Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nihRvgSbiDPutWJWsAtfgubTLyI.roa
File: nihRvgSbiDPutWJWsAtfgubTLyI.roa (raw, json)
Hash identifier: mY2yUXtmxGwTx9nDzBJl6nYnE68qm/jGQjGqi3c0LIU=
Subject key identifier: 9E:28:51:BE:04:9B:88:33:EE:B5:62:56:B0:0B:5F:82:E6:D3:2F:22
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186BFD48243711B55701EA78F3CBB5644A5
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nihRvgSbiDPutWJWsAtfgubTLyI.roa
Signing time: Wed 08 Mar 2023 06:07:00 +0000
ROA not before: Wed 08 Mar 2023 06:07:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.89.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 07:22:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:d4:82:43:71:1b:55:70:1e:a7:8f:3c:bb:56:44:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 8 06:07:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2851be049b8833eeb56256b00b5f82e6d32f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:25:f3:be:82:35:a2:04:ef:00:07:f1:41:4d:
e8:e3:02:38:af:7c:33:cf:31:ac:ff:3d:db:f5:d9:
4f:61:18:9e:fe:a6:00:37:57:8a:98:6a:74:c8:aa:
63:3f:11:23:b1:2a:d9:f7:11:2e:b2:6c:76:d6:dd:
67:8b:13:03:34:6f:40:9c:b1:bc:7f:0b:c7:12:f5:
8d:3e:44:c8:6f:de:e8:0e:04:fd:e8:16:00:c0:e4:
8d:37:75:3b:ae:65:15:3c:85:7a:ab:0b:d2:69:61:
a6:b5:d5:a2:08:ec:d7:25:b4:64:1c:a0:70:c4:ef:
08:40:ee:56:0f:d4:ea:c6:ca:40:d0:9d:ba:20:28:
ce:20:d2:ad:5f:78:1c:95:75:d3:5d:21:d7:46:7a:
03:66:40:1e:39:23:e8:75:6a:4e:3b:db:09:c6:12:
fd:54:a4:36:b3:16:96:88:a7:0f:35:24:4a:b6:69:
c2:50:c6:9f:e4:4c:4d:95:de:0b:a2:44:5f:1c:5e:
c4:13:5a:da:0c:d6:6e:a7:ea:e2:33:39:37:e6:3b:
35:3d:d9:fc:d0:18:76:40:c7:94:95:5e:d3:75:ac:
aa:74:b7:22:04:48:f6:bd:a0:5a:58:ed:17:26:fc:
a4:9f:f0:99:05:96:ec:bf:21:a4:a0:52:2e:aa:64:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:28:51:BE:04:9B:88:33:EE:B5:62:56:B0:0B:5F:82:E6:D3:2F:22
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/nihRvgSbiDPutWJWsAtfgubTLyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.239.0-148.253.241.255
148.253.243.0/24
163.171.89.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a1:7a:8e:3c:c9:92:33:b2:ba:57:fb:dc:49:71:70:ff:e1:
00:b9:2d:d3:e7:70:59:60:d9:2a:fc:51:d2:f7:41:d2:f9:15:
cb:5a:5c:bb:3e:aa:85:20:aa:e5:2d:89:66:fd:76:3f:c9:46:
ff:9a:54:5c:98:bd:ea:c2:b2:94:c3:03:e0:ce:d0:7d:e1:b4:
54:a7:63:20:ba:c3:72:31:a7:7b:32:de:66:e4:13:b7:80:ce:
f2:e0:cf:48:ff:ca:e1:1e:8d:d5:d3:b6:33:05:e9:24:c7:58:
84:4c:89:e7:3f:79:c7:a6:59:e6:68:de:2b:48:10:93:24:73:
34:de:99:79:ba:a7:f4:57:8e:03:00:14:e5:78:c3:cd:24:76:
6f:b9:0c:65:74:e1:00:5f:04:89:82:80:13:61:58:a2:d5:06:
07:07:f0:fc:32:4e:9f:c2:ec:e0:a1:9c:0c:d1:a9:98:87:04:
2d:b5:54:34:e8:c0:d9:31:c1:dd:68:b4:4d:cb:5d:4f:27:6b:
bc:a3:c0:be:22:63:22:b7:17:61:39:46:bf:36:da:a3:89:f3:
98:62:bd:e3:b9:ca:dc:2c:89:dc:be:6e:b1:cf:5c:bb:63:5f:
eb:4c:76:30:9b:b8:79:21:32:bb:c1:3a:91:7e:f1:51:1d:84:
30:61:15:80
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYa/1IJDcRtVcB6njzy7VkSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA4MDYwNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI4NTFiZTA0OWI4ODMzZWViNTYyNTZiMDBiNWY4MmU2ZDMyZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCXzvoI1ogTvAAfxQU3o4wI4r3wz
zzGs/z3b9dlPYRie/qYAN1eKmGp0yKpjPxEjsSrZ9xEusmx21t1nixMDNG9AnLG8
fwvHEvWNPkTIb97oDgT96BYAwOSNN3U7rmUVPIV6qwvSaWGmtdWiCOzXJbRkHKBw
xO8IQO5WD9TqxspA0J26ICjOINKtX3gclXXTXSHXRnoDZkAeOSPodWpOO9sJxhL9
VKQ2sxaWiKcPNSRKtmnCUMaf5ExNld4LokRfHF7EE1raDNZup+riMzk35js1Pdn8
0Bh2QMeUlV7TdayqdLciBEj2vaBaWO0XJvykn/CZBZbsvyGkoFIuqmRE2wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ4oUb4Em4gz7rViVrALX4Lm0y8iMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvbmloUnZnU2JpRFB1dFdKV3NBdGZndWJUTHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACU/e8D
BAGU/fADBACU/fMDBACjq1kDBAC5G+QwDQYJKoZIhvcNAQELBQADggEBABCheo48
yZIzsrpX+9xJcXD/4QC5LdPncFlg2Sr8UdL3QdL5FctaXLs+qoUgquUtiWb9dj/J
Rv+aVFyYverCspTDA+DO0H3htFSnYyC6w3Ixp3sy3mbkE7eAzvLgz0j/yuEejdXT
tjMF6STHWIRMiec/ecemWeZo3itIEJMkczTemXm6p/RXjgMAFOV4w80kdm+5DGV0
4QBfBImCgBNhWKLVBgcH8PwyTp/C7OChnAzRqZiHBC21VDTowNkxwd1otE3LXU8n
a7yjwL4iYyK3F2E5Rr822qOJ85hiveO5ytwsidy+brHPXLtjX+tMdjCbuHkhMrvB
OpF+8VEdhDBhFYA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org