Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/nnRoIOsTkU5te9S2NxNKsIOKliM.roa
File: nnRoIOsTkU5te9S2NxNKsIOKliM.roa (raw, json)
Hash identifier: znvaNNhQ9qL0jYT5vmCDXWz92wIfzsF8G+UYPlkd4mg=
Subject key identifier: 9E:74:68:20:EB:13:91:4E:6D:7B:D4:B6:37:13:4A:B0:83:8A:96:23
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018BF067937B4AC3D6C67DDB4E0327687541
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/nnRoIOsTkU5te9S2NxNKsIOKliM.roa
Signing time: Tue 21 Nov 2023 05:43:21 +0000
ROA not before: Tue 21 Nov 2023 05:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:67:93:7b:4a:c3:d6:c6:7d:db:4e:03:27:68:75:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Nov 21 05:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e746820eb13914e6d7bd4b637134ab0838a9623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:fd:ea:f7:28:74:0e:44:93:58:93:87:e5:
2a:bf:e0:96:2f:bf:f8:3f:e6:57:bc:e6:12:57:e7:
34:00:b1:36:98:aa:22:7b:fe:97:1f:65:68:e8:1e:
d8:95:95:cf:db:50:1f:74:de:fe:04:a0:43:03:06:
7c:35:4a:ed:e1:10:8b:c2:cf:f5:ae:f0:79:a1:ef:
00:35:41:93:0e:52:5d:ab:4b:40:6e:68:ab:30:aa:
6a:fd:05:37:82:92:74:f8:c2:15:dd:99:7c:3e:36:
bd:ca:bf:8c:ac:7b:3f:43:26:af:65:bd:8b:40:79:
44:77:ad:1a:bf:77:f9:ae:31:f0:85:17:fa:28:37:
db:0a:aa:d6:55:59:ae:f1:f3:a2:01:0e:15:e3:81:
7f:db:4c:bc:df:af:40:7d:a1:48:fa:a7:93:23:1a:
0b:d0:44:48:f4:da:9e:7b:b3:b6:bd:22:e0:c7:c0:
81:dc:54:b6:20:36:bc:16:18:91:cc:89:16:6e:7b:
7b:4d:1e:18:b6:63:0e:f9:0b:20:a6:80:75:cd:43:
2f:64:54:ed:5d:51:6a:c2:6a:4b:7a:09:b1:c2:67:
90:97:94:69:16:85:b7:d7:05:d9:16:b1:41:5c:75:
2a:51:f0:69:8e:c9:2c:52:43:bf:20:6f:67:46:a3:
1a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:74:68:20:EB:13:91:4E:6D:7B:D4:B6:37:13:4A:B0:83:8A:96:23
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/nnRoIOsTkU5te9S2NxNKsIOKliM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fc:5a:0e:63:4a:a3:c3:13:d4:04:a9:78:00:df:e0:fa:be:
37:0e:64:e8:fd:a8:1e:82:80:6c:8b:58:b3:da:58:6d:4f:b0:
0d:7e:e9:cf:04:62:4f:07:17:4b:32:b0:27:99:b6:39:11:5e:
87:fe:9b:39:4e:1b:f1:da:86:1d:ef:ed:a9:f3:52:f9:7a:04:
24:dd:45:f7:09:e8:be:f5:ab:fa:c2:e7:c1:89:e6:b7:fe:6d:
6e:64:f4:7a:2e:a3:ed:53:8d:64:c9:88:39:1c:6f:5f:ad:4d:
e2:88:b6:f8:26:5a:e8:17:8c:62:27:d7:18:c0:4a:e8:c8:7f:
83:a7:16:5f:6f:28:83:c7:a5:09:b0:49:99:dc:a7:f9:c1:df:
60:cc:76:2a:c1:4d:52:e4:ca:18:5e:c9:6b:d9:95:a9:ca:21:
6c:d2:af:a7:aa:ee:b5:a9:40:c1:7d:bd:b2:db:f3:17:e5:77:
70:3c:40:0c:76:69:ea:65:06:17:cc:36:9a:6a:27:93:fb:f9:
87:3e:6f:4e:fc:bb:45:74:7f:90:1f:97:ee:de:09:29:10:0a:
dc:7d:6b:d4:0b:09:5a:0b:20:a5:98:e8:8b:de:e8:17:77:ba:
79:cc:22:63:cb:bc:6c:78:50:b1:68:b5:8e:09:1f:7f:44:f6:
17:d1:55:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvwZ5N7SsPWxn3bTgMnaHVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMxMTIxMDU0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc0NjgyMGViMTM5MTRlNmQ3YmQ0YjYzNzEzNGFiMDgzOGE5NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB396vcodA5Ek1iTh+Uqv+CWL7/4
P+ZXvOYSV+c0ALE2mKoie/6XH2Vo6B7YlZXP21AfdN7+BKBDAwZ8NUrt4RCLws/1
rvB5oe8ANUGTDlJdq0tAbmirMKpq/QU3gpJ0+MIV3Zl8Pja9yr+MrHs/QyavZb2L
QHlEd60av3f5rjHwhRf6KDfbCqrWVVmu8fOiAQ4V44F/20y8369AfaFI+qeTIxoL
0ERI9Nqee7O2vSLgx8CB3FS2IDa8FhiRzIkWbnt7TR4YtmMO+QsgpoB1zUMvZFTt
XVFqwmpLegmxwmeQl5RpFoW31wXZFrFBXHUqUfBpjsksUkO/IG9nRqMaWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ50aCDrE5FObXvUtjcTSrCDipYjMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvbm5Sb0lPc1RrVTV0ZTlTMk54TktzSU9LbGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBg/FoOY0qjwxPUBKl4AN/g+r43DmTo/agegoBsi1iz
2lhtT7ANfunPBGJPBxdLMrAnmbY5EV6H/ps5Thvx2oYd7+2p81L5egQk3UX3Cei+
9av6wufBiea3/m1uZPR6LqPtU41kyYg5HG9frU3iiLb4JlroF4xiJ9cYwEroyH+D
pxZfbyiDx6UJsEmZ3Kf5wd9gzHYqwU1S5MoYXslr2ZWpyiFs0q+nqu61qUDBfb2y
2/MX5XdwPEAMdmnqZQYXzDaaaieT+/mHPm9O/LtFdH+QH5fu3gkpEArcfWvUCwla
CyClmOiL3ugXd7p5zCJjy7xseFCxaLWOCR9/RPYX0VXi
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:04 2024 by rpki-client on console-fra.rpki-client.org