Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/nAtflykD8UTJRNFa76c2xf9CVyE.roa
File: nAtflykD8UTJRNFa76c2xf9CVyE.roa (raw, json)
Hash identifier: 5OlqMBQ1c/5sJkql4IU77gauzfNVTJoVqe+ZKCEkrJs=
Subject key identifier: 9C:0B:5F:97:29:03:F1:44:C9:44:D1:5A:EF:A7:36:C5:FF:42:57:21
Certificate issuer: /CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Certificate serial: 01856FA6FF07A302F0C15FDF0217A89E0E45
Authority key identifier: B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/nAtflykD8UTJRNFa76c2xf9CVyE.roa
Signing time: Sun 01 Jan 2023 23:24:53 +0000
ROA not before: Sun 01 Jan 2023 23:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 185.156.168.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jan 2023 21:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:ff:07:a3:02:f0:c1:5f:df:02:17:a8:9e:0e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Validity
Not Before: Jan 1 23:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c0b5f972903f144c944d15aefa736c5ff425721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0d:3a:93:75:7a:06:ae:bc:ec:87:15:60:08:
65:3e:e0:3c:27:c9:49:9a:2d:92:3e:50:df:7d:7e:
e6:d4:1b:ee:22:93:98:78:e0:eb:9a:e6:80:84:06:
e8:95:8e:5a:8d:b4:4c:e7:06:25:38:4b:b2:48:34:
d2:c6:40:47:ec:14:45:17:92:16:0b:5f:cc:85:2a:
35:a9:3c:b2:69:c2:e6:31:89:05:9d:0e:cd:94:a1:
38:ad:df:f1:dd:ef:42:ec:b1:9a:be:66:7f:b5:85:
8e:29:a5:15:80:82:88:83:17:6b:74:89:6e:09:11:
4e:9f:42:f6:a4:48:c9:64:12:15:eb:ed:79:10:44:
db:38:f5:f1:7b:fc:3e:0c:99:74:a9:be:f6:40:f2:
59:42:15:4f:6b:93:d1:26:50:34:d0:17:f4:79:4d:
b8:88:64:18:21:41:47:a7:02:aa:bc:be:57:c7:28:
d3:84:72:ea:de:0e:65:e4:4c:89:db:47:ff:2b:be:
62:26:2a:73:10:53:fc:7a:0a:7e:cf:db:26:c6:5e:
90:e8:e2:77:f9:dc:85:58:5f:87:8f:c9:8c:28:aa:
8c:60:14:23:47:d5:ca:74:4d:82:cc:5f:07:73:9e:
fc:63:c8:37:e5:19:e1:e1:7a:7b:1a:85:43:e3:10:
67:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0B:5F:97:29:03:F1:44:C9:44:D1:5A:EF:A7:36:C5:FF:42:57:21
X509v3 Authority Key Identifier:
keyid:B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/nAtflykD8UTJRNFa76c2xf9CVyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/slLdonImonXj55s3TI8mPNLY7NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.168.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:5d:5c:31:ee:ab:3c:bf:45:f5:3b:1e:11:ee:46:a0:65:80:
53:65:29:6d:be:4a:3a:a4:2d:fe:75:a7:6b:60:c3:e5:bc:94:
64:d1:44:e6:f9:5b:79:7d:71:1a:26:37:fd:39:16:a5:7a:a9:
4a:bb:62:07:36:7a:16:fc:9b:76:68:17:f7:d2:e9:c1:67:3b:
bc:b6:cb:c2:97:93:da:4c:d4:00:65:46:62:6e:24:3f:0e:97:
7d:39:87:44:da:56:d2:b3:0f:a8:03:43:18:6b:d7:93:4f:82:
aa:7b:6f:40:2e:5a:d2:a5:d2:64:55:86:7f:cc:33:b5:df:6b:
51:05:07:89:df:a3:e9:3b:cc:78:17:d2:c2:b1:36:a9:81:a2:
bc:87:2a:79:6b:64:11:0f:c3:df:e1:64:8c:15:8d:a0:a5:a7:
cb:ee:8e:7e:10:10:63:ca:c5:38:8b:2c:b4:89:dc:4d:58:a8:
a7:e9:40:01:b2:f9:8f:1e:f9:ea:d4:01:06:12:ba:07:18:17:
fa:f6:f0:2c:0a:74:4f:a7:fc:ce:91:46:05:9d:51:53:b1:39:
81:e0:c2:a8:f3:48:5a:01:46:a9:2e:44:01:f4:a6:27:1d:76:
fd:0a:1a:d8:8d:9f:41:81:36:35:5f:4c:a4:c3:03:c4:5b:56:
79:79:a0:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpv8HowLwwV/fAheong5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNTJkZGEyNzIyNmEyNzVlM2U3OWIzNzRjOGYyNjNjZDJk
OGVjZDEwHhcNMjMwMTAxMjMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBiNWY5NzI5MDNmMTQ0Yzk0NGQxNWFlZmE3MzZjNWZmNDI1NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w06k3V6Bq687IcVYAhlPuA8J8lJ
mi2SPlDffX7m1BvuIpOYeODrmuaAhAbolY5ajbRM5wYlOEuySDTSxkBH7BRFF5IW
C1/MhSo1qTyyacLmMYkFnQ7NlKE4rd/x3e9C7LGavmZ/tYWOKaUVgIKIgxdrdIlu
CRFOn0L2pEjJZBIV6+15EETbOPXxe/w+DJl0qb72QPJZQhVPa5PRJlA00Bf0eU24
iGQYIUFHpwKqvL5XxyjThHLq3g5l5EyJ20f/K75iJipzEFP8egp+z9smxl6Q6OJ3
+dyFWF+Hj8mMKKqMYBQjR9XKdE2CzF8Hc578Y8g35Rnh4Xp7GoVD4xBnAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwLX5cpA/FEyUTRWu+nNsX/QlchMB8GA1UdIwQY
MBaAFLJS3aJyJqJ14+ebN0yPJjzS2OzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2xMZG9uSW1vblhqNTVzM1RJOG1QTkxZN05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDVhMmUtYzI4MS00ZGFiLTgzNzMt
YTE3Nzk5MDRiMWM1LzEvbkF0Zmx5a0Q4VVRKUk5GYTc2YzJ4ZjlDVnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDVhMmUtYzI4MS00ZGFiLTgzNzMtYTE3Nzk5MDRiMWM1
LzEvc2xMZG9uSW1vblhqNTVzM1RJOG1QTkxZN05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZyoMA0G
CSqGSIb3DQEBCwUAA4IBAQC4XVwx7qs8v0X1Ox4R7kagZYBTZSltvko6pC3+dadr
YMPlvJRk0UTm+Vt5fXEaJjf9ORaleqlKu2IHNnoW/Jt2aBf30unBZzu8tsvCl5Pa
TNQAZUZibiQ/Dpd9OYdE2lbSsw+oA0MYa9eTT4Kqe29ALlrSpdJkVYZ/zDO132tR
BQeJ36PpO8x4F9LCsTapgaK8hyp5a2QRD8Pf4WSMFY2gpafL7o5+EBBjysU4iyy0
idxNWKin6UABsvmPHvnq1AEGEroHGBf69vAsCnRPp/zOkUYFnVFTsTmB4MKo80ha
AUapLkQB9KYnHXb9ChrYjZ9BgTY1X0ykwwPEW1Z5eaC8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:57 2024 by rpki-client on console-ams.rpki-client.org