Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/N0HizhGb5fFDAO0bjLPngjpzMWM.roa
File: N0HizhGb5fFDAO0bjLPngjpzMWM.roa (raw, json)
Hash identifier: yhkq1wxowG/mzbyL/Wyth5n/+WTrE7CCdu7B4aBB3Js=
Subject key identifier: 37:41:E2:CE:11:9B:E5:F1:43:00:ED:1B:8C:B3:E7:82:3A:73:31:63
Certificate issuer: /CN=03090fac3cc42f1997455a12e643064637c69dc3
Certificate serial: 01856CEF2653BC0278C1CB0C19B3A9A32079
Authority key identifier: 03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/N0HizhGb5fFDAO0bjLPngjpzMWM.roa
Signing time: Sun 01 Jan 2023 10:44:50 +0000
ROA not before: Sun 01 Jan 2023 10:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34593
IP address blocks: 185.96.112.0/24 maxlen: 24
185.96.114.0/24 maxlen: 24
185.96.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:26:53:bc:02:78:c1:cb:0c:19:b3:a9:a3:20:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03090fac3cc42f1997455a12e643064637c69dc3
Validity
Not Before: Jan 1 10:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3741e2ce119be5f14300ed1b8cb3e7823a733163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0f:ce:6d:27:50:d8:d4:05:45:e7:b2:e2:87:
d2:58:e1:a9:a8:4b:a1:db:d0:f9:0e:9c:bb:35:45:
bd:d1:19:b2:7f:94:84:4c:de:6d:77:e9:71:1a:c2:
94:1a:30:90:cb:01:fd:90:60:5a:89:15:66:ff:ec:
65:0c:fe:c0:39:d7:4a:07:00:c9:ec:23:5a:7e:0c:
22:26:5e:e6:4c:ae:47:4e:5a:ed:06:e4:d8:7f:20:
fd:da:21:b9:b3:e5:cc:8e:c8:45:a2:ad:70:f2:ce:
f0:31:27:f0:06:35:99:f5:13:6f:3c:f8:fb:e0:7f:
fe:ce:62:df:8e:03:49:f3:16:1b:34:04:80:f1:15:
e4:2f:45:ad:4e:0d:98:e6:b8:8d:5d:cb:96:8e:47:
62:9a:38:93:06:6f:1b:3b:c7:46:1f:47:86:87:fc:
ac:63:ca:a5:81:4a:a1:12:de:7c:17:4e:18:dd:56:
6f:c5:7d:18:1d:94:e5:e6:7f:bf:e7:54:d9:64:c0:
3c:a7:4f:03:4d:ac:48:04:28:fd:cc:23:83:a6:92:
fb:64:81:60:1f:09:91:c8:3c:76:e6:88:a8:4d:33:
32:84:a9:f2:63:9d:94:07:47:f4:b4:e6:c8:00:86:
bd:34:33:a4:7a:c2:28:a6:60:69:e0:2f:ac:20:39:
d2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:41:E2:CE:11:9B:E5:F1:43:00:ED:1B:8C:B3:E7:82:3A:73:31:63
X509v3 Authority Key Identifier:
keyid:03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/N0HizhGb5fFDAO0bjLPngjpzMWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/AwkPrDzELxmXRVoS5kMGRjfGncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.112.0-185.96.114.255
Signature Algorithm: sha256WithRSAEncryption
9c:cc:46:d2:0d:8a:a2:0c:41:0a:73:10:59:a8:8c:7c:d1:26:
96:96:e1:41:1a:aa:41:ce:d4:56:ca:96:7b:48:90:32:19:f4:
0d:3b:05:f0:0f:65:fa:34:a5:54:b1:41:13:7c:78:48:35:5b:
21:59:cd:38:b1:d9:fa:7d:51:fc:31:f3:fa:48:48:23:1d:0f:
8b:49:26:1c:9d:40:08:43:17:6d:39:9e:c6:c9:af:3a:4f:40:
be:80:93:10:6c:b9:27:49:5b:b5:ee:fc:16:26:52:df:6e:4e:
8a:f0:1a:42:83:36:9c:1c:a1:44:16:10:62:75:15:2f:ec:fa:
fd:bf:38:e1:10:ac:bd:e2:2d:82:c6:42:a0:36:3b:d1:91:27:
78:d4:64:88:71:b4:c9:c5:0d:16:fa:12:0c:4f:a1:7a:cb:c5:
a2:34:1c:b9:5d:c2:d3:f0:f2:63:3f:19:db:8a:99:c8:58:51:
88:4c:72:29:55:f2:17:66:3f:2a:10:7c:6a:e5:3b:12:33:28:
29:5e:e5:3f:84:12:56:77:45:8d:4d:21:f8:0e:f1:49:4a:7c:
ae:2c:84:db:bb:59:e1:4b:a5:22:c1:fa:14:3b:cf:5c:5c:60:
60:a3:3c:bf:01:d2:06:9c:ac:d4:85:de:7e:cd:b9:fd:9f:60:
b1:bd:6b:15
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVs7yZTvAJ4wcsMGbOpoyB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMDkwZmFjM2NjNDJmMTk5NzQ1NWExMmU2NDMwNjQ2Mzdj
NjlkYzMwHhcNMjMwMTAxMTA0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQxZTJjZTExOWJlNWYxNDMwMGVkMWI4Y2IzZTc4MjNhNzMzMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog/ObSdQ2NQFReey4ofSWOGpqEuh
29D5Dpy7NUW90Rmyf5SETN5td+lxGsKUGjCQywH9kGBaiRVm/+xlDP7AOddKBwDJ
7CNafgwiJl7mTK5HTlrtBuTYfyD92iG5s+XMjshFoq1w8s7wMSfwBjWZ9RNvPPj7
4H/+zmLfjgNJ8xYbNASA8RXkL0WtTg2Y5riNXcuWjkdimjiTBm8bO8dGH0eGh/ys
Y8qlgUqhEt58F04Y3VZvxX0YHZTl5n+/51TZZMA8p08DTaxIBCj9zCODppL7ZIFg
HwmRyDx25oioTTMyhKnyY52UB0f0tObIAIa9NDOkesIopmBp4C+sIDnSfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDdB4s4Rm+XxQwDtG4yz54I6czFjMB8GA1UdIwQY
MBaAFAMJD6w8xC8Zl0VaEuZDBkY3xp3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAt
ZmRkMjNiNDNjNTJlLzEvTjBIaXpoR2I1ZkZEQU8wYmpMUG5nanB6TVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAtZmRkMjNiNDNjNTJl
LzEvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5YHAD
BAC5YHIwDQYJKoZIhvcNAQELBQADggEBAJzMRtINiqIMQQpzEFmojHzRJpaW4UEa
qkHO1FbKlntIkDIZ9A07BfAPZfo0pVSxQRN8eEg1WyFZzTix2fp9Ufwx8/pISCMd
D4tJJhydQAhDF205nsbJrzpPQL6AkxBsuSdJW7Xu/BYmUt9uTorwGkKDNpwcoUQW
EGJ1FS/s+v2/OOEQrL3iLYLGQqA2O9GRJ3jUZIhxtMnFDRb6EgxPoXrLxaI0HLld
wtPw8mM/GduKmchYUYhMcilV8hdmPyoQfGrlOxIzKCle5T+EElZ3RY1NIfgO8UlK
fK4shNu7WeFLpSLB+hQ7z1xcYGCjPL8B0gacrNSF3n7Nuf2fYLG9axU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:14 2024 by rpki-client on console-fra.rpki-client.org