Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/nP09r0l9Qq210x_-jHyVk7Oh7os.roa
File: nP09r0l9Qq210x_-jHyVk7Oh7os.roa (raw, json)
Hash identifier: qkJeRPjKOaCqUdEpnvHicK1FuKpkdVxUXRuuabfXYps=
Subject key identifier: 9C:FD:3D:AF:49:7D:42:AD:B5:D3:1F:FE:8C:7C:95:93:B3:A1:EE:8B
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 01856DC1C7FC61982A00AB2D79B7E7B205F6
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/nP09r0l9Qq210x_-jHyVk7Oh7os.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12657
IP address blocks: 212.72.64.0/19 maxlen: 19
212.102.160.0/19 maxlen: 19
213.131.192.0/19 maxlen: 19
2001:1579:2::/48 maxlen: 48
2001:1579::/32 maxlen: 48
2001:1578:ff::/48 maxlen: 48
2001:1579::/48 maxlen: 48
2001:1578::/29 maxlen: 40
2001:1579:1::/48 maxlen: 48
2001:1578::/32 maxlen: 40
2001:1578::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c7:fc:61:98:2a:00:ab:2d:79:b7:e7:b2:05:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cfd3daf497d42adb5d31ffe8c7c9593b3a1ee8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:12:dc:e5:a5:20:e5:c7:36:8d:aa:6c:30:4e:
ed:60:da:f5:95:2a:22:47:99:64:80:ef:eb:25:08:
42:cc:e0:b8:f6:fa:ad:52:27:37:1e:a4:d5:d2:87:
c0:3d:7e:f5:c2:7e:70:47:26:48:61:ae:39:66:94:
aa:b6:00:af:7e:04:eb:6a:d7:31:c1:02:f6:eb:5d:
92:03:b4:eb:dd:dc:9e:96:ea:53:53:78:b3:a9:66:
04:1b:3c:f9:fc:fd:8e:6c:b4:58:24:7d:7c:88:fa:
d6:4f:93:e4:7d:09:a2:b7:2e:ac:2e:20:59:8b:7c:
ed:b0:a7:94:00:64:03:97:75:93:53:fc:9e:6b:67:
82:33:2e:07:ad:de:37:58:c3:f3:76:db:4b:85:ba:
ca:4a:f7:84:6c:ff:b4:6f:9e:0b:84:36:3c:ae:71:
0c:58:c6:32:e8:19:f5:1e:01:9f:75:be:e9:29:e6:
75:ff:06:47:11:30:ad:0f:d0:ca:7f:b3:56:c9:31:
bc:93:77:92:79:b9:1f:f5:4c:67:4b:18:e4:a6:e9:
9b:6d:79:1a:6c:8c:5e:69:39:09:2c:bd:bc:99:d2:
c5:6a:da:09:22:64:74:97:98:19:fd:65:46:e4:cb:
74:ca:1f:e0:7b:2e:09:7d:42:db:0e:a4:f8:c1:e0:
25:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FD:3D:AF:49:7D:42:AD:B5:D3:1F:FE:8C:7C:95:93:B3:A1:EE:8B
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/nP09r0l9Qq210x_-jHyVk7Oh7os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.72.64.0/19
212.102.160.0/19
213.131.192.0/19
IPv6:
2001:1578::/29
Signature Algorithm: sha256WithRSAEncryption
22:ee:02:ce:0e:e2:83:de:25:6d:51:e3:95:d2:26:42:e5:4b:
43:36:19:88:1c:66:eb:c0:19:8b:20:72:7c:ea:a1:58:20:13:
fe:c8:09:97:94:3e:9a:2c:58:c5:6f:dc:37:65:6f:2d:07:e7:
c1:2d:fa:ab:bc:f1:47:f9:4b:52:57:df:c8:a2:0a:e4:85:86:
67:de:e1:95:e9:d0:84:47:e8:30:f8:a4:65:e3:ba:6f:ce:e4:
91:80:1c:11:8e:dd:63:6e:6c:44:f6:90:cd:ea:1f:52:5d:95:
02:5b:05:45:ef:34:9a:49:bf:46:37:03:8a:b4:47:e3:83:44:
89:11:59:7c:da:80:8c:0a:60:2f:a5:c8:52:9e:32:72:6a:3a:
f0:90:94:cf:4d:60:ee:ec:b5:3d:f9:29:94:62:8e:49:54:11:
6b:68:e1:9e:08:d7:cd:8d:7e:55:d4:29:18:81:5a:1b:c1:9c:
80:8f:73:7b:10:8f:ee:42:f7:e3:73:21:e9:eb:37:f8:85:4e:
a4:56:3c:82:bc:b3:93:a9:a1:1e:ce:07:82:bb:04:66:1e:b0:
00:9f:98:cb:80:4a:51:e4:95:50:73:9a:51:b2:fb:72:b5:b2:
a1:e5:a7:39:47:3b:86:f7:e0:2a:67:47:5c:8b:38:ea:da:29:
a8:e0:04:5e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtwcf8YZgqAKstebfnsgX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDM1MWIyNzRmYzIzYTQyNzI4MzAzNjM4YTBkNjJiNjA2
NDAxYjQwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZkM2RhZjQ5N2Q0MmFkYjVkMzFmZmU4YzdjOTU5M2IzYTFlZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBLc5aUg5cc2japsME7tYNr1lSoi
R5lkgO/rJQhCzOC49vqtUic3HqTV0ofAPX71wn5wRyZIYa45ZpSqtgCvfgTratcx
wQL2612SA7Tr3dyelupTU3izqWYEGzz5/P2ObLRYJH18iPrWT5PkfQmity6sLiBZ
i3ztsKeUAGQDl3WTU/yea2eCMy4Hrd43WMPzdttLhbrKSveEbP+0b54LhDY8rnEM
WMYy6Bn1HgGfdb7pKeZ1/wZHETCtD9DKf7NWyTG8k3eSebkf9UxnSxjkpumbbXka
bIxeaTkJLL28mdLFatoJImR0l5gZ/WVG5Mt0yh/gey4JfULbDqT4weAldwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJz9Pa9JfUKttdMf/ox8lZOzoe6LMB8GA1UdIwQY
MBaAFLvTUbJ0/COkJygwNjig1itgZAG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYt
NDZiMzAyOGEwM2IwLzEvblAwOXIwbDlRcTIxMHhfLWpIeVZrN09oN29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYtNDZiMzAyOGEwM2Iw
LzEvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQF1EhAAwQF
1GagAwQF1YPAMA0EAgACMAcDBQMgARV4MA0GCSqGSIb3DQEBCwUAA4IBAQAi7gLO
DuKD3iVtUeOV0iZC5UtDNhmIHGbrwBmLIHJ86qFYIBP+yAmXlD6aLFjFb9w3ZW8t
B+fBLfqrvPFH+UtSV9/IogrkhYZn3uGV6dCER+gw+KRl47pvzuSRgBwRjt1jbmxE
9pDN6h9SXZUCWwVF7zSaSb9GNwOKtEfjg0SJEVl82oCMCmAvpchSnjJyajrwkJTP
TWDu7LU9+SmUYo5JVBFraOGeCNfNjX5V1CkYgVobwZyAj3N7EI/uQvfjcyHp6zf4
hU6kVjyCvLOTqaEezgeCuwRmHrAAn5jLgEpR5JVQc5pRsvtytbKh5ac5RzuG9+Aq
Z0dcizjq2imo4ARe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:21 2024 by rpki-client on console-ams.rpki-client.org