Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/nVs_9LIk20WaIXxuM6t2MxqSXrs.roa
File: nVs_9LIk20WaIXxuM6t2MxqSXrs.roa (raw, json)
Hash identifier: O3T/zs4FpdLvB3jZDviGjXIp4cqWIzVdb7baysAOyBY=
Subject key identifier: 9D:5B:3F:F4:B2:24:DB:45:9A:21:7C:6E:33:AB:76:33:1A:92:5E:BB
Certificate issuer: /CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Certificate serial: 0185704BD6FD7EBBBB98A9E4158E010208C0
Authority key identifier: 6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/nVs_9LIk20WaIXxuM6t2MxqSXrs.roa
Signing time: Mon 02 Jan 2023 02:24:56 +0000
ROA not before: Mon 02 Jan 2023 02:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206701
IP address blocks: 194.0.168.0/24 maxlen: 24
194.0.139.0/24 maxlen: 24
194.0.141.0/24 maxlen: 24
194.0.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:d6:fd:7e:bb:bb:98:a9:e4:15:8e:01:02:08:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Validity
Not Before: Jan 2 02:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d5b3ff4b224db459a217c6e33ab76331a925ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ba:82:c8:4b:07:5e:f6:c0:f5:05:29:a2:00:
4a:51:7f:b2:9e:3c:0c:18:82:24:17:fd:52:e4:54:
37:15:fe:4d:b8:3a:16:0b:26:71:b8:c3:0a:8e:d3:
43:17:2e:7d:1d:74:d0:a5:32:00:02:92:5f:f2:5a:
11:91:90:1c:2e:7e:13:12:30:a0:18:6c:b7:be:22:
f4:b8:eb:55:4d:22:ed:9b:cf:35:8b:3f:44:45:76:
9d:be:76:c2:96:8a:10:6c:fb:4e:8a:d8:4a:a1:a1:
e7:98:28:8f:1f:0b:12:1f:1b:95:7a:e2:0d:dc:03:
88:a0:c9:cd:81:16:ac:84:b2:17:ce:ab:87:8f:b3:
28:4f:35:ac:52:9c:d3:5c:66:80:a3:03:04:30:e7:
d6:cc:6f:3f:9f:f0:97:ae:1b:26:05:9f:ca:2e:0a:
08:5f:a6:c6:9c:2d:a6:b8:6e:06:fd:a4:7b:69:2f:
e7:60:4f:68:8b:33:6c:8d:01:5c:db:28:cf:c1:b5:
a5:3f:ec:25:f4:ee:b5:ea:c3:2c:4b:4f:b3:76:fb:
99:ee:e7:ff:17:33:c3:d2:c5:f6:a8:bc:1b:7b:d7:
a5:c1:d9:9e:70:e8:71:9f:03:a7:1e:60:83:eb:8e:
20:d0:93:6a:63:5d:3c:3a:2e:ad:a1:96:63:2b:05:
f7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:3F:F4:B2:24:DB:45:9A:21:7C:6E:33:AB:76:33:1A:92:5E:BB
X509v3 Authority Key Identifier:
keyid:6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/nVs_9LIk20WaIXxuM6t2MxqSXrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.139.0/24
194.0.141.0/24
194.0.159.0/24
194.0.168.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:06:9a:f7:f1:08:80:01:3c:92:dd:8f:fb:13:88:ba:b7:d8:
73:00:3a:19:6c:5a:fa:9b:1c:57:cf:cd:4c:64:06:49:df:af:
56:63:0e:5a:76:e7:f5:75:bb:de:72:d5:db:38:49:d6:57:4b:
28:2d:00:d0:3e:88:7f:80:98:c7:53:d4:67:d9:f3:3d:ee:da:
7a:b9:ff:da:fd:86:9f:be:2b:41:a8:5e:3f:de:c8:c8:30:4a:
b2:10:76:3a:48:c2:56:ec:57:e7:d4:d2:c1:89:b8:db:a2:96:
e9:f1:1d:8b:5c:14:8a:5f:ba:2b:91:f2:f9:e1:7e:13:7f:16:
91:6f:5e:b0:49:c1:23:1d:98:d7:2f:66:9d:89:dd:c3:27:8a:
56:f6:66:10:d4:20:3e:c6:db:6a:f0:4a:15:d0:70:d9:9c:11:
ad:fd:af:d9:f5:ba:40:4a:5c:eb:ca:7e:74:11:78:7a:0c:30:
c7:88:55:30:47:e4:3b:de:71:de:26:18:de:0b:f4:4b:44:6a:
2a:ac:cf:6f:cd:6a:ea:29:50:2b:06:a6:55:49:16:a0:88:bd:
38:17:bd:3f:4b:94:26:9c:ab:0e:dd:b9:b7:dd:1d:28:ec:ca:
09:42:8c:70:3f:c9:e9:08:34:6d:64:b8:75:15:f7:a5:5b:e4:
db:7f:11:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwS9b9fru7mKnkFY4BAgjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTRiOTAwZWZmNjEwYTQxODdmNmZiZDQ1ZTNiODU3ZDA4
OTZhMDAwHhcNMjMwMTAyMDIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViM2ZmNGIyMjRkYjQ1OWEyMTdjNmUzM2FiNzYzMzFhOTI1ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rqCyEsHXvbA9QUpogBKUX+ynjwM
GIIkF/1S5FQ3Ff5NuDoWCyZxuMMKjtNDFy59HXTQpTIAApJf8loRkZAcLn4TEjCg
GGy3viL0uOtVTSLtm881iz9ERXadvnbClooQbPtOithKoaHnmCiPHwsSHxuVeuIN
3AOIoMnNgRashLIXzquHj7MoTzWsUpzTXGaAowMEMOfWzG8/n/CXrhsmBZ/KLgoI
X6bGnC2muG4G/aR7aS/nYE9oizNsjQFc2yjPwbWlP+wl9O616sMsS0+zdvuZ7uf/
FzPD0sX2qLwbe9elwdmecOhxnwOnHmCD644g0JNqY108Oi6toZZjKwX3HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ1bP/SyJNtFmiF8bjOrdjMakl67MB8GA1UdIwQY
MBaAFG8UuQDv9hCkGH9vvUXjuFfQiWoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUt
NTE4MWEyZjBkMTk3LzEvblZzXzlMSWsyMFdhSVh4dU02dDJNeHFTWHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUtNTE4MWEyZjBkMTk3
LzEvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgCLAwQA
wgCNAwQAwgCfAwQAwgCoMA0GCSqGSIb3DQEBCwUAA4IBAQArBpr38QiAATyS3Y/7
E4i6t9hzADoZbFr6mxxXz81MZAZJ369WYw5aduf1dbvectXbOEnWV0soLQDQPoh/
gJjHU9Rn2fM97tp6uf/a/YafvitBqF4/3sjIMEqyEHY6SMJW7Ffn1NLBibjbopbp
8R2LXBSKX7orkfL54X4TfxaRb16wScEjHZjXL2adid3DJ4pW9mYQ1CA+xttq8EoV
0HDZnBGt/a/Z9bpASlzryn50EXh6DDDHiFUwR+Q73nHeJhjeC/RLRGoqrM9vzWrq
KVArBqZVSRagiL04F70/S5QmnKsO3bm33R0o7MoJQoxwP8npCDRtZLh1FfelW+Tb
fxG0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:59 2024 by rpki-client on console-fra.rpki-client.org