Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa
File: NRfMJOhojXMEJs0IDxawQ8mYLXc.roa (raw, json)
Hash identifier: T34eV3RxudlhLlnPFwiWy+slyejn7ZQcnsBhaB0Milc=
Subject key identifier: 35:17:CC:24:E8:68:8D:73:04:26:CD:08:0F:16:B0:43:C9:98:2D:77
Certificate issuer: /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial: 01856D2F54B576528AA324B3C675FE810E6B
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa
Signing time: Sun 01 Jan 2023 11:54:56 +0000
ROA not before: Sun 01 Jan 2023 11:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201199
IP address blocks: 185.82.103.0/24 maxlen: 24
185.82.102.0/24 maxlen: 24
185.82.101.0/24 maxlen: 24
185.82.100.0/24 maxlen: 24
185.82.100.0/22 maxlen: 22
2a05:8f00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:54:b5:76:52:8a:a3:24:b3:c6:75:fe:81:0e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Validity
Not Before: Jan 1 11:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3517cc24e8688d730426cd080f16b043c9982d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ef:6f:6a:3c:fe:bf:6a:4f:9f:de:93:e6:3a:
e9:54:91:d1:48:df:59:b5:69:6a:4f:b2:1d:23:16:
ee:b2:0a:c7:62:66:b5:af:6f:3f:cd:62:f8:ca:41:
6f:8e:bc:de:f5:b7:a7:c8:e5:5f:a3:e5:42:f8:d5:
80:f9:46:ef:df:5c:b3:32:48:00:69:b2:1d:18:e1:
82:71:1f:37:3b:78:d1:24:97:20:3d:82:6b:92:46:
1b:68:ef:b3:d7:10:bf:6a:79:04:89:5e:c9:fe:0f:
25:85:56:ae:5f:18:f4:68:4b:16:2b:46:1c:49:e2:
5b:07:f3:49:d9:2f:1d:09:d4:2d:f4:f3:12:be:30:
ae:ca:ac:b3:20:1c:79:54:14:31:43:9e:9b:19:97:
a1:85:26:63:5c:82:7c:52:d6:bc:ca:99:16:8a:86:
0a:70:92:a1:a3:7a:97:bd:87:2a:a1:52:0c:27:7f:
96:5f:03:90:15:df:d7:16:a5:79:c2:ab:22:7b:9f:
77:12:30:40:46:1a:97:fb:34:f9:21:37:63:7b:3a:
f8:17:ef:24:e0:f1:08:a2:4b:14:86:cb:6d:a9:e6:
d7:d0:82:74:99:fd:54:67:b0:6f:78:96:f7:2f:19:
82:af:12:7a:46:76:15:5c:b5:71:a2:4a:02:a5:1b:
c7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:17:CC:24:E8:68:8D:73:04:26:CD:08:0F:16:B0:43:C9:98:2D:77
X509v3 Authority Key Identifier:
keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.100.0/22
IPv6:
2a05:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
3e:fd:89:5c:89:fc:d9:07:c8:b2:18:e9:db:53:93:c6:a1:12:
e7:46:5f:e9:f7:50:40:f4:a4:aa:dc:18:55:8b:d7:84:6a:1b:
ae:52:7f:85:da:17:2c:f0:e9:5e:8c:2f:2b:42:ee:54:1e:b5:
54:ca:7a:2e:80:3f:7f:b8:fe:fe:2e:0a:d1:ef:8d:7a:1d:87:
c4:2a:41:af:f7:f3:63:6d:54:d6:71:ed:dd:9b:1c:16:06:ae:
20:d5:72:45:c5:51:64:92:2e:d9:73:0a:f6:cb:d5:f7:3d:d8:
fb:eb:d9:dc:82:1a:3d:af:3a:b9:90:1d:1d:ac:9c:02:0a:09:
02:05:e5:0c:a3:9b:4d:45:7a:be:e0:a4:0b:62:ea:2c:54:01:
58:c4:4c:e9:3a:ce:62:af:f5:b5:c9:49:ed:97:e0:bc:92:60:
ae:69:cc:ab:d3:cc:f2:7b:e2:f1:64:e4:55:57:61:f1:b7:d4:
63:ee:7f:45:43:52:96:3b:66:13:6a:95:6b:bb:d9:0b:08:4a:
4d:02:54:3f:9b:fa:44:f0:78:1e:e5:4b:a9:9d:c4:7f:2a:1f:
64:03:23:a8:b4:42:4d:e7:fe:08:bd:75:f0:02:da:f1:c6:a1:
1c:03:cd:2a:09:f6:77:27:0c:2e:53:45:6c:17:35:2e:db:28:
bc:f1:b8:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtL1S1dlKKoySzxnX+gQ5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjMwMTAxMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE3Y2MyNGU4Njg4ZDczMDQyNmNkMDgwZjE2YjA0M2M5OTgyZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+9vajz+v2pPn96T5jrpVJHRSN9Z
tWlqT7IdIxbusgrHYma1r28/zWL4ykFvjrze9benyOVfo+VC+NWA+Ubv31yzMkgA
abIdGOGCcR83O3jRJJcgPYJrkkYbaO+z1xC/ankEiV7J/g8lhVauXxj0aEsWK0Yc
SeJbB/NJ2S8dCdQt9PMSvjCuyqyzIBx5VBQxQ56bGZehhSZjXIJ8Uta8ypkWioYK
cJKho3qXvYcqoVIMJ3+WXwOQFd/XFqV5wqsie593EjBARhqX+zT5ITdjezr4F+8k
4PEIoksUhsttqebX0IJ0mf1UZ7BveJb3LxmCrxJ6RnYVXLVxokoCpRvH7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDUXzCToaI1zBCbNCA8WsEPJmC13MB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvTlJmTUpPaG9qWE1FSnMwSUR4YXdROG1ZTFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJkMA0E
AgACMAcDBQMqBY8AMA0GCSqGSIb3DQEBCwUAA4IBAQA+/YlcifzZB8iyGOnbU5PG
oRLnRl/p91BA9KSq3BhVi9eEahuuUn+F2hcs8OlejC8rQu5UHrVUynougD9/uP7+
LgrR7416HYfEKkGv9/NjbVTWce3dmxwWBq4g1XJFxVFkki7Zcwr2y9X3Pdj769nc
gho9rzq5kB0drJwCCgkCBeUMo5tNRXq+4KQLYuosVAFYxEzpOs5ir/W1yUntl+C8
kmCuacyr08zye+LxZORVV2Hxt9Rj7n9FQ1KWO2YTapVru9kLCEpNAlQ/m/pE8Hge
5UupncR/Kh9kAyOotEJN5/4IvXXwAtrxxqEcA80qCfZ3JwwuU0VsFzUu2yi88biz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:50 2023 by rpki-client on console-fra.rpki-client.org