Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/npS8AgO7cRacD1DUjPdT4XL0y-4.roa
File: npS8AgO7cRacD1DUjPdT4XL0y-4.roa (raw, json)
Hash identifier: zqOFNXT0meKDcLUS5Y0Xg2fsxFe9a5YC2BXSf2pv7J4=
Subject key identifier: 9E:94:BC:02:03:BB:71:16:9C:0F:50:D4:8C:F7:53:E1:72:F4:CB:EE
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018DE5EA391787A0C192C6425875DEAB6D55
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/npS8AgO7cRacD1DUjPdT4XL0y-4.roa
Signing time: Mon 26 Feb 2024 14:55:48 +0000
ROA not before: Mon 26 Feb 2024 14:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42366
IP address blocks: 193.9.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 13:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:ea:39:17:87:a0:c1:92:c6:42:58:75:de:ab:6d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Feb 26 14:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e94bc0203bb71169c0f50d48cf753e172f4cbee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:02:01:32:a5:bf:0a:93:72:83:88:e3:ae:
f7:fb:ad:e8:c6:e3:2e:c3:5e:94:b1:6d:71:6e:38:
da:cb:bc:fa:58:44:23:9a:90:92:fc:11:74:8f:a7:
45:ad:d4:58:45:c3:17:19:7f:58:06:72:f6:1f:49:
e8:51:bf:8d:84:cc:6b:e7:5e:f7:bb:39:0b:4a:26:
bd:18:df:b6:bb:73:6d:c9:8d:e5:5c:c2:69:04:a6:
a9:84:40:34:ac:ec:48:eb:0d:f2:b3:85:4c:0d:db:
4c:33:80:99:95:16:64:ee:e0:8e:31:e3:0d:b8:b4:
26:4e:98:20:3e:f6:9c:e7:65:71:e5:df:a3:d7:95:
cf:f8:d6:8f:65:32:c1:e1:f3:02:f0:21:e3:6f:dc:
d6:54:8b:97:16:3a:62:77:fa:b9:af:82:bc:42:67:
6b:d9:81:23:d8:be:85:c2:69:41:d3:4d:82:b3:13:
55:bd:87:f2:56:93:13:51:5a:72:94:a5:47:c8:70:
67:74:46:26:b3:8f:1e:f8:3d:10:38:d0:8c:d9:67:
c1:5b:47:52:07:ae:b7:91:e4:13:b7:fe:e7:bc:53:
72:de:e4:1f:b4:5e:31:a7:1e:aa:fb:77:6f:50:79:
a7:17:ff:11:ec:94:5a:8d:aa:5b:e3:ca:87:dd:6e:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:94:BC:02:03:BB:71:16:9C:0F:50:D4:8C:F7:53:E1:72:F4:CB:EE
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/npS8AgO7cRacD1DUjPdT4XL0y-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.47.0/24
Signature Algorithm: sha256WithRSAEncryption
31:b3:fd:39:ac:e4:e8:ba:58:c4:7a:84:d8:d3:8e:de:d0:2c:
20:90:57:69:cf:69:91:a5:20:2f:cb:43:67:93:f3:c0:df:cd:
f1:09:30:79:66:1b:a4:08:e7:c5:f3:78:43:bf:78:c3:fe:4f:
88:f1:ad:a2:e5:6c:5c:e8:bd:fd:db:b1:8a:86:e9:f6:14:7f:
e8:f4:f3:ce:e9:2f:05:d3:84:b3:57:19:36:27:45:c0:fc:05:
9a:62:a8:f9:53:69:23:d4:a7:9f:dc:19:d1:bb:77:02:82:ce:
37:c1:53:ea:d4:14:28:5e:8f:80:e6:a3:83:98:6b:bc:90:aa:
fa:06:a4:f8:65:8e:e5:d7:47:88:8c:74:b5:ef:41:fc:2c:6d:
c9:85:47:fa:8b:f8:50:97:81:67:09:35:d8:7b:8a:91:fe:f4:
d0:86:a9:e3:d8:78:14:93:55:93:10:90:c7:7d:92:da:c4:33:
ff:e5:f2:97:ec:f9:b1:2d:9b:c0:cf:85:5d:5b:fb:cb:5a:be:
4d:2f:59:6f:61:50:4e:70:35:3e:e3:10:e4:f1:85:e7:f2:86:
f4:90:3b:e0:c5:be:3e:84:8b:bb:88:a8:97:b0:55:74:f2:42:
b6:af:c2:31:63:fa:bf:da:a2:c0:15:be:29:d9:60:57:f2:4c:
be:c2:09:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3l6jkXh6DBksZCWHXeq21VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMjI2MTQ1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTk0YmMwMjAzYmI3MTE2OWMwZjUwZDQ4Y2Y3NTNlMTcyZjRjYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp0CATKlvwqTcoOI4673+63oxuMu
w16UsW1xbjjay7z6WEQjmpCS/BF0j6dFrdRYRcMXGX9YBnL2H0noUb+NhMxr5173
uzkLSia9GN+2u3NtyY3lXMJpBKaphEA0rOxI6w3ys4VMDdtMM4CZlRZk7uCOMeMN
uLQmTpggPvac52Vx5d+j15XP+NaPZTLB4fMC8CHjb9zWVIuXFjpid/q5r4K8Qmdr
2YEj2L6FwmlB002CsxNVvYfyVpMTUVpylKVHyHBndEYms48e+D0QONCM2WfBW0dS
B663keQTt/7nvFNy3uQftF4xpx6q+3dvUHmnF/8R7JRajapb48qH3W7elQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6UvAIDu3EWnA9Q1Iz3U+Fy9MvuMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvbnBTOEFnTzdjUmFjRDFEVWpQZFQ0WEwweS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkvMA0G
CSqGSIb3DQEBCwUAA4IBAQAxs/05rOTouljEeoTY047e0CwgkFdpz2mRpSAvy0Nn
k/PA383xCTB5ZhukCOfF83hDv3jD/k+I8a2i5Wxc6L3927GKhun2FH/o9PPO6S8F
04SzVxk2J0XA/AWaYqj5U2kj1Kef3BnRu3cCgs43wVPq1BQoXo+A5qODmGu8kKr6
BqT4ZY7l10eIjHS170H8LG3JhUf6i/hQl4FnCTXYe4qR/vTQhqnj2HgUk1WTEJDH
fZLaxDP/5fKX7PmxLZvAz4VdW/vLWr5NL1lvYVBOcDU+4xDk8YXn8ob0kDvgxb4+
hIu7iKiXsFV08kK2r8IxY/q/2qLAFb4p2WBX8ky+wgmH
-----END CERTIFICATE-----
Generated at Mon Mar 4 18:40:36 2024 by rpki-client on console.sobornost.net