Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/N_BrHW_JDAekwkLz9mNha6otWuM.roa
File: N_BrHW_JDAekwkLz9mNha6otWuM.roa (raw, json)
Hash identifier: f5tou4zVTSOF0p0BaMw2fy6Fri3exB/mpcpmMFPr95E=
Subject key identifier: 37:F0:6B:1D:6F:C9:0C:07:A4:C2:42:F3:F6:63:61:6B:AA:2D:5A:E3
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 01856BEEB5ECB8CB61903E0FB04C6528AAF7
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/N_BrHW_JDAekwkLz9mNha6otWuM.roa
Signing time: Sun 01 Jan 2023 06:04:44 +0000
ROA not before: Sun 01 Jan 2023 06:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31165
IP address blocks: 81.168.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b5:ec:b8:cb:61:90:3e:0f:b0:4c:65:28:aa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 06:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37f06b1d6fc90c07a4c242f3f663616baa2d5ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:98:f9:8b:67:bb:17:83:c1:11:50:ea:15:ad:
43:8a:57:ad:28:a0:4b:a4:44:3b:fa:89:ef:59:f6:
93:6c:f9:ce:2e:2f:70:f1:e4:dc:7d:f0:6c:2f:97:
c0:29:b3:6d:71:e7:b5:0e:3a:4f:fb:c8:f7:a3:4b:
fa:6e:b6:c1:71:69:db:a7:07:8f:8a:14:40:58:cd:
02:56:67:62:f0:ac:29:89:71:be:43:80:e0:c0:d4:
99:22:1d:30:71:52:0c:b2:98:93:0e:f2:dd:0d:f1:
ff:8f:75:cc:bd:ce:0b:eb:e9:ed:df:8a:e7:9b:d3:
61:86:99:54:6d:ee:48:f3:e3:74:25:85:72:62:fb:
ba:ae:3a:4e:15:2f:da:be:c7:c0:32:6c:b9:6a:0a:
fb:c9:5f:74:ce:dc:f7:76:7b:9b:92:8a:4f:83:c3:
b8:c4:f6:b2:bf:08:e9:99:b1:5d:9c:83:bd:07:67:
ed:e5:3f:57:a7:4e:7c:45:9c:1c:0f:56:af:e6:98:
1a:54:83:03:f4:bc:94:a6:54:8e:e2:4a:e5:71:1f:
33:fc:7c:c7:0d:18:3e:97:70:45:97:bf:d2:f7:50:
41:30:42:8a:09:77:f6:44:08:e7:cb:65:22:cb:08:
e5:c6:f9:20:ac:24:53:89:50:41:03:95:78:77:ec:
b4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F0:6B:1D:6F:C9:0C:07:A4:C2:42:F3:F6:63:61:6B:AA:2D:5A:E3
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/N_BrHW_JDAekwkLz9mNha6otWuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.254.0/24
Signature Algorithm: sha256WithRSAEncryption
67:1d:6f:f7:a3:b1:74:c8:ec:54:d4:b5:52:d8:c0:9e:f0:4f:
65:7a:29:7c:21:1c:df:ed:ac:6e:a9:98:8c:0b:32:f1:3e:de:
b3:d4:13:35:08:8a:b4:a6:94:b1:5b:e6:25:10:07:da:e7:ec:
fe:44:c7:4c:e8:b3:b9:ad:a8:2a:58:e1:2b:90:38:36:24:d1:
70:c1:84:d2:7e:bf:ff:c9:1a:39:b8:5c:51:97:1a:fe:f4:25:
43:28:02:8b:4d:d2:22:6a:81:ec:89:03:96:4e:23:1d:5d:e4:
07:62:fb:69:50:ef:60:4e:8e:4e:b8:d8:8d:cd:94:95:36:b0:
e6:91:b4:8f:4f:a7:24:c4:dd:da:91:05:2f:c6:72:e9:cc:0e:
14:70:1c:db:a1:f6:6f:7d:a6:98:87:5b:af:91:41:9a:f9:e1:
03:11:b8:d3:90:33:1e:67:24:29:0f:c4:cf:fb:12:17:56:6d:
a6:f0:e3:d8:69:37:48:e0:20:68:70:5a:a6:c7:41:d9:8d:9c:
07:0d:13:73:2a:51:76:5c:5d:ac:7b:5f:d3:81:e1:cc:11:6d:
a1:cc:ae:21:69:22:08:01:1c:bf:92:24:bf:eb:44:34:6a:73:
fa:de:b2:54:1e:51:df:a6:5d:f6:92:bc:81:9d:f1:97:18:1d:
8f:e0:45:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7rXsuMthkD4PsExlKKr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2YwNmIxZDZmYzkwYzA3YTRjMjQyZjNmNjYzNjE2YmFhMmQ1YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJj5i2e7F4PBEVDqFa1DiletKKBL
pEQ7+onvWfaTbPnOLi9w8eTcffBsL5fAKbNtcee1DjpP+8j3o0v6brbBcWnbpweP
ihRAWM0CVmdi8KwpiXG+Q4DgwNSZIh0wcVIMspiTDvLdDfH/j3XMvc4L6+nt34rn
m9NhhplUbe5I8+N0JYVyYvu6rjpOFS/avsfAMmy5agr7yV90ztz3dnubkopPg8O4
xPayvwjpmbFdnIO9B2ft5T9Xp058RZwcD1av5pgaVIMD9LyUplSO4krlcR8z/HzH
DRg+l3BFl7/S91BBMEKKCXf2RAjny2UiywjlxvkgrCRTiVBBA5V4d+y0UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfwax1vyQwHpMJC8/ZjYWuqLVrjMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvTl9CckhXX0pEQWVrd2tMejltTmhhNm90V3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaj+MA0G
CSqGSIb3DQEBCwUAA4IBAQBnHW/3o7F0yOxU1LVS2MCe8E9leil8IRzf7axuqZiM
CzLxPt6z1BM1CIq0ppSxW+YlEAfa5+z+RMdM6LO5ragqWOErkDg2JNFwwYTSfr//
yRo5uFxRlxr+9CVDKAKLTdIiaoHsiQOWTiMdXeQHYvtpUO9gTo5OuNiNzZSVNrDm
kbSPT6ckxN3akQUvxnLpzA4UcBzbofZvfaaYh1uvkUGa+eEDEbjTkDMeZyQpD8TP
+xIXVm2m8OPYaTdI4CBocFqmx0HZjZwHDRNzKlF2XF2se1/TgeHMEW2hzK4haSII
ARy/kiS/60Q0anP63rJUHlHfpl32kryBnfGXGB2P4EU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org