Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/nBSGHIWqkngRGeWx_j9tCAhxFyI.roa
File: nBSGHIWqkngRGeWx_j9tCAhxFyI.roa (raw, json)
Hash identifier: Yoz7ix6wGaqQqcqRbtUE54Unwn8C2lswG+2RZ5zrznI=
Subject key identifier: 9C:14:86:1C:85:AA:92:78:11:19:E5:B1:FE:3F:6D:08:08:71:17:22
Certificate issuer: /CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
Certificate serial: 01857139F0E4AF8FABA5C6B75F2C6B1FFFAE
Authority key identifier: 1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/nBSGHIWqkngRGeWx_j9tCAhxFyI.roa
Signing time: Mon 02 Jan 2023 06:45:00 +0000
ROA not before: Mon 02 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206894
IP address blocks: 185.172.216.0/22 maxlen: 22
2a0b:2700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:f0:e4:af:8f:ab:a5:c6:b7:5f:2c:6b:1f:ff:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
Validity
Not Before: Jan 2 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c14861c85aa92781119e5b1fe3f6d0808711722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2a:a1:8a:01:ad:f7:24:be:5b:32:6b:4f:c3:
52:8b:2f:78:15:ea:fb:53:f2:57:a4:99:cb:d2:b6:
4c:6e:78:00:fe:b2:cd:83:78:27:a4:82:c6:d3:e5:
17:90:14:35:46:09:a9:eb:59:0e:32:6c:84:80:f4:
81:35:04:04:5d:c1:ce:ff:c0:12:20:06:b1:4a:ca:
ca:88:4e:66:ba:36:64:0c:48:f0:4c:dd:8f:8a:2f:
9e:af:c0:12:48:80:9e:95:4b:8b:d2:6f:e9:b5:6b:
05:cf:7d:a6:a2:e4:12:c0:c5:cf:70:76:a5:01:33:
73:da:4d:b6:1f:08:da:20:14:b7:1f:eb:fc:fb:23:
da:d9:72:91:e3:b8:7b:89:d7:fd:51:bb:d8:16:4c:
4d:f3:2d:98:fd:84:54:88:16:8f:a9:d2:06:68:33:
59:44:50:66:f3:3d:78:c3:78:94:ea:13:6f:f3:bf:
ad:98:7d:cf:3d:aa:59:67:f9:9a:ae:b7:62:86:01:
17:4a:5a:85:c8:95:20:2e:25:68:8d:55:17:94:80:
7f:0a:1d:9a:6d:7a:c5:a5:fc:81:2e:48:a1:75:49:
6b:4d:0d:7f:f3:91:a0:c6:64:13:9b:50:31:ed:43:
47:ee:45:ca:1f:10:a3:61:3e:99:fe:82:6a:12:a1:
20:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:14:86:1C:85:AA:92:78:11:19:E5:B1:FE:3F:6D:08:08:71:17:22
X509v3 Authority Key Identifier:
keyid:1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/nBSGHIWqkngRGeWx_j9tCAhxFyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.216.0/22
IPv6:
2a0b:2700::/29
Signature Algorithm: sha256WithRSAEncryption
ac:e4:ab:e5:e1:cc:22:a4:1a:88:fe:d3:b7:dc:e3:9e:4b:27:
ac:9d:80:b8:66:d1:96:b2:e4:f2:29:ae:c9:d2:b8:8e:8f:13:
59:7a:74:43:10:95:1f:d4:f6:5e:cc:8e:42:d9:49:fe:24:9e:
c2:77:04:c5:89:5d:c9:05:ab:0d:11:a5:6e:f1:de:a9:5f:ae:
88:6f:e9:d5:23:87:7d:73:a4:09:71:90:a4:4a:97:f3:73:83:
e0:82:de:ce:fa:f6:35:4c:96:6f:56:a9:31:b9:97:3e:c4:6c:
1a:d7:c0:79:06:c0:4b:a9:d4:9b:be:87:1f:83:22:2e:7c:3f:
8d:2c:d1:59:81:d8:9d:b4:6d:b7:5a:df:7d:f3:94:73:a4:61:
08:40:9f:0d:22:5f:55:fe:80:0a:16:15:b1:6e:f1:84:43:6a:
24:93:c6:d9:8d:cd:f3:5f:a6:31:47:3d:2d:f0:72:f4:a7:f7:
58:6d:8a:af:a9:8d:57:ed:91:05:16:8f:44:56:45:99:b3:80:
10:52:b8:85:b3:f2:a0:66:4a:d1:e1:7f:5c:e1:fe:47:0b:cb:
aa:85:93:1a:ad:59:be:f9:d2:10:7b:ab:11:f5:dd:5b:89:6c:
c2:02:bf:6f:e9:91:1b:3d:7c:07:4d:ab:63:82:74:82:9b:f5:
1d:b8:78:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOfDkr4+rpca3XyxrH/+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZmMyYjM2NTE0MTYzZDM4OWVlOGZlMThmOGUyMzQzZmE0
ZGRjOTkwHhcNMjMwMTAyMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE0ODYxYzg1YWE5Mjc4MTExOWU1YjFmZTNmNmQwODA4NzExNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSqhigGt9yS+WzJrT8NSiy94Fer7
U/JXpJnL0rZMbngA/rLNg3gnpILG0+UXkBQ1Rgmp61kOMmyEgPSBNQQEXcHO/8AS
IAaxSsrKiE5mujZkDEjwTN2Pii+er8ASSICelUuL0m/ptWsFz32mouQSwMXPcHal
ATNz2k22HwjaIBS3H+v8+yPa2XKR47h7idf9UbvYFkxN8y2Y/YRUiBaPqdIGaDNZ
RFBm8z14w3iU6hNv87+tmH3PPapZZ/marrdihgEXSlqFyJUgLiVojVUXlIB/Ch2a
bXrFpfyBLkihdUlrTQ1/85GgxmQTm1Ax7UNH7kXKHxCjYT6Z/oJqEqEgEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwUhhyFqpJ4ERnlsf4/bQgIcRciMB8GA1UdIwQY
MBaAFB38KzZRQWPTie6P4Y+OI0P6TdyZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYt
MDFiZWQ4NzgyYzdmLzEvbkJTR0hJV3FrbmdSR2VXeF9qOXRDQWh4RnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYtMDFiZWQ4NzgyYzdm
LzEvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazYMA0E
AgACMAcDBQMqCycAMA0GCSqGSIb3DQEBCwUAA4IBAQCs5Kvl4cwipBqI/tO33OOe
SyesnYC4ZtGWsuTyKa7J0riOjxNZenRDEJUf1PZezI5C2Un+JJ7CdwTFiV3JBasN
EaVu8d6pX66Ib+nVI4d9c6QJcZCkSpfzc4Pggt7O+vY1TJZvVqkxuZc+xGwa18B5
BsBLqdSbvocfgyIufD+NLNFZgdidtG23Wt9985RzpGEIQJ8NIl9V/oAKFhWxbvGE
Q2okk8bZjc3zX6YxRz0t8HL0p/dYbYqvqY1X7ZEFFo9EVkWZs4AQUriFs/KgZkrR
4X9c4f5HC8uqhZMarVm++dIQe6sR9d1biWzCAr9v6ZEbPXwHTatjgnSCm/UduHhQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:24 2024 by rpki-client on console-fra.rpki-client.org