Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NKIk1NxzDnVJNyxZZnlQ6aoea5w.roa
File: NKIk1NxzDnVJNyxZZnlQ6aoea5w.roa (raw, json)
Hash identifier: 8ioKILjnP1mddYDhh7wGY5vHK4GZK4geTpjtEZ8KT/Y=
Subject key identifier: 34:A2:24:D4:DC:73:0E:75:49:37:2C:59:66:79:50:E9:AA:1E:6B:9C
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01888A3CFA8726CD4DC15D112C7CF073BE36
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NKIk1NxzDnVJNyxZZnlQ6aoea5w.roa
Signing time: Mon 05 Jun 2023 06:27:11 +0000
ROA not before: Mon 05 Jun 2023 06:27:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 09:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:3c:fa:87:26:cd:4d:c1:5d:11:2c:7c:f0:73:be:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 5 06:27:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a224d4dc730e7549372c59667950e9aa1e6b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:23:ba:00:bc:2f:12:0d:e6:ec:64:67:0b:38:
54:40:6a:0d:e4:21:51:2c:e5:d8:94:e7:f2:c8:01:
46:88:73:d0:fc:aa:42:16:80:6e:e0:a6:59:da:86:
25:62:2e:48:64:2d:61:21:cc:7c:0e:42:79:44:30:
c0:97:89:23:c4:3e:f8:64:93:52:7f:b2:e5:ee:c1:
45:cd:6b:4f:eb:e8:09:4d:5f:f2:0e:b9:f1:47:12:
bb:4d:aa:d8:ab:39:cf:92:ba:ae:df:43:c2:b4:a5:
a1:16:4f:40:1b:e1:47:b9:20:86:7b:a7:76:3d:89:
fb:fa:b5:d6:fb:52:cd:1c:b5:60:8a:f5:40:72:41:
09:bd:77:aa:48:21:2d:7b:19:e3:4e:37:64:38:2d:
b3:a1:1f:fc:9b:cb:3f:29:d8:2e:3b:ec:ba:09:db:
ad:42:91:46:33:b5:26:59:c1:17:f0:96:ee:35:c9:
1e:8f:27:ae:fe:f3:48:ec:52:0c:c7:33:94:4f:8b:
2f:5c:27:ac:e1:bb:09:6f:3a:9d:00:04:97:37:de:
1a:65:2e:76:66:0c:82:d1:c8:86:2e:62:ff:19:19:
e9:53:7f:73:77:8b:45:d9:b3:98:f3:b5:35:cf:9d:
66:7f:dc:78:0d:1a:cf:15:84:e7:43:10:bb:1a:b8:
29:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A2:24:D4:DC:73:0E:75:49:37:2C:59:66:79:50:E9:AA:1E:6B:9C
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NKIk1NxzDnVJNyxZZnlQ6aoea5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
d1:4a:b8:f5:1a:a8:97:ed:36:72:c2:24:57:79:9e:08:3f:14:
ce:6c:4b:88:c5:66:e9:f4:ef:05:dc:2a:a4:b4:f4:fa:7a:7a:
be:b5:dd:aa:be:da:38:7c:0e:a7:29:bc:cc:cd:77:40:f4:a2:
a2:98:0d:40:1e:77:d5:64:3f:9d:59:db:fe:79:b6:f7:a9:fb:
26:1d:0f:8a:d0:97:fb:ba:e4:1a:74:44:ee:ea:04:d2:36:6b:
14:87:35:b0:f9:4e:82:98:72:83:11:0f:b6:75:a3:84:25:ad:
b8:90:f9:4f:cc:af:27:45:43:49:79:93:a8:c6:0d:4a:d7:d4:
a9:44:d2:7e:69:f6:a8:fc:44:3d:de:ca:ba:d3:e1:24:44:cc:
21:23:97:e2:fa:9d:c6:d7:f2:62:4b:01:e0:94:ab:0a:f2:5a:
db:f9:5f:d0:71:90:b4:3c:05:02:65:30:e6:30:82:1a:f0:f3:
81:db:87:37:9e:fc:1e:a4:c4:2e:4a:d4:f3:5b:5e:1f:08:89:
af:87:43:d2:a9:50:ba:9e:e3:9b:3e:6f:e9:d7:ad:3f:e6:7f:
bc:2b:59:ba:64:9a:89:cf:6e:6c:04:4b:01:04:41:0c:ad:5f:
bf:e5:89:61:ab:38:48:00:c8:72:f1:3d:b5:7e:31:1e:bd:6a:
4e:14:b1:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiKPPqHJs1NwV0RLHzwc742MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNjA1MDYyNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGEyMjRkNGRjNzMwZTc1NDkzNzJjNTk2Njc5NTBlOWFhMWU2YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCO6ALwvEg3m7GRnCzhUQGoN5CFR
LOXYlOfyyAFGiHPQ/KpCFoBu4KZZ2oYlYi5IZC1hIcx8DkJ5RDDAl4kjxD74ZJNS
f7Ll7sFFzWtP6+gJTV/yDrnxRxK7TarYqznPkrqu30PCtKWhFk9AG+FHuSCGe6d2
PYn7+rXW+1LNHLVgivVAckEJvXeqSCEtexnjTjdkOC2zoR/8m8s/KdguO+y6Cdut
QpFGM7UmWcEX8JbuNckejyeu/vNI7FIMxzOUT4svXCes4bsJbzqdAASXN94aZS52
ZgyC0ciGLmL/GRnpU39zd4tF2bOY87U1z51mf9x4DRrPFYTnQxC7Grgp5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSiJNTccw51STcsWWZ5UOmqHmucMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvTktJazFOeHpEblZKTnl4WlpubFE2YW9lYTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1ZFIMA0G
CSqGSIb3DQEBCwUAA4IBAQDRSrj1GqiX7TZywiRXeZ4IPxTObEuIxWbp9O8F3Cqk
tPT6enq+td2qvto4fA6nKbzMzXdA9KKimA1AHnfVZD+dWdv+ebb3qfsmHQ+K0Jf7
uuQadETu6gTSNmsUhzWw+U6CmHKDEQ+2daOEJa24kPlPzK8nRUNJeZOoxg1K19Sp
RNJ+afao/EQ93sq60+EkRMwhI5fi+p3G1/JiSwHglKsK8lrb+V/QcZC0PAUCZTDm
MIIa8POB24c3nvwepMQuStTzW14fCImvh0PSqVC6nuObPm/p160/5n+8K1m6ZJqJ
z25sBEsBBEEMrV+/5YlhqzhIAMhy8T21fjEevWpOFLFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org