEmJ0CBAWOjq2ftLeax+HprjngY7GlmmExI9PMhJl0RymQL9
vixWBogxbnB3S8SoQRRHRMW/R1xcxxid8vcJ47VZrOumBalCAPgkbj4CqgYc1BYL
lcmNUuX9z/JMXcCDysaMbAde5fOgKevf6txxQzdiy6H+xFVr3WAYtBWTrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ5u/UgCL6iRbSKlnzBEb0lTAJ3ZMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvbm03OVNBSXZxSkZ0SXFXZk1FUnZTVk1BbmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQET65QAwQD
WWhAAwQDWW+oMA0GCSqGSIb3DQEBCwUAA4IBAQBZOTAZUfAHwiB/70vYqUq4uPjh
+9G816PbJgb1Mz2rXJBGftoQf2B2w51ZZQlkO2dKbu4xi3l6dLOXBY9uMj/i2wEt
B5Tg0ueubG7FpXPyfvI8Vi2NvbAbl9kKUVUNvP6V2vwlA7P0UNFt6eYM1PTlcbiR
ov4JX880CDB9DxBJaNwBU3mjAyFbIk58Hsrjg5vU8hueuOrWX/BjSKABcp8u1tnm
838PPKVmBkjsgzGQr7pzDhxPoEsLQ4nOZjfuC0SGGKm5Jk4f+B/t5BMZ7LXK9d1A
Ah/l+LnAl8zVvsTCDQTcrosFkeVLPz9mtlsJ8/6P2dUP7HyoUEISM1Cw7BGh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:13 2024 by rpki-client on console-ams.rpki-client.org