Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nzVdsYqfbtiUt6_5ZlWxfeXiOEE.roa
File: nzVdsYqfbtiUt6_5ZlWxfeXiOEE.roa (raw, json)
Hash identifier: xqUQEkRXckW3HygK9AvYZBh0G30oSzlMV34ec23S6hQ=
Subject key identifier: 9F:35:5D:B1:8A:9F:6E:D8:94:B7:AF:F9:66:55:B1:7D:E5:E2:38:41
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0185C65248211D99DB2D192CC338D26ED1AF
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nzVdsYqfbtiUt6_5ZlWxfeXiOEE.roa
Signing time: Wed 18 Jan 2023 19:19:19 +0000
ROA not before: Wed 18 Jan 2023 19:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 89.40.166.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.47.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c6:52:48:21:1d:99:db:2d:19:2c:c3:38:d2:6e:d1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 18 19:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f355db18a9f6ed894b7aff96655b17de5e23841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:5e:ae:d0:19:60:05:21:c3:48:8d:62:de:
0c:c6:8c:35:ff:1c:10:b4:4a:65:dc:4c:ea:66:f7:
f6:e9:e2:25:65:6e:d8:69:fc:78:ea:fc:06:c2:7f:
9a:59:e3:49:55:51:48:fb:e2:63:8b:88:84:41:09:
a0:d4:5b:d2:c5:ba:72:f0:32:34:65:a8:84:26:45:
26:ca:57:5c:62:7b:84:4d:aa:1e:b5:d3:97:37:1c:
08:fb:7e:87:73:2b:c4:bb:e8:e6:b6:4c:1e:eb:25:
61:20:16:9e:cc:ea:6a:a1:4e:82:75:ad:e7:cc:f9:
9b:8d:d7:de:9f:4e:c9:4f:12:8f:78:ac:43:45:ff:
e5:3e:df:90:87:aa:eb:fe:a1:aa:59:dd:7d:df:a5:
19:fd:71:7c:78:8f:0c:41:1c:51:17:f0:8b:41:87:
c2:20:df:27:bf:00:c2:02:7e:c9:e6:16:49:c2:f3:
9c:66:a5:b7:5f:00:55:bf:f0:20:32:6b:05:29:05:
0e:40:5b:d3:79:95:a3:14:4d:10:ae:c9:1d:31:c1:
f0:27:9b:c6:f1:d4:b4:39:8c:14:b4:91:73:b5:53:
57:fc:52:e3:37:da:46:1c:cd:6c:09:a1:57:da:f3:
40:35:2d:1a:19:4a:56:17:1a:57:90:d8:42:fa:4c:
47:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:35:5D:B1:8A:9F:6E:D8:94:B7:AF:F9:66:55:B1:7D:E5:E2:38:41
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nzVdsYqfbtiUt6_5ZlWxfeXiOEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.20.0/24
89.40.166.0/24
89.47.249.0/24
94.177.113.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:58:de:58:1e:35:7e:f1:4b:e9:71:36:da:d9:52:71:35:78:
a5:85:fc:0f:5e:3e:52:80:bb:27:95:11:03:da:3b:38:c2:84:
d8:76:26:9c:50:89:13:d7:8d:89:31:a3:68:de:53:91:c7:6a:
c6:14:4c:ab:43:7a:6b:54:c3:f3:5b:cf:c0:2d:9a:49:6c:97:
c3:46:32:c0:45:e6:91:2d:6d:c0:6d:d0:07:1f:bf:ba:ee:19:
1e:fd:ba:a0:fd:86:07:52:42:52:48:35:f8:b0:da:25:07:a0:
28:f2:58:4d:79:40:c3:d3:ab:67:66:b2:9f:a0:d2:bd:8b:66:
fe:b5:c7:80:c9:ab:77:f1:b3:5b:9c:9e:3c:ed:53:a5:e2:1b:
c4:2a:92:f5:bb:0e:63:0b:71:a7:f7:e2:eb:0d:71:ac:02:b8:
2f:49:7f:ac:3b:17:1a:ce:49:b9:2f:4c:0c:19:55:ff:9d:9a:
e6:d8:79:77:b8:a7:bd:14:2d:44:b2:10:4b:25:4a:42:a0:d0:
f0:fe:ce:91:4f:d5:bf:2f:61:df:ec:03:f4:58:65:53:ea:7f:
92:49:53:a3:dd:c1:65:e5:77:f1:48:23:20:0f:a3:05:30:79:
30:c6:cd:28:4a:2a:cc:1a:d9:a3:2f:b2:e8:ab:fc:dd:e4:ef:
92:25:6b:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXGUkghHZnbLRkswzjSbtGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTE4MTkxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM1NWRiMThhOWY2ZWQ4OTRiN2FmZjk2NjU1YjE3ZGU1ZTIzODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM1ertAZYAUhw0iNYt4Mxow1/xwQ
tEpl3EzqZvf26eIlZW7Yafx46vwGwn+aWeNJVVFI++Jji4iEQQmg1FvSxbpy8DI0
ZaiEJkUmyldcYnuETaoetdOXNxwI+36HcyvEu+jmtkwe6yVhIBaezOpqoU6Cda3n
zPmbjdfen07JTxKPeKxDRf/lPt+Qh6rr/qGqWd1936UZ/XF8eI8MQRxRF/CLQYfC
IN8nvwDCAn7J5hZJwvOcZqW3XwBVv/AgMmsFKQUOQFvTeZWjFE0QrskdMcHwJ5vG
8dS0OYwUtJFztVNX/FLjN9pGHM1sCaFX2vNANS0aGUpWFxpXkNhC+kxHCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ81XbGKn27YlLev+WZVsX3l4jhBMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbnpWZHNZcWZidGlVdDZfNVpsV3hmZVhpT0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVPcUAwQA
WSimAwQAWS/5AwQAXrFxMA0GCSqGSIb3DQEBCwUAA4IBAQBLWN5YHjV+8UvpcTba
2VJxNXilhfwPXj5SgLsnlRED2js4woTYdiacUIkT142JMaNo3lORx2rGFEyrQ3pr
VMPzW8/ALZpJbJfDRjLAReaRLW3AbdAHH7+67hke/bqg/YYHUkJSSDX4sNolB6Ao
8lhNeUDD06tnZrKfoNK9i2b+tceAyat38bNbnJ487VOl4hvEKpL1uw5jC3Gn9+Lr
DXGsArgvSX+sOxcazkm5L0wMGVX/nZrm2Hl3uKe9FC1EshBLJUpCoNDw/s6RT9W/
L2Hf7AP0WGVT6n+SSVOj3cFl5XfxSCMgD6MFMHkwxs0oSirMGtmjL7Loq/zd5O+S
JWtv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org