Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/nS3nnbRIyaxc_XlIwwNMY6Z7_a4.roa
File: nS3nnbRIyaxc_XlIwwNMY6Z7_a4.roa (raw, json)
Hash identifier: 2b4bLQ2P6DG6t5a7DtyPa1TGKv/XMD1lqUECFG9hc0U=
Subject key identifier: 9D:2D:E7:9D:B4:48:C9:AC:5C:FD:79:48:C3:03:4C:63:A6:7B:FD:AE
Certificate issuer: /CN=7e1167886da81524431bbf2efb0572914b686ebc
Certificate serial: 01856C781081D63790A450D163D77ABF7813
Authority key identifier: 7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/nS3nnbRIyaxc_XlIwwNMY6Z7_a4.roa
Signing time: Sun 01 Jan 2023 08:34:45 +0000
ROA not before: Sun 01 Jan 2023 08:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2159
IP address blocks: 212.39.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:10:81:d6:37:90:a4:50:d1:63:d7:7a:bf:78:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1167886da81524431bbf2efb0572914b686ebc
Validity
Not Before: Jan 1 08:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d2de79db448c9ac5cfd7948c3034c63a67bfdae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:54:31:b8:0c:5a:28:bc:91:76:de:5f:c9:
db:74:b1:41:73:8c:40:37:86:22:f7:34:8d:c1:27:
01:54:76:f7:55:42:2a:1f:8f:d9:ce:76:0d:f5:18:
19:7f:18:ce:d2:e7:fe:b6:ff:5f:6f:8a:7c:36:30:
1e:7f:7b:e0:db:72:87:57:78:d0:ad:37:aa:53:12:
13:48:11:ad:be:ad:8f:5f:e1:e6:6f:86:25:7d:ed:
6d:a5:4e:04:72:79:38:c2:a3:3d:48:40:01:0f:15:
09:16:b8:6c:47:b7:2f:4e:0f:a8:ee:c0:1c:b9:f0:
ae:91:65:6a:a4:41:11:4b:aa:49:97:a9:01:ef:84:
a0:c8:1f:22:c4:84:5e:63:78:22:d9:13:9c:bc:de:
6c:2f:6c:06:02:61:6b:7f:e8:cb:15:38:ed:91:ad:
15:8b:1a:96:5b:08:d4:f5:e3:ce:bc:8d:89:fa:c1:
12:45:6c:09:5f:46:9d:12:bf:f3:64:29:91:ed:8e:
15:97:29:a1:98:99:95:cd:c8:f9:d4:0d:32:30:fc:
07:e2:81:11:63:87:26:4c:d1:16:e9:95:bd:e0:ba:
43:1a:a6:41:a4:94:e0:36:c7:28:aa:11:f2:e8:3d:
13:eb:74:18:17:74:dc:f4:c5:17:4d:88:4e:b2:e7:
47:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2D:E7:9D:B4:48:C9:AC:5C:FD:79:48:C3:03:4C:63:A6:7B:FD:AE
X509v3 Authority Key Identifier:
keyid:7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/nS3nnbRIyaxc_XlIwwNMY6Z7_a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.229.0/24
Signature Algorithm: sha256WithRSAEncryption
58:85:25:72:dc:c3:e0:cc:9f:4e:4f:f0:f2:05:10:86:e0:56:
86:bf:60:3f:76:07:a3:ff:9b:fd:c1:f7:b2:5a:4e:5b:0e:18:
6a:24:a4:fc:67:a0:0b:8c:23:19:d0:68:dd:9d:b8:cb:4b:ce:
eb:38:8b:3b:d5:5d:1f:39:a3:fb:35:96:a9:64:64:6b:d5:a9:
f1:13:cc:3c:1f:90:41:32:4e:84:3b:75:c1:1e:d3:e9:e0:f1:
a0:03:53:99:b2:74:e3:f7:c9:2b:f8:ed:3d:90:c2:c1:9d:34:
11:62:87:f6:ca:e7:b3:4b:fa:65:1f:16:25:57:65:b7:c1:90:
8f:5e:73:9c:99:23:b8:ac:85:c0:61:85:56:7b:8a:30:59:1e:
4a:71:f4:a2:0f:34:94:ec:be:0c:56:ea:a5:0e:1d:a2:e9:09:
33:ae:ce:73:ac:aa:4d:c5:4d:5a:c4:13:bd:cc:cb:36:18:ba:
48:c5:95:83:33:53:0f:72:62:d8:ba:e8:c4:d9:91:9f:d2:7a:
9b:c1:42:db:83:17:08:d9:1c:72:65:21:f3:5f:fd:6c:0f:3c:
87:1e:9f:9f:a4:ec:85:84:9d:6f:b4:bd:db:58:e4:38:29:8b:
1d:71:ea:ee:23:1f:5e:aa:97:28:3f:fc:a2:28:00:0a:93:9b:
03:e6:e4:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseBCB1jeQpFDRY9d6v3gTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTE2Nzg4NmRhODE1MjQ0MzFiYmYyZWZiMDU3MjkxNGI2
ODZlYmMwHhcNMjMwMTAxMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJkZTc5ZGI0NDhjOWFjNWNmZDc5NDhjMzAzNGM2M2E2N2JmZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW9UMbgMWii8kXbeX8nbdLFBc4xA
N4Yi9zSNwScBVHb3VUIqH4/ZznYN9RgZfxjO0uf+tv9fb4p8NjAef3vg23KHV3jQ
rTeqUxITSBGtvq2PX+Hmb4Ylfe1tpU4Ecnk4wqM9SEABDxUJFrhsR7cvTg+o7sAc
ufCukWVqpEERS6pJl6kB74SgyB8ixIReY3gi2ROcvN5sL2wGAmFrf+jLFTjtka0V
ixqWWwjU9ePOvI2J+sESRWwJX0adEr/zZCmR7Y4VlymhmJmVzcj51A0yMPwH4oER
Y4cmTNEW6ZW94LpDGqZBpJTgNscoqhHy6D0T63QYF3Tc9MUXTYhOsudHQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0t5520SMmsXP15SMMDTGOme/2uMB8GA1UdIwQY
MBaAFH4RZ4htqBUkQxu/LvsFcpFLaG68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYt
OWIyODJjNjQzMjU2LzEvblMzbm5iUkl5YXhjX1hsSXd3Tk1ZNlo3X2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYtOWIyODJjNjQzMjU2
LzEvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CflMA0G
CSqGSIb3DQEBCwUAA4IBAQBYhSVy3MPgzJ9OT/DyBRCG4FaGv2A/dgej/5v9wfey
Wk5bDhhqJKT8Z6ALjCMZ0GjdnbjLS87rOIs71V0fOaP7NZapZGRr1anxE8w8H5BB
Mk6EO3XBHtPp4PGgA1OZsnTj98kr+O09kMLBnTQRYof2yuezS/plHxYlV2W3wZCP
XnOcmSO4rIXAYYVWe4owWR5KcfSiDzSU7L4MVuqlDh2i6Qkzrs5zrKpNxU1axBO9
zMs2GLpIxZWDM1MPcmLYuujE2ZGf0nqbwULbgxcI2RxyZSHzX/1sDzyHHp+fpOyF
hJ1vtL3bWOQ4KYsdceruIx9eqpcoP/yiKAAKk5sD5uRk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:12 2024 by rpki-client on console-ams.rpki-client.org