Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/NA5CfdVRavGyvzIuYB1AUg3kKpM.roa
File: NA5CfdVRavGyvzIuYB1AUg3kKpM.roa (raw, json)
Hash identifier: Rl4FmtBt7MmKjplOwNH5ZXEShJZYLw4dWDlTu3bAJ5Q=
Subject key identifier: 34:0E:42:7D:D5:51:6A:F1:B2:BF:32:2E:60:1D:40:52:0D:E4:2A:93
Certificate issuer: /CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Certificate serial: 018CC94D847968BC3AFBDD9D2D70E67FAC90
Authority key identifier: 07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/NA5CfdVRavGyvzIuYB1AUg3kKpM.roa
Signing time: Tue 02 Jan 2024 08:32:29 +0000
ROA not before: Tue 02 Jan 2024 08:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197763
IP address blocks: 195.22.120.0/24 maxlen: 24
2001:67c:2f00::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:84:79:68:bc:3a:fb:dd:9d:2d:70:e6:7f:ac:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Validity
Not Before: Jan 2 08:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=340e427dd5516af1b2bf322e601d40520de42a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:15:00:cc:df:42:a9:c4:a4:37:3e:5f:15:a9:
44:6b:16:ff:d3:05:44:f5:3f:0d:70:d7:0a:4b:0f:
ab:21:56:2d:d2:44:11:b5:25:61:0b:86:d8:bf:58:
61:39:84:d4:2c:20:b5:18:23:5d:97:fa:61:ea:ad:
6f:c9:cc:96:7a:ec:19:99:84:a4:ab:df:1b:89:8e:
c6:2f:51:de:b2:21:45:70:eb:30:ab:a2:99:98:1b:
7c:61:1d:d3:0b:9f:72:17:65:ac:fd:4e:e0:cd:b8:
29:f5:31:90:c8:09:00:34:ae:ad:85:57:2b:69:21:
a2:94:cf:69:2f:7a:c1:98:6f:00:17:de:56:54:7b:
0f:6a:a0:1b:b0:3d:ba:dd:e3:12:a3:00:9b:64:f7:
a3:71:08:75:10:83:90:f4:25:a3:07:02:51:4a:ea:
98:d3:2f:64:92:fd:b1:ab:cd:d7:6b:16:71:17:84:
4d:f4:e6:9b:4e:20:2d:77:8e:7c:73:26:35:72:79:
95:ab:04:48:c5:a0:cf:49:78:38:14:40:22:f5:5e:
8c:9e:85:75:32:89:15:f6:0a:e5:81:63:59:ba:dc:
3f:c4:10:f0:3a:3d:60:24:c0:25:cf:c4:43:be:9d:
fc:0e:21:e1:1c:60:40:3c:8b:72:38:9b:52:25:2b:
50:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0E:42:7D:D5:51:6A:F1:B2:BF:32:2E:60:1D:40:52:0D:E4:2A:93
X509v3 Authority Key Identifier:
keyid:07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/NA5CfdVRavGyvzIuYB1AUg3kKpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/B9PAwRUyjD0owPVyGwCYKyzUIV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.120.0/24
IPv6:
2001:67c:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
77:2a:48:46:41:55:96:4d:d5:91:21:8e:fb:4f:cf:4b:b0:f4:
19:cf:78:40:03:37:3e:e6:3d:97:f9:64:04:ae:98:87:07:41:
be:98:3d:48:87:1f:67:be:d2:9b:40:b5:c1:6a:24:ca:39:09:
1a:d9:ad:27:d6:41:2e:e6:df:44:93:4b:12:30:4c:f7:ff:44:
37:26:9b:fb:58:48:1a:4e:ae:14:9f:88:fb:f6:3d:8b:cd:f3:
1b:b4:aa:08:73:3b:d7:64:98:91:55:21:d1:68:31:1f:44:b8:
ef:96:b2:87:70:8d:90:fb:f4:06:65:80:0c:89:71:cd:11:2e:
22:ca:11:4b:b0:2c:07:76:80:c4:f8:5c:09:c9:b3:ba:71:5a:
da:42:da:32:63:52:3e:ea:c8:b1:e4:f1:4f:78:4d:4b:5e:be:
a9:31:0f:90:60:47:b7:10:7a:cf:ab:bf:6f:69:d6:3b:29:11:
78:8f:18:d9:e3:80:55:c4:fa:64:a3:49:5b:14:8f:bf:42:8a:
e4:c7:d3:2e:4d:9c:4a:35:ce:95:c1:92:33:62:f4:4a:07:e5:
7b:fc:e5:d4:4c:7f:bd:04:89:0b:7e:58:ee:91:d4:a7:30:39:
e7:19:a9:f6:5a:ba:45:82:2d:86:17:bc:ff:eb:e2:ce:a4:26:
46:ac:95:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTYR5aLw6+92dLXDmf6yQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDNjMGMxMTUzMjhjM2QyOGMwZjU3MjFiMDA5ODJiMmNk
NDIxNWUwHhcNMjQwMTAyMDgzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBlNDI3ZGQ1NTE2YWYxYjJiZjMyMmU2MDFkNDA1MjBkZTQyYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBUAzN9CqcSkNz5fFalEaxb/0wVE
9T8NcNcKSw+rIVYt0kQRtSVhC4bYv1hhOYTULCC1GCNdl/ph6q1vycyWeuwZmYSk
q98biY7GL1HesiFFcOswq6KZmBt8YR3TC59yF2Ws/U7gzbgp9TGQyAkANK6thVcr
aSGilM9pL3rBmG8AF95WVHsPaqAbsD263eMSowCbZPejcQh1EIOQ9CWjBwJRSuqY
0y9kkv2xq83XaxZxF4RN9OabTiAtd458cyY1cnmVqwRIxaDPSXg4FEAi9V6MnoV1
MokV9grlgWNZutw/xBDwOj1gJMAlz8RDvp38DiHhHGBAPItyOJtSJStQkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDQOQn3VUWrxsr8yLmAdQFIN5CqTMB8GA1UdIwQY
MBaAFAfTwMEVMow9KMD1chsAmCss1CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlQQXdSVXlqRDBvd1BWeUd3Q1lLeXpVSVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zNzZmNWEtYzAyNi00YmFlLTg4NDct
MmIxZDQzOWIyMjI3LzEvTkE1Q2ZkVlJhdkd5dnpJdVlCMUFVZzNrS3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zNzZmNWEtYzAyNi00YmFlLTg4NDctMmIxZDQzOWIyMjI3
LzEvQjlQQXdSVXlqRDBvd1BWeUd3Q1lLeXpVSVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwxZ4MA8E
AgACMAkDBwAgAQZ8LwAwDQYJKoZIhvcNAQELBQADggEBAHcqSEZBVZZN1ZEhjvtP
z0uw9BnPeEADNz7mPZf5ZASumIcHQb6YPUiHH2e+0ptAtcFqJMo5CRrZrSfWQS7m
30STSxIwTPf/RDcmm/tYSBpOrhSfiPv2PYvN8xu0qghzO9dkmJFVIdFoMR9EuO+W
sodwjZD79AZlgAyJcc0RLiLKEUuwLAd2gMT4XAnJs7pxWtpC2jJjUj7qyLHk8U94
TUtevqkxD5BgR7cQes+rv29p1jspEXiPGNnjgFXE+mSjSVsUj79CiuTH0y5NnEo1
zpXBkjNi9EoH5Xv85dRMf70EiQt+WO6R1KcwOecZqfZaukWCLYYXvP/r4s6kJkas
lXM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:32 2025 by rpki-client