Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/nWeY2Lj8gwFgHEoTaDTNNW_X0ko.roa
File: nWeY2Lj8gwFgHEoTaDTNNW_X0ko.roa (raw, json)
Hash identifier: ChvM+Cn4H5TAsrod8WucSdjV4Pn2qCS3J6EW4Kb+5Vc=
Subject key identifier: 9D:67:98:D8:B8:FC:83:01:60:1C:4A:13:68:34:CD:35:6F:D7:D2:4A
Certificate issuer: /CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Certificate serial: 0187B3B11DCEAC54854527007D07DCEBF758
Authority key identifier: DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/nWeY2Lj8gwFgHEoTaDTNNW_X0ko.roa
Signing time: Mon 24 Apr 2023 14:35:41 +0000
ROA not before: Mon 24 Apr 2023 14:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205915
IP address blocks: 194.13.224.0/21 maxlen: 24
194.53.12.0/22 maxlen: 24
194.13.160.0/20 maxlen: 24
2001:67c:1134::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:b1:1d:ce:ac:54:85:45:27:00:7d:07:dc:eb:f7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Validity
Not Before: Apr 24 14:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6798d8b8fc8301601c4a136834cd356fd7d24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:c6:2a:90:ca:c0:4f:8a:c8:24:ad:08:80:
91:fd:b7:f0:7f:06:7b:c6:62:85:ac:af:d3:c3:60:
ba:b9:6d:07:b8:d2:1e:b9:0b:87:53:d1:2d:5c:34:
9d:ff:36:4a:b4:27:ff:4c:82:09:c9:c0:79:5a:03:
95:13:71:c9:05:35:a8:1b:10:1d:2f:34:eb:df:59:
2c:d1:f6:fd:97:a5:a9:62:9e:cd:1f:48:4f:59:f2:
c1:d4:12:ad:dc:bb:bf:3c:7c:59:8a:94:d3:ea:fa:
1d:34:d9:2b:64:a2:71:d1:f3:13:db:f4:8a:79:bc:
33:1e:0f:4b:37:50:8d:38:ee:7a:f1:d5:7a:9c:9f:
88:6c:6a:5d:c1:1b:aa:e8:89:01:fc:ab:10:02:07:
91:cc:9f:02:01:c5:0f:04:72:43:74:04:7e:bf:89:
42:dc:5a:19:71:19:6a:cc:fc:3f:08:5b:a9:dc:9f:
f2:f3:1f:a0:24:79:f6:71:40:36:49:1a:7e:13:6e:
13:2e:25:68:4a:30:fb:8e:ab:82:2d:cc:14:23:a4:
8e:eb:21:f2:ee:c0:e7:93:e7:33:1c:d0:4c:ed:de:
a0:c0:a0:20:42:58:61:e7:6a:43:36:dc:9e:52:03:
1a:9c:d7:25:60:2f:82:c6:f4:01:46:ff:39:c2:e3:
51:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:67:98:D8:B8:FC:83:01:60:1C:4A:13:68:34:CD:35:6F:D7:D2:4A
X509v3 Authority Key Identifier:
keyid:DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/nWeY2Lj8gwFgHEoTaDTNNW_X0ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/2_tvVg7FQqxmwwgCA8ZjNYc66O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.160.0/20
194.13.224.0/21
194.53.12.0/22
IPv6:
2001:67c:1134::/48
Signature Algorithm: sha256WithRSAEncryption
91:c1:63:4b:0d:15:fe:b7:47:8e:8d:87:30:0f:74:8f:07:cd:
93:30:90:81:64:ab:64:82:98:b0:02:4d:6d:4b:cd:8e:05:67:
f3:8c:b5:b0:e2:3c:a9:16:f4:77:c3:a3:09:98:86:0e:1b:e9:
9c:0c:6d:f8:c1:bc:d8:10:b0:4e:3a:8d:d4:4b:fc:11:5d:2b:
a9:22:77:84:b2:78:d6:22:86:fe:6f:7a:77:cb:2e:ad:0e:13:
e2:b0:7a:f0:20:60:b8:95:39:af:d2:c5:eb:ba:b6:ac:19:a4:
77:5e:a0:4d:38:af:18:c9:6a:34:46:e3:6d:89:20:e4:4d:7f:
48:d1:1b:5b:78:63:0c:b2:11:39:d9:e7:d5:fb:10:99:20:c8:
a5:3e:86:fb:dc:ff:80:f9:02:69:13:cb:c5:69:09:2b:17:42:
d9:b1:4f:7d:87:ae:5c:ea:09:2a:1e:e0:d4:64:ea:f4:dd:0a:
1a:7d:d2:19:c0:ee:05:03:50:d2:52:a6:e2:c3:77:2d:e7:9e:
57:2c:b0:4f:98:d8:5d:84:55:43:c1:96:b3:78:5c:23:f0:7a:
e5:38:cd:99:e8:75:54:59:b2:55:98:f0:5f:3c:a2:12:d6:fc:
f4:79:0e:87:07:10:b8:2c:bb:0d:43:7d:3c:1c:40:c4:d6:8f:
b1:f0:32:c3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYezsR3OrFSFRScAfQfc6/dYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmI2ZjU2MGVjNTQyYWM2NmMzMDgwMjAzYzY2MzM1ODcz
YWU4ZWUwHhcNMjMwNDI0MTQzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY3OThkOGI4ZmM4MzAxNjAxYzRhMTM2ODM0Y2QzNTZmZDdkMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2PGKpDKwE+KyCStCICR/bfwfwZ7
xmKFrK/Tw2C6uW0HuNIeuQuHU9EtXDSd/zZKtCf/TIIJycB5WgOVE3HJBTWoGxAd
LzTr31ks0fb9l6WpYp7NH0hPWfLB1BKt3Lu/PHxZipTT6vodNNkrZKJx0fMT2/SK
ebwzHg9LN1CNOO568dV6nJ+IbGpdwRuq6IkB/KsQAgeRzJ8CAcUPBHJDdAR+v4lC
3FoZcRlqzPw/CFup3J/y8x+gJHn2cUA2SRp+E24TLiVoSjD7jquCLcwUI6SO6yHy
7sDnk+czHNBM7d6gwKAgQlhh52pDNtyeUgManNclYC+CxvQBRv85wuNR0QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ1nmNi4/IMBYBxKE2g0zTVv19JKMB8GA1UdIwQY
MBaAFNv7b1YOxUKsZsMIAgPGYzWHOujuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAt
YjI1MDg1MDUxYWI4LzEvbldlWTJMajhnd0ZnSEVvVGFEVE5OV19YMGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAtYjI1MDg1MDUxYWI4
LzEvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEwg2gAwQD
wg3gAwQCwjUMMA8EAgACMAkDBwAgAQZ8ETQwDQYJKoZIhvcNAQELBQADggEBAJHB
Y0sNFf63R46NhzAPdI8HzZMwkIFkq2SCmLACTW1LzY4FZ/OMtbDiPKkW9HfDowmY
hg4b6ZwMbfjBvNgQsE46jdRL/BFdK6kid4SyeNYihv5venfLLq0OE+KwevAgYLiV
Oa/Sxeu6tqwZpHdeoE04rxjJajRG422JIORNf0jRG1t4YwyyETnZ59X7EJkgyKU+
hvvc/4D5AmkTy8VpCSsXQtmxT32HrlzqCSoe4NRk6vTdChp90hnA7gUDUNJSpuLD
dy3nnlcssE+Y2F2EVUPBlrN4XCPweuU4zZnodVRZslWY8F88ohLW/PR5DocHELgs
uw1DfTwcQMTWj7HwMsM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:32 2024 by rpki-client on console-fra.rpki-client.org