Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/nx2ot61KqggtFPKBJaUw1ir2RGk.roa
File: nx2ot61KqggtFPKBJaUw1ir2RGk.roa (raw, json)
Hash identifier: aiUp5vV3D1zY+BWYGpAQ1BVxMKVX5eXjZQep7bWN3Ts=
Subject key identifier: 9F:1D:A8:B7:AD:4A:AA:08:2D:14:F2:81:25:A5:30:D6:2A:F6:44:69
Certificate issuer: /CN=398f7106bed10fe7ffc65bbd64adbedc9dbd525e
Certificate serial: 01856EAFC9AC45F3C41D7C76E0984ADE464B
Authority key identifier: 39:8F:71:06:BE:D1:0F:E7:FF:C6:5B:BD:64:AD:BE:DC:9D:BD:52:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/nx2ot61KqggtFPKBJaUw1ir2RGk.roa
Signing time: Sun 01 Jan 2023 18:54:52 +0000
ROA not before: Sun 01 Jan 2023 18:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57715
IP address blocks: 194.31.48.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c9:ac:45:f3:c4:1d:7c:76:e0:98:4a:de:46:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=398f7106bed10fe7ffc65bbd64adbedc9dbd525e
Validity
Not Before: Jan 1 18:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f1da8b7ad4aaa082d14f28125a530d62af64469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:75:1b:d1:91:3d:b1:90:e6:16:82:22:77:
4a:53:6e:fa:66:38:bc:9c:2a:56:29:d5:e2:2d:9b:
00:50:a6:38:8b:4e:cc:71:ee:0f:c7:b7:a1:ec:87:
14:c2:16:5c:50:d1:f7:bb:d0:9f:18:9d:a4:49:d5:
83:39:25:df:83:d2:a3:3b:b2:93:f5:9b:3a:bd:ec:
02:15:0e:33:cb:9b:ce:e5:fc:9d:7a:5a:7d:44:26:
f5:20:bc:92:94:0d:14:df:85:c7:28:36:01:c7:c1:
08:e6:15:b4:9b:db:49:cd:fa:51:93:8c:92:a2:13:
b9:25:70:1e:0b:bd:83:2f:2f:f0:31:bc:f1:1e:d8:
7d:2f:fd:84:5a:c6:3e:2e:f8:cd:3a:67:db:f4:5f:
c1:ae:2b:b9:73:ad:f3:97:f0:5b:04:d0:33:4a:47:
f1:09:68:fc:3d:b7:fd:a3:fa:f8:e9:e3:0d:dd:73:
72:b1:15:e6:e6:81:91:9b:cd:a5:da:66:42:89:09:
d7:db:18:1c:db:c9:c0:a8:22:0a:8d:ae:d5:08:d3:
2f:31:3c:af:ed:40:5e:9d:8b:f3:45:af:a2:5f:56:
d2:cb:d6:5c:9d:23:db:bc:0c:ad:fb:3d:e6:b6:21:
61:f4:3c:55:12:38:f4:87:e3:11:b6:a0:74:7a:43:
85:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1D:A8:B7:AD:4A:AA:08:2D:14:F2:81:25:A5:30:D6:2A:F6:44:69
X509v3 Authority Key Identifier:
keyid:39:8F:71:06:BE:D1:0F:E7:FF:C6:5B:BD:64:AD:BE:DC:9D:BD:52:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/nx2ot61KqggtFPKBJaUw1ir2RGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.48.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:f1:97:d4:37:37:7a:ca:4b:42:2d:11:c6:b6:b5:cf:9c:25:
64:b7:e8:58:d2:01:e7:b6:af:5f:70:05:40:9e:7f:10:b6:94:
6f:bf:54:24:21:3b:b9:30:e3:24:da:14:1d:78:97:0b:f5:28:
26:88:68:cb:1c:c7:31:5e:c3:8b:29:60:81:cf:5a:a1:07:c8:
69:d6:83:ab:8f:a2:66:73:e8:68:24:6b:2a:05:65:db:5f:00:
ad:4c:fc:a1:bc:81:cc:ea:d8:5c:8a:bf:47:3d:0e:14:3f:f4:
9e:ac:66:db:f7:0e:5c:61:b9:6e:92:24:3a:28:c3:94:5d:99:
f3:f8:dc:99:6a:83:0e:84:4f:ce:19:3a:a5:10:dc:ea:bd:be:
54:f4:d3:54:20:ef:7d:9c:f3:aa:bd:31:39:9f:01:2a:df:a4:
80:8f:a2:c7:f6:6b:b5:6e:7b:60:29:12:75:af:54:c3:04:7b:
75:48:db:09:91:53:ba:ba:30:d4:0c:dc:68:6c:5b:2d:7f:82:
dd:13:60:65:47:37:74:57:8b:36:7d:e6:f8:25:b2:59:9f:88:
92:25:b6:85:83:e9:4d:04:6a:17:98:d5:96:d0:df:3b:29:3b:
08:89:65:4d:2b:b6:5f:f2:ae:08:82:1f:11:70:ce:b7:79:b1:
2e:1d:43:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8msRfPEHXx24JhK3kZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OGY3MTA2YmVkMTBmZTdmZmM2NWJiZDY0YWRiZWRjOWRi
ZDUyNWUwHhcNMjMwMTAxMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFkYThiN2FkNGFhYTA4MmQxNGYyODEyNWE1MzBkNjJhZjY0NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwx1G9GRPbGQ5haCIndKU276Zji8
nCpWKdXiLZsAUKY4i07Mce4Px7eh7IcUwhZcUNH3u9CfGJ2kSdWDOSXfg9KjO7KT
9Zs6vewCFQ4zy5vO5fydelp9RCb1ILySlA0U34XHKDYBx8EI5hW0m9tJzfpRk4yS
ohO5JXAeC72DLy/wMbzxHth9L/2EWsY+LvjNOmfb9F/Briu5c63zl/BbBNAzSkfx
CWj8Pbf9o/r46eMN3XNysRXm5oGRm82l2mZCiQnX2xgc28nAqCIKja7VCNMvMTyv
7UBenYvzRa+iX1bSy9ZcnSPbvAyt+z3mtiFh9DxVEjj0h+MRtqB0ekOFAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8dqLetSqoILRTygSWlMNYq9kRpMB8GA1UdIwQY
MBaAFDmPcQa+0Q/n/8ZbvWStvtydvVJeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1k5eEJyN1JELWZfeGx1OVpLMi0zSjI5VWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mM2QyZjQtOTI2My00ZWNlLTlkYjMt
ZTA4MWE1YjQxNDMyLzEvbngyb3Q2MUtxZ2d0RlBLQkphVXcxaXIyUkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mM2QyZjQtOTI2My00ZWNlLTlkYjMtZTA4MWE1YjQxNDMy
LzEvT1k5eEJyN1JELWZfeGx1OVpLMi0zSjI5VWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwh8wMA0G
CSqGSIb3DQEBCwUAA4IBAQCl8ZfUNzd6yktCLRHGtrXPnCVkt+hY0gHntq9fcAVA
nn8QtpRvv1QkITu5MOMk2hQdeJcL9SgmiGjLHMcxXsOLKWCBz1qhB8hp1oOrj6Jm
c+hoJGsqBWXbXwCtTPyhvIHM6thcir9HPQ4UP/SerGbb9w5cYblukiQ6KMOUXZnz
+NyZaoMOhE/OGTqlENzqvb5U9NNUIO99nPOqvTE5nwEq36SAj6LH9mu1bntgKRJ1
r1TDBHt1SNsJkVO6ujDUDNxobFstf4LdE2BlRzd0V4s2feb4JbJZn4iSJbaFg+lN
BGoXmNWW0N87KTsIiWVNK7Zf8q4Igh8RcM63ebEuHUNY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:35 2024 by rpki-client on console-fra.rpki-client.org