Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nAGrud1f1-IY8VpGruKJ9k74xNY.roa
File: nAGrud1f1-IY8VpGruKJ9k74xNY.roa (raw, json)
Hash identifier: tAAyN4pNBccF2AmL5poHQIbPLoHslmDvLSrPaKsqW/E=
Subject key identifier: 9C:01:AB:B9:DD:5F:D7:E2:18:F1:5A:46:AE:E2:89:F6:4E:F8:C4:D6
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018C58BDD9D914674D5FDF8CD78AA036969F
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nAGrud1f1-IY8VpGruKJ9k74xNY.roa
Signing time: Mon 11 Dec 2023 11:58:06 +0000
ROA not before: Mon 11 Dec 2023 11:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 85.92.108.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:bd:d9:d9:14:67:4d:5f:df:8c:d7:8a:a0:36:96:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 11 11:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c01abb9dd5fd7e218f15a46aee289f64ef8c4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:fa:c4:c2:5d:e7:5d:ac:3a:fa:2e:1c:dd:12:
e4:5c:88:fa:c0:54:4b:4b:c4:7d:35:cb:f0:35:ed:
66:45:8d:e1:a6:a6:15:b5:0e:fe:1c:c3:1b:45:61:
8e:29:86:0d:82:ce:8e:1b:1e:bb:e1:58:89:bf:60:
b5:d0:5f:14:1c:8c:d6:5b:ed:e2:95:da:9c:01:d4:
08:64:61:9a:a5:e7:c0:b7:53:12:d1:25:db:12:00:
fa:54:3e:09:08:ba:4c:c5:8b:6e:2f:80:c2:fe:00:
aa:1c:c7:d0:64:39:a0:be:86:6c:07:51:3d:2d:98:
4e:e6:d3:a5:0e:81:73:cd:bb:56:a8:85:79:87:b6:
84:cc:2d:0c:9c:0c:a8:92:46:77:6a:bf:72:c1:f0:
7e:f7:0a:a9:1f:59:52:87:d5:76:d7:d2:71:d6:c0:
a3:2f:48:cc:bd:8c:14:52:ad:7d:ff:72:99:f6:d0:
02:23:27:5c:5c:21:7b:41:62:d0:4e:03:8d:52:1a:
db:4f:31:26:0a:2b:54:2a:18:d5:7b:e2:3a:4f:4c:
ed:e2:b9:62:34:2c:4c:98:f3:42:18:41:1a:7e:a0:
af:8a:2c:e9:d6:92:f1:cb:f3:ca:1e:58:c0:e8:55:
d1:e1:8c:5a:fb:48:3f:8e:96:16:68:5f:8a:5c:8c:
ae:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:01:AB:B9:DD:5F:D7:E2:18:F1:5A:46:AE:E2:89:F6:4E:F8:C4:D6
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nAGrud1f1-IY8VpGruKJ9k74xNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.85.0/24
46.19.68.0/23
85.92.108.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:45:f3:af:89:8e:20:a5:b7:04:38:db:be:51:2f:fb:19:fb:
b1:06:63:57:2a:da:a6:9f:02:3f:2a:d8:3c:3b:77:d0:1e:4b:
ed:b0:42:a3:81:09:3d:63:74:de:bb:de:12:3a:1d:9d:c0:7b:
66:89:d2:4c:80:3c:4f:6e:db:78:e7:ec:03:c6:f0:44:34:20:
3e:32:41:ab:07:f9:31:12:4b:3f:49:03:e0:0a:a0:15:fb:03:
21:e3:32:02:f8:97:e3:5a:b9:37:af:ba:d1:35:5b:75:8f:12:
a2:3b:8f:dc:13:be:6a:09:72:b1:89:ca:48:7f:b9:95:0c:24:
39:2e:0b:3e:56:41:e2:f6:71:a5:05:77:c1:43:1c:86:50:bc:
f4:3e:f1:51:84:39:fa:53:87:e0:d5:42:29:b0:73:f6:1c:83:
0f:7c:21:ad:a2:1f:35:d6:b9:f7:e6:42:7c:ce:b2:81:fc:77:
42:8d:04:75:a5:31:bd:06:bf:26:bf:3a:95:a7:81:d0:1b:00:
23:89:22:6e:7e:00:c8:75:76:36:58:20:0f:be:63:d5:79:ca:
7d:be:cc:4f:e1:f0:97:0c:fe:e4:e0:ec:e3:50:dc:ee:38:5f:
56:30:e8:e4:da:fd:7b:6b:da:c8:c3:b7:32:66:07:88:b4:22:
e9:5e:2d:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxYvdnZFGdNX9+M14qgNpafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMxMjExMTE1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAxYWJiOWRkNWZkN2UyMThmMTVhNDZhZWUyODlmNjRlZjhjNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vrEwl3nXaw6+i4c3RLkXIj6wFRL
S8R9NcvwNe1mRY3hpqYVtQ7+HMMbRWGOKYYNgs6OGx674ViJv2C10F8UHIzWW+3i
ldqcAdQIZGGapefAt1MS0SXbEgD6VD4JCLpMxYtuL4DC/gCqHMfQZDmgvoZsB1E9
LZhO5tOlDoFzzbtWqIV5h7aEzC0MnAyokkZ3ar9ywfB+9wqpH1lSh9V219Jx1sCj
L0jMvYwUUq19/3KZ9tACIydcXCF7QWLQTgONUhrbTzEmCitUKhjVe+I6T0zt4rli
NCxMmPNCGEEafqCviizp1pLxy/PKHljA6FXR4Yxa+0g/jpYWaF+KXIyuwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwBq7ndX9fiGPFaRq7iifZO+MTWMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbkFHcnVkMWYxLUlZOFZwR3J1S0o5azc0eE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJdxVAwQB
LhNEAwQAVVxsMA0GCSqGSIb3DQEBCwUAA4IBAQAcRfOviY4gpbcEONu+US/7Gfux
BmNXKtqmnwI/Ktg8O3fQHkvtsEKjgQk9Y3Teu94SOh2dwHtmidJMgDxPbtt45+wD
xvBENCA+MkGrB/kxEks/SQPgCqAV+wMh4zIC+JfjWrk3r7rRNVt1jxKiO4/cE75q
CXKxicpIf7mVDCQ5Lgs+VkHi9nGlBXfBQxyGULz0PvFRhDn6U4fg1UIpsHP2HIMP
fCGtoh811rn35kJ8zrKB/HdCjQR1pTG9Br8mvzqVp4HQGwAjiSJufgDIdXY2WCAP
vmPVecp9vsxP4fCXDP7k4OzjUNzuOF9WMOjk2v17a9rIw7cyZgeItCLpXi1+
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:36 2024 by rpki-client on console-ams.rpki-client.org