Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/NtgtyvjuqjJne4ijRVtfJj_T9DQ.roa
File: NtgtyvjuqjJne4ijRVtfJj_T9DQ.roa (raw, json)
Hash identifier: gU4/Jc/PUbpAxzyAXnNw7ukyl2kAVeU1rReIUmtweMg=
Subject key identifier: 36:D8:2D:CA:F8:EE:AA:32:67:7B:88:A3:45:5B:5F:26:3F:D3:F4:34
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 0188906F650DC73AA855F0CE1454D52BC65B
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/NtgtyvjuqjJne4ijRVtfJj_T9DQ.roa
Signing time: Tue 06 Jun 2023 11:19:59 +0000
ROA not before: Tue 06 Jun 2023 11:19:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.56.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:6f:65:0d:c7:3a:a8:55:f0:ce:14:54:d5:2b:c6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jun 6 11:19:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d82dcaf8eeaa32677b88a3455b5f263fd3f434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:d0:80:d4:88:a8:4f:f1:3b:77:b6:fd:63:
05:30:6e:01:ae:f8:c4:44:15:7c:64:9e:6c:e7:d4:
2c:42:8d:2f:ed:c5:3f:4b:e4:e5:d1:dd:9d:a6:e6:
c7:6b:be:98:f4:b1:99:71:97:15:73:f0:b3:5f:32:
19:99:ef:12:2e:2e:b5:20:9a:a0:8e:cb:81:a9:97:
0f:7a:26:df:d8:13:a3:1b:59:98:d2:3d:6b:c4:59:
91:2a:78:b7:83:27:3b:f7:40:01:38:37:ca:af:59:
d2:d1:a7:f2:f6:83:ab:b5:87:2e:e1:3c:06:4e:32:
38:86:a8:30:8d:f4:a2:87:90:f4:31:5a:7f:49:c0:
76:45:e9:dd:e6:36:8b:99:bb:cd:b6:a0:60:82:a4:
83:80:8e:1d:b7:64:6a:21:56:81:ef:98:db:ad:a6:
6c:50:0c:45:47:85:5f:a1:fc:d9:2a:89:6c:d0:78:
f8:3c:b1:d3:35:6f:68:49:fe:72:7d:2f:a2:5a:ca:
40:f5:6a:ed:b6:80:67:0c:d3:88:38:bb:de:a0:63:
15:53:47:1c:70:ff:06:c1:bb:c4:4d:09:27:30:99:
3e:28:6a:b9:bf:9d:1c:20:f9:b0:81:fc:99:a5:e0:
9a:51:3e:ec:31:92:09:ed:ea:9f:26:55:a8:2a:83:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:2D:CA:F8:EE:AA:32:67:7B:88:A3:45:5B:5F:26:3F:D3:F4:34
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/NtgtyvjuqjJne4ijRVtfJj_T9DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.56.0/22
185.143.140.0/22
185.174.212.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:22:3c:68:98:a5:56:51:db:95:b6:d1:28:13:4c:fc:1a:1d:
4d:48:af:81:60:2b:3e:07:92:d0:c0:46:5b:2c:b7:e5:6e:2e:
0f:0b:69:7c:53:66:93:d9:bb:b9:0f:c6:84:a3:c6:89:8d:8a:
fd:61:ee:69:e5:e3:7f:74:a1:c5:b1:41:fd:7a:84:af:61:bf:
04:54:eb:ba:56:8e:36:93:10:b6:d5:9a:30:79:94:2b:67:4a:
e6:c0:f1:95:b1:33:de:0d:2b:2d:ef:de:49:21:6b:9f:c7:fb:
3c:9d:06:12:01:c7:55:ca:de:13:7a:6b:e4:a5:90:76:62:8c:
de:38:dd:8e:21:f5:8d:5d:4d:d9:9c:e7:d8:cd:9a:1b:19:cd:
80:62:03:e3:e2:97:84:9c:a2:61:1b:50:52:4d:93:ac:3f:2e:
3f:b6:be:39:47:5a:c7:b7:4e:2f:6d:ca:98:c9:da:05:60:e2:
4b:54:22:90:7b:11:39:02:99:80:49:14:0b:88:a5:16:5c:99:
92:4b:a4:78:1c:23:94:7f:79:f4:d8:07:61:b3:47:dc:27:9b:
7a:ff:b7:f3:73:6b:14:b2:70:a0:57:75:63:2e:ff:83:0e:87:
0a:a0:7b:0d:ff:e6:d5:5d:f5:99:83:c9:91:e6:a3:8e:12:1c:
fb:19:f2:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiQb2UNxzqoVfDOFFTVK8ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjMwNjA2MTExOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4MmRjYWY4ZWVhYTMyNjc3Yjg4YTM0NTViNWYyNjNmZDNmNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ3QgNSIqE/xO3e2/WMFMG4BrvjE
RBV8ZJ5s59QsQo0v7cU/S+Tl0d2dpubHa76Y9LGZcZcVc/CzXzIZme8SLi61IJqg
jsuBqZcPeibf2BOjG1mY0j1rxFmRKni3gyc790ABODfKr1nS0afy9oOrtYcu4TwG
TjI4hqgwjfSih5D0MVp/ScB2Rend5jaLmbvNtqBggqSDgI4dt2RqIVaB75jbraZs
UAxFR4VfofzZKols0Hj4PLHTNW9oSf5yfS+iWspA9WrttoBnDNOIOLveoGMVU0cc
cP8GwbvETQknMJk+KGq5v50cIPmwgfyZpeCaUT7sMZIJ7eqfJlWoKoPX+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDbYLcr47qoyZ3uIo0VbXyY/0/Q0MB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvTnRndHl2anVxakpuZTRpalJWdGZKal9UOURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYk4AwQC
uY+MAwQBua7UMA0GCSqGSIb3DQEBCwUAA4IBAQC1IjxomKVWUduVttEoE0z8Gh1N
SK+BYCs+B5LQwEZbLLflbi4PC2l8U2aT2bu5D8aEo8aJjYr9Ye5p5eN/dKHFsUH9
eoSvYb8EVOu6Vo42kxC21ZoweZQrZ0rmwPGVsTPeDSst795JIWufx/s8nQYSAcdV
yt4TemvkpZB2YozeON2OIfWNXU3ZnOfYzZobGc2AYgPj4peEnKJhG1BSTZOsPy4/
tr45R1rHt04vbcqYydoFYOJLVCKQexE5ApmASRQLiKUWXJmSS6R4HCOUf3n02Adh
s0fcJ5t6/7fzc2sUsnCgV3VjLv+DDocKoHsN/+bVXfWZg8mR5qOOEhz7GfKW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org