Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/NDC27zRhDJ7dPCaOggRDU_ZHUsk.roa
File: NDC27zRhDJ7dPCaOggRDU_ZHUsk.roa (raw, json)
Hash identifier: 2X/VjUOy2vipiMNZlTVIVk5PBELcwIouXF/oA+fW8qw=
Subject key identifier: 34:30:B6:EF:34:61:0C:9E:DD:3C:26:8E:82:04:43:53:F6:47:52:C9
Certificate issuer: /CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Certificate serial: 01856D385D1FF92845F73F38590ACCF93291
Authority key identifier: 85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/NDC27zRhDJ7dPCaOggRDU_ZHUsk.roa
Signing time: Sun 01 Jan 2023 12:04:48 +0000
ROA not before: Sun 01 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 193.160.9.0/24 maxlen: 24
91.229.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5d:1f:f9:28:45:f7:3f:38:59:0a:cc:f9:32:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Validity
Not Before: Jan 1 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3430b6ef34610c9edd3c268e82044353f64752c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:a8:d5:91:ba:b0:69:44:62:eb:2e:ef:68:
5d:75:2e:9a:99:52:c5:80:07:35:02:07:be:28:6f:
d4:d7:28:2a:66:22:04:c9:da:ef:ee:a7:75:cc:0d:
2e:a4:be:af:70:b5:d5:29:43:fb:27:ee:c5:5d:ec:
48:1a:bf:85:ec:2c:a1:09:7c:fe:a4:c9:2b:6f:b8:
cc:91:2e:72:c6:58:b7:42:7a:6a:8c:83:b7:0a:62:
e5:1c:47:2c:46:ad:f6:d9:45:0a:bd:42:da:3e:49:
e0:f9:f6:95:48:9c:5b:78:5e:0d:ae:78:84:c5:c0:
45:fd:af:6e:f2:f5:18:c5:6c:09:37:77:36:69:37:
f6:12:05:e1:39:22:75:9f:17:c6:de:e5:07:7d:df:
d5:63:a9:f5:bc:4b:11:31:af:d6:a1:41:4e:f3:aa:
e3:cf:8b:15:18:da:b3:e1:f7:43:fb:24:65:f7:78:
e6:f3:24:a0:a3:25:82:e3:35:f2:3a:56:93:b4:9f:
75:d8:d7:6d:b5:17:47:7d:d2:1e:12:58:5e:1d:41:
8a:f8:11:87:83:bd:07:8e:2b:be:42:43:e1:93:0a:
80:4b:ca:77:77:db:10:22:e1:91:b1:94:de:70:ab:
99:51:db:49:06:bb:d6:3a:4a:6a:86:17:be:d1:91:
33:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:30:B6:EF:34:61:0C:9E:DD:3C:26:8E:82:04:43:53:F6:47:52:C9
X509v3 Authority Key Identifier:
keyid:85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/NDC27zRhDJ7dPCaOggRDU_ZHUsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.21.0/24
193.160.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:55:c3:0e:a6:56:e3:c7:b9:a8:66:93:d7:a3:1d:32:b8:af:
24:f3:ed:af:7b:89:6b:b0:47:b6:51:db:f5:c9:92:46:78:82:
29:22:88:b5:07:ad:bc:fb:04:85:33:36:89:bd:48:51:4f:a2:
67:76:ac:f4:bc:6d:9e:24:f7:42:89:24:1a:fa:8e:8f:6c:f5:
19:a2:53:87:1c:0c:a6:87:16:f7:ce:d7:3a:81:58:21:25:48:
2a:73:0d:10:d3:f8:34:88:ca:b7:12:17:a8:5f:cb:28:23:b5:
fe:79:58:f2:a3:2a:fe:80:f9:99:5b:1c:99:8d:15:52:8d:a8:
a5:20:95:68:43:87:96:db:fd:5b:e0:e8:34:f2:d9:8b:f5:ec:
d3:6c:ba:2d:23:84:3e:b4:9c:fa:31:bf:29:f9:40:0c:e2:7d:
c5:09:a6:18:78:8d:2c:ea:23:ff:33:b7:27:eb:32:fd:be:54:
09:95:89:77:5d:89:dc:3a:d8:ea:e7:12:c6:1e:87:3c:d0:86:
7d:3a:05:a9:e9:89:28:a5:71:15:60:bd:8b:79:cf:01:f4:a1:
c4:d2:b0:0f:d3:0a:d7:63:01:92:cb:90:cf:51:57:fd:90:b6:
ee:ed:aa:f9:80:98:31:14:28:0d:fa:67:ec:61:79:1b:4a:e3:
cc:73:51:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtOF0f+ShF9z84WQrM+TKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDRlYmY5ZGIxNzEwYTQ3YmFlNDUwOGNkYWY4MTMxZTE2
NzRhNTQwHhcNMjMwMTAxMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDMwYjZlZjM0NjEwYzllZGQzYzI2OGU4MjA0NDM1M2Y2NDc1MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIqo1ZG6sGlEYusu72hddS6amVLF
gAc1Age+KG/U1ygqZiIEydrv7qd1zA0upL6vcLXVKUP7J+7FXexIGr+F7CyhCXz+
pMkrb7jMkS5yxli3QnpqjIO3CmLlHEcsRq322UUKvULaPkng+faVSJxbeF4NrniE
xcBF/a9u8vUYxWwJN3c2aTf2EgXhOSJ1nxfG3uUHfd/VY6n1vEsRMa/WoUFO86rj
z4sVGNqz4fdD+yRl93jm8ySgoyWC4zXyOlaTtJ912NdttRdHfdIeElheHUGK+BGH
g70Hjiu+QkPhkwqAS8p3d9sQIuGRsZTecKuZUdtJBrvWOkpqhhe+0ZEzfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQwtu80YQye3TwmjoIEQ1P2R1LJMB8GA1UdIwQY
MBaAFIUE6/nbFxCke65FCM2vgTHhZ0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgt
YTliMWRmNDRjZTJmLzEvTkRDMjd6UmhESjdkUENhT2dnUkRVX1pIVXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgtYTliMWRmNDRjZTJm
LzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+UVAwQA
waAJMA0GCSqGSIb3DQEBCwUAA4IBAQBMVcMOplbjx7moZpPXox0yuK8k8+2ve4lr
sEe2Udv1yZJGeIIpIoi1B628+wSFMzaJvUhRT6Jndqz0vG2eJPdCiSQa+o6PbPUZ
olOHHAymhxb3ztc6gVghJUgqcw0Q0/g0iMq3EheoX8soI7X+eVjyoyr+gPmZWxyZ
jRVSjailIJVoQ4eW2/1b4Og08tmL9ezTbLotI4Q+tJz6Mb8p+UAM4n3FCaYYeI0s
6iP/M7cn6zL9vlQJlYl3XYncOtjq5xLGHoc80IZ9OgWp6YkopXEVYL2Lec8B9KHE
0rAP0wrXYwGSy5DPUVf9kLbu7ar5gJgxFCgN+mfsYXkbSuPMc1Gm
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:45 2024 by rpki-client on console-fra.rpki-client.org