Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/NK1XwWHAj4Q9QfWg3RzrysZdeow.roa
File: NK1XwWHAj4Q9QfWg3RzrysZdeow.roa (raw, json)
Hash identifier: YU7UDwE1Zjhp1mLKE+IXHme8SVRziVLB0bzwlDciAxA=
Subject key identifier: 34:AD:57:C1:61:C0:8F:84:3D:41:F5:A0:DD:1C:EB:CA:C6:5D:7A:8C
Certificate issuer: /CN=de6c6035042cc532516ebc1968f41bfff4b8537e
Certificate serial: 01856D663E049FC4EC16DA10466E8913E793
Authority key identifier: DE:6C:60:35:04:2C:C5:32:51:6E:BC:19:68:F4:1B:FF:F4:B8:53:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mxgNQQsxTJRbrwZaPQb__S4U34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/NK1XwWHAj4Q9QfWg3RzrysZdeow.roa
Signing time: Sun 01 Jan 2023 12:54:55 +0000
ROA not before: Sun 01 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212020
IP address blocks: 185.232.96.0/24 maxlen: 24
2a10:d280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:3e:04:9f:c4:ec:16:da:10:46:6e:89:13:e7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6c6035042cc532516ebc1968f41bfff4b8537e
Validity
Not Before: Jan 1 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34ad57c161c08f843d41f5a0dd1cebcac65d7a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:e4:b9:57:ce:9d:f5:86:cf:31:a2:f1:ad:
b2:b4:2d:c2:38:a0:8f:45:9f:5a:8e:7e:11:1c:6e:
c8:e3:85:b1:77:6d:06:5c:75:3a:43:c8:40:e5:b1:
3d:15:9a:c0:a4:dc:20:1b:7a:60:fd:b7:1a:89:6f:
20:8a:2c:5b:19:7e:c2:a9:5d:24:bf:31:a7:eb:3c:
1e:cf:37:1c:87:16:95:18:76:fa:0d:3e:fe:f5:8e:
b6:06:39:50:f2:87:6b:89:1d:22:bf:5f:d7:99:44:
19:32:4d:c8:06:d7:ef:bb:84:97:88:dd:41:04:dc:
5b:08:59:5a:78:16:eb:01:ae:06:36:22:5a:e9:72:
d5:5f:01:56:79:dd:39:d2:91:aa:66:72:fa:b9:a5:
ba:1a:12:57:a0:9c:2d:a7:7d:e1:24:84:b9:a9:b2:
e9:96:67:16:3b:f0:43:73:46:54:31:d9:83:c6:7b:
98:34:51:87:60:b0:ce:15:fa:65:71:1d:cd:e8:ad:
53:0b:3a:c6:1e:7d:ea:ca:e7:c0:11:0b:25:8c:c6:
d8:92:3a:f6:0f:54:0d:08:de:61:8c:ff:b5:55:47:
00:e7:05:ae:af:51:89:f2:e4:e6:09:80:1a:2a:11:
e6:9f:36:a0:4f:59:ac:b4:a9:87:08:f7:a3:54:d5:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AD:57:C1:61:C0:8F:84:3D:41:F5:A0:DD:1C:EB:CA:C6:5D:7A:8C
X509v3 Authority Key Identifier:
keyid:DE:6C:60:35:04:2C:C5:32:51:6E:BC:19:68:F4:1B:FF:F4:B8:53:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mxgNQQsxTJRbrwZaPQb__S4U34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/NK1XwWHAj4Q9QfWg3RzrysZdeow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/3mxgNQQsxTJRbrwZaPQb__S4U34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.96.0/24
IPv6:
2a10:d280::/29
Signature Algorithm: sha256WithRSAEncryption
44:44:d3:68:6e:9a:20:4e:0d:14:88:46:4b:b6:ac:a4:4b:8c:
73:8c:13:46:22:35:64:be:93:5c:d6:07:f4:cb:9c:2f:78:4e:
87:d5:0a:8b:b0:25:be:57:a6:42:fa:5a:c3:53:24:6b:69:cf:
27:f7:96:7f:ea:25:bf:2f:ef:18:08:19:ae:8a:ee:b9:a3:25:
88:70:3c:a1:38:10:19:8f:9f:17:94:c2:44:9b:36:46:65:98:
03:b7:ca:3b:6c:a3:60:15:88:b0:14:af:dd:19:f0:31:e1:0f:
0d:5d:56:8e:bd:08:5c:fd:cd:62:aa:6f:70:64:25:46:cf:b0:
c3:de:78:27:ab:28:31:34:80:e6:c7:fc:76:d5:a8:82:85:13:
e8:7b:cc:6b:35:3b:36:81:26:6a:af:5b:46:53:cc:65:c8:b4:
36:05:ce:02:c9:e2:f9:1c:4c:7c:74:68:a7:90:ae:02:cf:f4:
c6:d3:3f:37:d4:82:40:0f:d2:ba:6b:67:7d:03:fa:0b:85:c0:
29:97:46:5f:8e:12:18:98:6a:0c:7b:3c:50:09:90:f1:23:52:
91:21:20:47:fd:c5:db:a7:18:88:24:d0:cb:8e:23:d8:58:9a:
a1:55:ca:de:a1:0d:2a:78:90:42:00:13:bb:29:be:db:e1:b8:
3d:e5:c0:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtZj4En8TsFtoQRm6JE+eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNmM2MDM1MDQyY2M1MzI1MTZlYmMxOTY4ZjQxYmZmZjRi
ODUzN2UwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFkNTdjMTYxYzA4Zjg0M2Q0MWY1YTBkZDFjZWJjYWM2NWQ3YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9nkuVfOnfWGzzGi8a2ytC3COKCP
RZ9ajn4RHG7I44Wxd20GXHU6Q8hA5bE9FZrApNwgG3pg/bcaiW8giixbGX7CqV0k
vzGn6zwezzcchxaVGHb6DT7+9Y62BjlQ8odriR0iv1/XmUQZMk3IBtfvu4SXiN1B
BNxbCFlaeBbrAa4GNiJa6XLVXwFWed050pGqZnL6uaW6GhJXoJwtp33hJIS5qbLp
lmcWO/BDc0ZUMdmDxnuYNFGHYLDOFfplcR3N6K1TCzrGHn3qyufAEQsljMbYkjr2
D1QNCN5hjP+1VUcA5wWur1GJ8uTmCYAaKhHmnzagT1mstKmHCPejVNW0vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDStV8FhwI+EPUH1oN0c68rGXXqMMB8GA1UdIwQY
MBaAFN5sYDUELMUyUW68GWj0G//0uFN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM214Z05RUXN4VEpSYnJ3WmFQUWJfX1M0VTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jMmJiNGQtODQ4My00N2NlLWJiMGEt
ZjVmNDkwZDJjMTYzLzEvTksxWHdXSEFqNFE5UWZXZzNSenJ5c1pkZW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jMmJiNGQtODQ4My00N2NlLWJiMGEtZjVmNDkwZDJjMTYz
LzEvM214Z05RUXN4VEpSYnJ3WmFQUWJfX1M0VTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuehgMA0E
AgACMAcDBQMqENKAMA0GCSqGSIb3DQEBCwUAA4IBAQBERNNobpogTg0UiEZLtqyk
S4xzjBNGIjVkvpNc1gf0y5wveE6H1QqLsCW+V6ZC+lrDUyRrac8n95Z/6iW/L+8Y
CBmuiu65oyWIcDyhOBAZj58XlMJEmzZGZZgDt8o7bKNgFYiwFK/dGfAx4Q8NXVaO
vQhc/c1iqm9wZCVGz7DD3ngnqygxNIDmx/x21aiChRPoe8xrNTs2gSZqr1tGU8xl
yLQ2Bc4CyeL5HEx8dGinkK4Cz/TG0z831IJAD9K6a2d9A/oLhcApl0ZfjhIYmGoM
ezxQCZDxI1KRISBH/cXbpxiIJNDLjiPYWJqhVcreoQ0qeJBCABO7Kb7b4bg95cAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:15 2024 by rpki-client on console-fra.rpki-client.org