Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nP9YAEIc_BTm-FT5x6KtjaCCPYg.roa
File: nP9YAEIc_BTm-FT5x6KtjaCCPYg.roa (raw, json)
Hash identifier: IFVP4ZVitstpalw1SF1k7uyvbyrHEahPIwXcZWMktZA=
Subject key identifier: 9C:FF:58:00:42:1C:FC:14:E6:F8:54:F9:C7:A2:AD:8D:A0:82:3D:88
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 018E625D99AD5D89C5CEA8A3C943C7F60D7B
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nP9YAEIc_BTm-FT5x6KtjaCCPYg.roa
Signing time: Thu 21 Mar 2024 18:54:45 +0000
ROA not before: Thu 21 Mar 2024 18:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34766
IP address blocks: 194.59.216.0/22 maxlen: 24
194.99.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 05:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:5d:99:ad:5d:89:c5:ce:a8:a3:c9:43:c7:f6:0d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Mar 21 18:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cff5800421cfc14e6f854f9c7a2ad8da0823d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:46:25:10:b9:1e:49:94:79:68:64:ee:11:42:
34:45:e3:e1:2f:4b:13:02:d0:39:a6:dd:1d:2d:c4:
31:3a:36:54:de:51:21:54:e9:30:83:65:02:9f:ea:
f9:18:d2:20:f5:84:d0:8d:ac:47:fc:ae:4c:e4:01:
57:88:61:d7:e8:ff:be:5c:a5:bf:77:31:8a:84:5a:
6b:18:74:31:c6:fd:ef:7f:70:0b:ed:0c:32:11:e6:
a0:d4:d8:96:b3:a1:3a:ed:21:08:7a:f3:5d:ce:53:
c2:19:9b:b1:fc:d7:33:1c:08:7e:74:a6:a3:df:41:
cf:c0:ab:a0:06:6e:a9:ea:99:15:64:98:0e:3b:45:
3d:98:ca:28:b7:69:d8:67:fc:58:ad:9c:07:51:df:
b5:44:dc:fc:d5:25:8e:50:9b:63:51:5e:ed:b9:5a:
f0:b5:c1:c9:be:47:d6:0e:b0:cd:26:14:da:3d:05:
93:26:25:db:61:67:9a:8a:c9:a3:cc:ea:97:cf:5f:
de:49:7c:f2:81:68:28:fd:66:0d:b5:79:5e:6f:db:
5e:d0:2f:db:d2:56:65:34:88:ec:37:06:23:6e:80:
89:1b:1f:57:bf:1e:13:23:3d:32:61:f0:42:17:e2:
a0:3f:e1:e9:e2:d2:af:02:15:4e:bc:45:4c:fa:a0:
1d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FF:58:00:42:1C:FC:14:E6:F8:54:F9:C7:A2:AD:8D:A0:82:3D:88
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nP9YAEIc_BTm-FT5x6KtjaCCPYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.216.0/22
194.99.44.0/22
Signature Algorithm: sha256WithRSAEncryption
20:3c:a7:d5:56:1c:fa:10:15:9c:4b:f3:2b:7e:a3:4c:35:39:
5f:bc:02:99:a9:f9:12:e1:02:32:45:c3:39:e4:9f:32:9b:12:
6c:5d:1f:8f:14:8a:12:57:ea:b7:40:83:64:f5:ca:b4:0a:21:
db:c4:29:44:f9:f8:ca:a9:1e:15:c7:56:11:7d:a1:4e:fb:b0:
e9:c8:38:eb:e7:ab:00:d9:e7:da:8e:6d:cc:cb:fd:63:49:d5:
51:54:65:02:98:04:42:4b:92:20:76:f0:b2:63:c8:8b:82:8b:
97:10:e5:62:d3:72:7a:12:6e:c4:1d:81:d6:ce:41:42:39:58:
2b:99:f7:af:f4:c6:a8:dd:ac:49:63:7d:bc:33:ee:dc:8a:60:
dc:a5:62:92:43:94:82:b7:96:d0:2b:9b:35:bc:8c:c2:c7:59:
93:ee:59:02:7a:5f:a2:7e:ab:a2:be:67:7e:28:af:2f:23:fb:
c6:91:c4:37:be:ed:5c:58:00:bb:1a:d1:91:2f:f6:58:bd:72:
3a:ba:98:36:b7:28:7b:c4:26:d1:2d:f9:a7:dd:34:61:a7:ea:
4b:16:fc:99:dc:32:d5:d7:1b:de:e8:db:83:8e:4f:a2:6a:6c:
a7:b5:1c:32:21:fa:f2:13:96:fe:42:08:f6:b6:32:b4:46:a1:
8e:08:b0:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5iXZmtXYnFzqijyUPH9g17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjQwMzIxMTg1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZmNTgwMDQyMWNmYzE0ZTZmODU0ZjljN2EyYWQ4ZGEwODIzZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkYlELkeSZR5aGTuEUI0RePhL0sT
AtA5pt0dLcQxOjZU3lEhVOkwg2UCn+r5GNIg9YTQjaxH/K5M5AFXiGHX6P++XKW/
dzGKhFprGHQxxv3vf3AL7QwyEeag1NiWs6E67SEIevNdzlPCGZux/NczHAh+dKaj
30HPwKugBm6p6pkVZJgOO0U9mMoot2nYZ/xYrZwHUd+1RNz81SWOUJtjUV7tuVrw
tcHJvkfWDrDNJhTaPQWTJiXbYWeaismjzOqXz1/eSXzygWgo/WYNtXleb9te0C/b
0lZlNIjsNwYjboCJGx9Xvx4TIz0yYfBCF+KgP+Hp4tKvAhVOvEVM+qAd3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJz/WABCHPwU5vhU+ceirY2ggj2IMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvblA5WUFFSWNfQlRtLUZUNXg2S3RqYUNDUFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwjvYAwQC
wmMsMA0GCSqGSIb3DQEBCwUAA4IBAQAgPKfVVhz6EBWcS/MrfqNMNTlfvAKZqfkS
4QIyRcM55J8ymxJsXR+PFIoSV+q3QINk9cq0CiHbxClE+fjKqR4Vx1YRfaFO+7Dp
yDjr56sA2efajm3My/1jSdVRVGUCmARCS5IgdvCyY8iLgouXEOVi03J6Em7EHYHW
zkFCOVgrmfev9Mao3axJY328M+7cimDcpWKSQ5SCt5bQK5s1vIzCx1mT7lkCel+i
fquivmd+KK8vI/vGkcQ3vu1cWAC7GtGRL/ZYvXI6upg2tyh7xCbRLfmn3TRhp+pL
FvyZ3DLV1xve6NuDjk+iamyntRwyIfryE5b+Qgj2tjK0RqGOCLCV
-----END CERTIFICATE-----
Generated at Thu Apr 18 06:42:59 2024 by rpki-client on console-ams.rpki-client.org