Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/nniRqhDMuGrrJsEh5SEU0orfRNo.roa
File: nniRqhDMuGrrJsEh5SEU0orfRNo.roa (raw, json)
Hash identifier: ruh6+AtTLNrO6nRz/XUGzrw9/rJFVIKnMiShtvGzdSg=
Subject key identifier: 9E:78:91:AA:10:CC:B8:6A:EB:26:C1:21:E5:21:14:D2:8A:DF:44:DA
Certificate issuer: /CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
Certificate serial: 018572CCD518A351CA1970063F263471027C
Authority key identifier: 1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/nniRqhDMuGrrJsEh5SEU0orfRNo.roa
Signing time: Mon 02 Jan 2023 14:05:04 +0000
ROA not before: Mon 02 Jan 2023 14:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209014
IP address blocks: 185.128.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:d5:18:a3:51:ca:19:70:06:3f:26:34:71:02:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
Validity
Not Before: Jan 2 14:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7891aa10ccb86aeb26c121e52114d28adf44da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:2c:c9:d5:85:e8:ec:48:cd:8d:2a:11:b3:
04:d4:0d:d0:1a:74:cf:fa:cc:f8:d0:7b:fe:7b:e9:
55:32:8b:5c:bf:85:73:b5:aa:1f:a3:a0:a1:53:d9:
17:12:40:fc:9a:de:f9:dc:ba:3a:7b:9d:5f:ca:f7:
f6:d3:fc:e6:81:51:a2:c5:ad:28:ff:58:0c:18:e6:
5c:e3:24:1c:a6:2c:fb:29:7a:c3:64:6d:58:2b:92:
bc:cf:38:4d:e6:a1:50:60:e1:b8:49:b0:e9:d7:8b:
1c:8b:90:a0:d2:03:cc:05:b6:40:5f:b2:bb:79:ec:
2e:91:fb:35:30:03:59:04:56:db:2a:47:03:41:c3:
64:7c:fb:c5:d2:6e:ea:99:96:f7:82:6e:88:c9:dd:
76:ed:86:41:bd:80:f2:57:2b:aa:f7:92:e3:d6:b4:
75:52:52:21:46:1c:b5:88:10:85:4a:25:c7:f3:4b:
a5:39:5d:b5:6a:5e:d8:a0:b2:ae:0a:01:d6:b6:3b:
a0:37:3f:7a:9b:dc:08:cb:c7:90:1b:45:76:f8:34:
86:8a:2c:3d:86:36:00:fe:35:4b:2a:ec:ab:6e:3a:
5c:af:12:0f:b3:c6:2a:a0:4c:ec:e0:09:70:6c:01:
2d:a8:86:dc:ab:6e:24:3d:e3:22:bb:79:28:0e:52:
25:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:78:91:AA:10:CC:B8:6A:EB:26:C1:21:E5:21:14:D2:8A:DF:44:DA
X509v3 Authority Key Identifier:
keyid:1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/nniRqhDMuGrrJsEh5SEU0orfRNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/GvFqPPgRZyGvrYweWz6DopWc65k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.225.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:35:de:86:1c:3d:35:ae:33:0c:0f:af:bc:55:4a:66:61:95:
e1:ae:45:83:55:85:73:e1:45:3e:2b:c7:1e:50:21:7b:a9:d2:
76:26:42:37:4c:12:5c:db:23:f2:cd:da:c4:f0:8c:19:0d:64:
5e:8e:4a:bb:fb:ac:00:dd:3a:ca:55:a0:e7:f5:c2:f6:b3:c4:
c8:60:b7:da:7d:8d:f9:48:9f:a2:da:f7:b4:c0:2d:8e:36:27:
80:21:ef:56:23:2c:ba:92:1f:24:53:5b:a7:be:44:f0:dc:ca:
ec:93:0f:e0:06:b6:aa:cb:86:22:28:e5:f7:97:eb:78:c9:45:
fc:0c:f4:ea:a8:8f:b9:fa:f2:9c:d7:96:87:c0:4d:f2:73:91:
69:8d:10:b0:7f:26:7e:db:dc:9a:8c:7a:9e:b1:98:50:6f:0e:
3d:c8:9c:a5:6d:13:c0:e7:3e:3d:6d:51:d3:8e:02:e1:ef:4f:
75:aa:5f:7e:f4:ea:97:0c:ce:12:a7:ee:32:95:4a:8e:28:01:
33:63:14:9e:b7:12:f1:c7:85:bf:ca:a9:0b:23:af:78:fc:d7:
9b:83:0f:37:06:ef:6a:d7:67:a4:f0:4f:4e:54:8c:76:76:18:
09:2d:4c:7a:6e:3f:87:e4:e3:99:97:51:67:ad:05:8f:1c:c9:
f9:f6:e2:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzNUYo1HKGXAGPyY0cQJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZjE2YTNjZjgxMTY3MjFhZmFkOGMxZTViM2U4M2EyOTU5
Y2ViOTkwHhcNMjMwMTAyMTQwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc4OTFhYTEwY2NiODZhZWIyNmMxMjFlNTIxMTRkMjhhZGY0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOUsydWF6OxIzY0qEbME1A3QGnTP
+sz40Hv+e+lVMotcv4Vztaofo6ChU9kXEkD8mt753Lo6e51fyvf20/zmgVGixa0o
/1gMGOZc4yQcpiz7KXrDZG1YK5K8zzhN5qFQYOG4SbDp14sci5Cg0gPMBbZAX7K7
eewukfs1MANZBFbbKkcDQcNkfPvF0m7qmZb3gm6Iyd127YZBvYDyVyuq95Lj1rR1
UlIhRhy1iBCFSiXH80ulOV21al7YoLKuCgHWtjugNz96m9wIy8eQG0V2+DSGiiw9
hjYA/jVLKuyrbjpcrxIPs8YqoEzs4AlwbAEtqIbcq24kPeMiu3koDlIlSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ54kaoQzLhq6ybBIeUhFNKK30TaMB8GA1UdIwQY
MBaAFBrxajz4EWchr62MHls+g6KVnOuZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZGcVBQZ1JaeUd2cll3ZVd6NkRvcFdjNjVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83YTVmZDMtZmFhZS00MTIwLWE0YTgt
MWRjMmE1MjM2OGMxLzEvbm5pUnFoRE11R3JySnNFaDVTRVUwb3JmUk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83YTVmZDMtZmFhZS00MTIwLWE0YTgtMWRjMmE1MjM2OGMx
LzEvR3ZGcVBQZ1JaeUd2cll3ZVd6NkRvcFdjNjVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDhMA0G
CSqGSIb3DQEBCwUAA4IBAQCKNd6GHD01rjMMD6+8VUpmYZXhrkWDVYVz4UU+K8ce
UCF7qdJ2JkI3TBJc2yPyzdrE8IwZDWRejkq7+6wA3TrKVaDn9cL2s8TIYLfafY35
SJ+i2ve0wC2ONieAIe9WIyy6kh8kU1unvkTw3Mrskw/gBraqy4YiKOX3l+t4yUX8
DPTqqI+5+vKc15aHwE3yc5FpjRCwfyZ+29yajHqesZhQbw49yJylbRPA5z49bVHT
jgLh7091ql9+9OqXDM4Sp+4ylUqOKAEzYxSetxLxx4W/yqkLI694/Nebgw83Bu9q
12ek8E9OVIx2dhgJLUx6bj+H5OOZl1FnrQWPHMn59uIg
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:20 2024 by rpki-client on console-fra.rpki-client.org