Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/N9V2b9MB2UtFfr7DV5ZT4tOHlDc.roa
File: N9V2b9MB2UtFfr7DV5ZT4tOHlDc.roa (raw, json)
Hash identifier: tfdymGzsqRBuTIzdwyc54XATnYcYlu/bFvl5of7QFsk=
Subject key identifier: 37:D5:76:6F:D3:01:D9:4B:45:7E:BE:C3:57:96:53:E2:D3:87:94:37
Certificate issuer: /CN=90f76537ff745893e3142fa0984f449b725b8fd3
Certificate serial: 0185711528BAEE86F3F27622DAA3D8FC899B
Authority key identifier: 90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/N9V2b9MB2UtFfr7DV5ZT4tOHlDc.roa
Signing time: Mon 02 Jan 2023 06:04:50 +0000
ROA not before: Mon 02 Jan 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29008
IP address blocks: 194.156.20.0/23 maxlen: 23
213.166.224.0/19 maxlen: 19
2a02:958::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:28:ba:ee:86:f3:f2:76:22:da:a3:d8:fc:89:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f76537ff745893e3142fa0984f449b725b8fd3
Validity
Not Before: Jan 2 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37d5766fd301d94b457ebec3579653e2d3879437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:72:92:5c:b3:e3:82:e3:d8:16:84:e5:90:
f7:de:c2:49:58:03:81:e9:9a:63:e4:dc:66:fc:9d:
fc:9a:45:d4:df:83:dc:36:ff:40:4d:4e:48:42:42:
77:a2:75:44:f4:c4:e2:fb:24:4d:78:93:fe:8e:53:
68:ec:bf:77:a8:0d:a2:b0:a3:c3:14:08:b9:7e:4f:
2a:ee:e8:8a:27:2c:6d:9f:6f:67:1e:03:0e:64:af:
74:3e:a2:4f:33:5f:d5:b3:4b:aa:b4:da:ff:32:9e:
ff:77:df:f0:0e:16:11:8b:5f:c7:cf:7a:a1:63:24:
0c:83:79:03:a6:79:72:48:9e:b4:dc:e6:d2:e6:1b:
4d:6c:db:74:f1:ca:3a:f3:f2:d1:6f:09:74:96:6c:
22:96:59:73:a9:01:72:11:f8:d1:d3:62:ce:3f:53:
15:43:6c:f7:e3:e6:73:8c:76:8d:01:ed:45:42:e6:
da:a2:7a:9f:e7:e7:d2:77:a3:1b:9f:d9:f7:85:57:
b7:b2:06:46:b8:81:97:1b:0d:15:99:50:a2:9a:2c:
5e:c6:e1:41:dc:b6:b9:ae:3f:5a:6f:fd:35:91:fa:
77:14:e7:ac:c0:32:a8:17:47:9c:79:55:21:ec:d5:
8a:bd:81:be:f2:66:3f:b8:9c:c6:af:da:54:31:b0:
05:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D5:76:6F:D3:01:D9:4B:45:7E:BE:C3:57:96:53:E2:D3:87:94:37
X509v3 Authority Key Identifier:
keyid:90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/N9V2b9MB2UtFfr7DV5ZT4tOHlDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/kPdlN_90WJPjFC-gmE9Em3Jbj9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.20.0/23
213.166.224.0/19
IPv6:
2a02:958::/32
Signature Algorithm: sha256WithRSAEncryption
7a:67:5d:29:4e:ca:a9:25:ad:99:be:b3:d7:07:60:ea:a2:97:
4a:7f:a4:41:9a:0a:db:2f:a8:f9:33:83:9a:e7:54:f6:0b:c7:
e6:cb:5d:90:50:9e:fd:a3:36:7e:4a:9d:85:23:64:97:bd:b9:
fd:2c:83:e2:a9:0f:99:43:e4:61:f4:e5:bc:b6:d0:f4:4d:b2:
58:78:ae:d8:b5:90:71:1a:93:25:fa:13:55:5e:c1:ca:07:f2:
be:71:74:13:95:b0:ed:c4:14:65:62:53:48:03:a2:06:fa:cf:
96:c5:0f:6f:24:23:ce:8d:7d:f1:9b:bb:86:a9:c1:45:4b:c6:
d0:9a:3c:c5:52:7c:32:e3:ad:be:fe:18:89:89:db:d1:d8:f5:
a7:2c:2c:cb:84:c2:c9:55:d1:b9:a0:3e:3c:7c:98:9a:de:5f:
00:fe:ba:bc:e5:f2:cf:b0:94:a4:cf:bf:82:44:b8:7c:5f:ba:
2b:db:12:1a:ab:55:21:7e:41:48:9e:df:3b:45:b1:53:21:80:
c2:fa:0b:d3:d4:c3:4e:2c:71:7a:ac:d7:0b:a4:66:46:7f:d2:
5c:cf:78:df:a9:20:54:5c:d4:02:fa:91:c8:10:a1:41:fd:ef:
15:a4:f9:d0:94:26:1a:61:29:d9:d4:ac:81:c1:0b:25:46:cc:
46:8a:c4:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxFSi67obz8nYi2qPY/ImbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjc2NTM3ZmY3NDU4OTNlMzE0MmZhMDk4NGY0NDliNzI1
YjhmZDMwHhcNMjMwMTAyMDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q1NzY2ZmQzMDFkOTRiNDU3ZWJlYzM1Nzk2NTNlMmQzODc5NDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Byklyz44Lj2BaE5ZD33sJJWAOB
6Zpj5Nxm/J38mkXU34PcNv9ATU5IQkJ3onVE9MTi+yRNeJP+jlNo7L93qA2isKPD
FAi5fk8q7uiKJyxtn29nHgMOZK90PqJPM1/Vs0uqtNr/Mp7/d9/wDhYRi1/Hz3qh
YyQMg3kDpnlySJ603ObS5htNbNt08co68/LRbwl0lmwilllzqQFyEfjR02LOP1MV
Q2z34+ZzjHaNAe1FQubaonqf5+fSd6Mbn9n3hVe3sgZGuIGXGw0VmVCimixexuFB
3La5rj9ab/01kfp3FOeswDKoF0eceVUh7NWKvYG+8mY/uJzGr9pUMbAF9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDfVdm/TAdlLRX6+w1eWU+LTh5Q3MB8GA1UdIwQY
MBaAFJD3ZTf/dFiT4xQvoJhPRJtyW4/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BkbE5fOTBXSlBqRkMtZ21FOUVtM0piajlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80Zjc2ODAtODFhYi00YzFmLWEwN2It
N2M2MmQ1YzMxNWJmLzEvTjlWMmI5TUIyVXRGZnI3RFY1WlQ0dE9IbERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80Zjc2ODAtODFhYi00YzFmLWEwN2ItN2M2MmQ1YzMxNWJm
LzEva1BkbE5fOTBXSlBqRkMtZ21FOUVtM0piajlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwpwUAwQF
1abgMA0EAgACMAcDBQAqAglYMA0GCSqGSIb3DQEBCwUAA4IBAQB6Z10pTsqpJa2Z
vrPXB2DqopdKf6RBmgrbL6j5M4Oa51T2C8fmy12QUJ79ozZ+Sp2FI2SXvbn9LIPi
qQ+ZQ+Rh9OW8ttD0TbJYeK7YtZBxGpMl+hNVXsHKB/K+cXQTlbDtxBRlYlNIA6IG
+s+WxQ9vJCPOjX3xm7uGqcFFS8bQmjzFUnwy462+/hiJidvR2PWnLCzLhMLJVdG5
oD48fJia3l8A/rq85fLPsJSkz7+CRLh8X7or2xIaq1UhfkFInt87RbFTIYDC+gvT
1MNOLHF6rNcLpGZGf9Jcz3jfqSBUXNQC+pHIEKFB/e8VpPnQlCYaYSnZ1KyBwQsl
RsxGisQK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org