Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/NiUKScq-Lev3XYv9FpO0sPCwWKE.roa
File: NiUKScq-Lev3XYv9FpO0sPCwWKE.roa (raw, json)
Hash identifier: QWO/GHXQtUsIbGHhZf2k8hDgG6nujUbHpgYEFr8sNJ0=
Subject key identifier: 36:25:0A:49:CA:BE:2D:EB:F7:5D:8B:FD:16:93:B4:B0:F0:B0:58:A1
Certificate issuer: /CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Certificate serial: 01857169C0BD7E586EEB097DF0AC3EA84C49
Authority key identifier: 7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/NiUKScq-Lev3XYv9FpO0sPCwWKE.roa
Signing time: Mon 02 Jan 2023 07:37:14 +0000
ROA not before: Mon 02 Jan 2023 07:37:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207421
IP address blocks: 94.231.214.0/24 maxlen: 24
2a10:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c0:bd:7e:58:6e:eb:09:7d:f0:ac:3e:a8:4c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Validity
Not Before: Jan 2 07:37:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36250a49cabe2debf75d8bfd1693b4b0f0b058a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:cb:2c:5c:3b:22:d7:d7:d9:02:7e:b7:38:
02:5c:7c:5b:66:1c:83:5f:12:b8:c7:7f:0e:2f:90:
28:9e:dc:b0:3c:70:50:e7:73:52:2f:16:18:75:cc:
08:b5:79:7b:cf:46:90:4e:2d:7d:ca:f8:b7:82:74:
12:65:d7:c6:44:01:89:28:92:65:67:63:3e:79:92:
98:41:c2:74:c9:06:b1:a8:e1:d7:be:cf:12:33:7f:
24:c0:6e:4e:52:a4:51:7c:98:2f:e2:a2:b5:9b:d8:
11:c4:ff:19:61:6d:35:36:e7:0d:9b:de:4a:85:2a:
7d:b3:2b:73:8d:33:45:7d:10:4e:30:d6:9a:80:2a:
69:c9:ea:00:13:7e:fc:59:c9:06:3f:bd:3c:70:81:
8e:d3:57:c9:e7:25:6f:c6:96:d7:85:35:f3:00:7b:
a7:9b:d9:5c:10:3e:c6:e9:7b:3e:48:d9:28:ff:75:
de:e9:06:e4:5c:39:87:bb:bd:2a:95:1f:cb:3d:46:
1a:65:06:11:c0:40:c8:30:5e:cb:61:27:7a:4e:4b:
4d:cc:5e:dc:89:37:19:7c:fb:72:60:cd:a5:2c:06:
94:4e:10:04:c2:cc:9a:a5:4a:d1:16:b0:16:6f:7d:
b8:8f:c9:2c:fa:6d:1b:12:8a:46:60:53:7a:7a:24:
16:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:25:0A:49:CA:BE:2D:EB:F7:5D:8B:FD:16:93:B4:B0:F0:B0:58:A1
X509v3 Authority Key Identifier:
keyid:7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/NiUKScq-Lev3XYv9FpO0sPCwWKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/e0fNwhx8siRnTA6v3sY6ID7uMQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.214.0/24
IPv6:
2a10:b00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:30:1c:d3:20:25:0d:75:e3:f4:dc:e5:54:a1:43:9f:46:e6:
cf:36:35:42:15:91:63:e2:a0:68:6c:1b:d1:b7:bd:7d:3d:f8:
29:80:13:78:3e:85:bc:f3:d1:75:54:02:21:32:ee:22:da:bd:
6f:42:24:f0:09:d8:5b:a7:1d:17:47:1f:43:65:f4:57:09:b3:
05:54:2a:12:c2:b2:2f:b7:e7:10:4f:49:1a:52:fe:71:c1:24:
67:89:4c:7a:a3:94:cd:e8:4f:d5:16:f6:29:c0:a2:32:14:ca:
28:a2:40:be:7e:6b:f3:e7:8d:8d:2b:f1:9e:31:68:ba:a8:fd:
49:af:83:db:33:5b:29:12:63:6d:64:e2:d6:fc:bb:4d:06:ae:
5a:c4:70:2f:16:c5:bb:d4:26:60:19:a6:8e:55:79:b7:48:13:
3b:5e:62:e8:74:ff:27:17:d1:a4:cb:44:8a:98:30:d9:5a:f8:
97:15:49:73:47:1a:c2:5f:9c:16:eb:0d:67:82:72:5f:e8:f6:
a2:13:fb:e0:6c:e6:47:29:cc:bd:36:18:ad:3f:2c:6b:fb:9b:
d4:4b:99:ec:4b:d1:01:d7:24:8e:6b:b0:49:a0:4c:9f:96:1b:
c2:04:6d:4a:ab:c8:d6:92:99:22:05:fb:07:ee:87:18:3e:72:
a5:23:62:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxacC9flhu6wl98Kw+qExJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDdjZGMyMWM3Y2IyMjQ2NzRjMGVhZmRlYzYzYTIwM2Vl
ZTMxMDgwHhcNMjMwMTAyMDczNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI1MGE0OWNhYmUyZGViZjc1ZDhiZmQxNjkzYjRiMGYwYjA1OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU7LLFw7ItfX2QJ+tzgCXHxbZhyD
XxK4x38OL5AontywPHBQ53NSLxYYdcwItXl7z0aQTi19yvi3gnQSZdfGRAGJKJJl
Z2M+eZKYQcJ0yQaxqOHXvs8SM38kwG5OUqRRfJgv4qK1m9gRxP8ZYW01NucNm95K
hSp9sytzjTNFfRBOMNaagCppyeoAE378WckGP708cIGO01fJ5yVvxpbXhTXzAHun
m9lcED7G6Xs+SNko/3Xe6QbkXDmHu70qlR/LPUYaZQYRwEDIMF7LYSd6TktNzF7c
iTcZfPtyYM2lLAaUThAEwsyapUrRFrAWb324j8ks+m0bEopGYFN6eiQW9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDYlCknKvi3r912L/RaTtLDwsFihMB8GA1UdIwQY
MBaAFHtHzcIcfLIkZ0wOr97GOiA+7jEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQt
MDc1NTc4YzM3YWNhLzEvTmlVS1NjcS1MZXYzWFl2OUZwTzBzUEN3V0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQtMDc1NTc4YzM3YWNh
LzEvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXufWMA0E
AgACMAcDBQMqEAsAMA0GCSqGSIb3DQEBCwUAA4IBAQCLMBzTICUNdeP03OVUoUOf
RubPNjVCFZFj4qBobBvRt719PfgpgBN4PoW889F1VAIhMu4i2r1vQiTwCdhbpx0X
Rx9DZfRXCbMFVCoSwrIvt+cQT0kaUv5xwSRniUx6o5TN6E/VFvYpwKIyFMoookC+
fmvz542NK/GeMWi6qP1Jr4PbM1spEmNtZOLW/LtNBq5axHAvFsW71CZgGaaOVXm3
SBM7XmLodP8nF9Gky0SKmDDZWviXFUlzRxrCX5wW6w1ngnJf6PaiE/vgbOZHKcy9
NhitPyxr+5vUS5nsS9EB1ySOa7BJoEyflhvCBG1Kq8jWkpkiBfsH7ocYPnKlI2L+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:25 2024 by rpki-client on console-fra.rpki-client.org