Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nBbgdVfRoy-Mbxak8FGumhuyh8s.roa
File: nBbgdVfRoy-Mbxak8FGumhuyh8s.roa (raw, json)
Hash identifier: BQqv48nHYtZvsKljWQysSd0VCrMn1hGsHm3+m7AZE4s=
Subject key identifier: 9C:16:E0:75:57:D1:A3:2F:8C:6F:16:A4:F0:51:AE:9A:1B:B2:87:CB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186E392B2DAE3498F6075BE5576D0E767C2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nBbgdVfRoy-Mbxak8FGumhuyh8s.roa
Signing time: Wed 15 Mar 2023 04:41:27 +0000
ROA not before: Wed 15 Mar 2023 04:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e3:92:b2:da:e3:49:8f:60:75:be:55:76:d0:e7:67:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 04:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c16e07557d1a32f8c6f16a4f051ae9a1bb287cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:07:9d:a9:6e:fd:6d:aa:9a:49:b3:cb:f7:c8:
27:e7:d1:d1:73:19:ff:22:14:23:fe:94:bb:92:15:
f0:ff:d9:8e:9e:22:d7:d8:5b:2f:75:ff:cb:cc:b3:
cc:69:ac:8b:1f:67:b9:29:ab:48:c1:a6:5f:51:59:
9f:63:01:41:55:18:79:27:c1:da:de:20:71:b6:4e:
9f:c4:c2:fd:92:88:7e:70:f9:1d:84:b9:8a:68:08:
fb:f3:22:d5:ec:9d:ae:8f:c5:4b:90:7d:77:ab:a8:
63:51:7e:5a:1c:d3:11:00:da:cd:e5:3d:5b:49:fc:
8e:ff:da:12:fe:9d:29:d6:8a:94:48:86:6c:0d:d0:
c0:6e:d2:25:3b:fe:17:f1:3e:d6:f6:f8:70:ec:30:
db:f9:bf:56:c7:3d:f3:a9:b7:65:09:fb:a2:11:9b:
3f:86:8c:cd:76:57:12:77:7a:b7:8b:0d:9e:c2:b8:
a2:75:1a:35:39:b3:f3:b0:eb:42:50:02:f3:dd:a2:
9f:52:39:59:fc:37:85:f0:96:b4:91:14:37:90:a4:
96:5d:15:a0:fd:f3:5b:75:70:60:cd:91:58:9f:78:
60:22:0f:21:fa:9b:7f:6c:53:ea:24:43:0c:bd:3b:
f3:02:aa:09:7a:31:28:c5:d9:e5:86:d0:2d:b3:ab:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:16:E0:75:57:D1:A3:2F:8C:6F:16:A4:F0:51:AE:9A:1B:B2:87:CB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nBbgdVfRoy-Mbxak8FGumhuyh8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.90.0/24
193.124.200.0/24
194.87.10.0/24
194.87.124.0/24
194.87.252.0/24
195.58.51.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
55:6e:a7:aa:34:6a:09:d1:96:3b:c7:f8:f4:22:04:2f:45:f7:
e4:9f:fc:c5:5d:c5:14:75:7b:16:e7:f6:cb:cd:86:f6:53:4a:
49:20:b7:5f:76:6e:89:2c:c8:18:e6:df:4c:b8:ad:54:72:fa:
22:e1:39:d8:da:5b:46:1c:a3:82:bc:80:0a:72:0b:d2:a6:5e:
99:99:f4:70:f8:95:2d:dc:65:3a:d7:64:81:2f:50:6b:bd:9b:
69:42:aa:7b:6c:e4:3e:ba:f8:49:e8:d2:94:07:7b:0c:98:42:
d3:59:ed:96:c1:9e:54:06:e2:6a:b4:2b:7e:26:63:aa:58:2f:
82:03:62:81:56:a7:b3:f8:8f:11:95:38:6d:3f:e1:80:50:52:
f8:c3:92:98:53:33:e0:4b:fa:9c:7b:76:1a:5d:ed:90:2a:83:
1c:ef:64:b3:96:ce:87:7b:d3:14:7b:d2:49:da:4a:0e:72:20:
5c:d7:a0:ca:30:82:80:92:20:5e:81:f2:fe:e2:3b:5d:e9:4b:
b2:81:a8:cd:b0:35:02:94:94:d1:2b:1e:bb:8e:64:09:ab:a4:
8e:66:5c:cf:fa:b3:63:d1:ef:4f:36:44:cf:65:ad:1a:1c:ec:
93:fc:f4:6d:7f:4f:5d:14:8b:7d:15:6a:dc:d9:c3:83:ab:6d:
fb:4d:5f:cb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYbjkrLa40mPYHW+VXbQ52fCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzE1MDQ0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE2ZTA3NTU3ZDFhMzJmOGM2ZjE2YTRmMDUxYWU5YTFiYjI4N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQedqW79baqaSbPL98gn59HRcxn/
IhQj/pS7khXw/9mOniLX2Fsvdf/LzLPMaayLH2e5KatIwaZfUVmfYwFBVRh5J8Ha
3iBxtk6fxML9koh+cPkdhLmKaAj78yLV7J2uj8VLkH13q6hjUX5aHNMRANrN5T1b
SfyO/9oS/p0p1oqUSIZsDdDAbtIlO/4X8T7W9vhw7DDb+b9Wxz3zqbdlCfuiEZs/
hozNdlcSd3q3iw2ewriidRo1ObPzsOtCUALz3aKfUjlZ/DeF8Ja0kRQ3kKSWXRWg
/fNbdXBgzZFYn3hgIg8h+pt/bFPqJEMMvTvzAqoJejEoxdnlhtAts6uaMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJwW4HVX0aMvjG8WpPBRrpobsofLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbkJiZ2RWZlJveS1NYnhhazhGR3VtaHV5aDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkziAwQA
wHy0AwQAwXxaAwQAwXzIAwQAwlcKAwQAwld8AwQAwlf8AwQAwzozAwQA1MAJMA0G
CSqGSIb3DQEBCwUAA4IBAQBVbqeqNGoJ0ZY7x/j0IgQvRffkn/zFXcUUdXsW5/bL
zYb2U0pJILdfdm6JLMgY5t9MuK1Ucvoi4TnY2ltGHKOCvIAKcgvSpl6ZmfRw+JUt
3GU612SBL1BrvZtpQqp7bOQ+uvhJ6NKUB3sMmELTWe2WwZ5UBuJqtCt+JmOqWC+C
A2KBVqez+I8RlThtP+GAUFL4w5KYUzPgS/qce3YaXe2QKoMc72Szls6He9MUe9JJ
2koOciBc16DKMIKAkiBegfL+4jtd6UuygajNsDUClJTRKx67jmQJq6SOZlzP+rNj
0e9PNkTPZa0aHOyT/PRtf09dFIt9FWrc2cODq237TV/L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org