Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/Nj0WfyAqcu7P1tbEqemvCJmZ7Uo.roa
File: Nj0WfyAqcu7P1tbEqemvCJmZ7Uo.roa (raw, json)
Hash identifier: JQLt3vPgJRnELn8T6tnmWizvH6/l15PUnRvwLm3CbrI=
Subject key identifier: 36:3D:16:7F:20:2A:72:EE:CF:D6:D6:C4:A9:E9:AF:08:99:99:ED:4A
Certificate issuer: /CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Certificate serial: 0189F42A8FCB5634033E046CA280772C6B5C
Authority key identifier: 98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/Nj0WfyAqcu7P1tbEqemvCJmZ7Uo.roa
Signing time: Mon 14 Aug 2023 13:09:37 +0000
ROA not before: Mon 14 Aug 2023 13:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.48.0/22 maxlen: 22
2a01:5ae0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:2a:8f:cb:56:34:03:3e:04:6c:a2:80:77:2c:6b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Validity
Not Before: Aug 14 13:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=363d167f202a72eecfd6d6c4a9e9af089999ed4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:88:b5:fc:0d:d0:75:3d:f0:00:82:78:03:
c1:fb:fe:67:cc:98:a2:48:5c:b8:96:e2:f8:5d:6a:
83:f1:f0:04:b7:a2:6a:63:f0:8f:91:1f:2f:88:ca:
90:bf:96:23:b6:a6:26:be:38:4e:be:92:e9:90:e1:
10:97:42:02:7f:e5:11:3e:91:ed:28:40:9d:76:23:
aa:54:7b:75:9e:6d:f9:48:bb:2b:27:f6:48:54:fc:
6d:ab:67:56:d2:ed:12:67:1e:28:52:87:8c:84:e4:
bb:b2:51:f2:7c:ad:5a:b4:b4:81:e4:53:cb:42:3d:
fa:66:66:94:9f:3c:01:02:d5:81:6e:94:7e:88:20:
4a:ce:52:87:3c:38:77:44:ec:09:89:56:ec:e0:44:
6e:e1:ab:8f:dc:40:80:7a:90:5b:67:d5:31:e8:2f:
bc:42:3e:d6:e9:11:68:6d:37:dc:51:33:30:60:c4:
93:34:c2:ca:9d:8b:bd:71:7d:4f:d8:14:f7:f2:91:
ca:da:22:bc:33:5f:c6:3d:e9:b1:03:ea:9b:86:cc:
fd:ad:2d:9b:a1:b6:e6:46:3a:8d:0c:b0:56:c6:99:
08:06:50:11:8b:93:2d:e8:33:f1:d2:84:03:d1:bf:
d9:1c:cc:ba:4d:18:b0:67:1d:ab:d4:8a:b4:17:08:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3D:16:7F:20:2A:72:EE:CF:D6:D6:C4:A9:E9:AF:08:99:99:ED:4A
X509v3 Authority Key Identifier:
keyid:98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/Nj0WfyAqcu7P1tbEqemvCJmZ7Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mHyvDLazMBzAhKJdXCFBCpLKfjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.48.0/22
IPv6:
2a01:5ae0::/32
Signature Algorithm: sha256WithRSAEncryption
53:7f:ad:21:23:64:27:4c:6e:4c:5e:ce:9f:40:64:ff:75:21:
ab:be:fe:93:9d:71:04:ba:a5:a7:34:36:1d:a6:9a:04:79:44:
5d:3b:a8:10:29:18:63:1b:03:58:8b:72:25:f4:39:9b:7c:10:
c4:b7:89:93:7d:9e:7c:f9:ea:29:b8:05:55:58:bb:5f:22:3e:
e0:65:05:92:5b:b4:93:38:70:88:91:f7:6f:31:c5:67:c8:af:
1d:b5:85:ac:15:52:bc:85:9d:4b:5e:c5:27:e0:0f:6f:53:ab:
19:9d:c1:df:53:2e:e3:dc:7c:46:42:47:a3:09:12:10:ea:0a:
ad:7f:37:91:26:ff:29:27:1b:4c:59:7b:e4:8c:b5:eb:b8:9f:
e3:fc:06:ab:e8:ec:f1:d2:9c:16:03:fd:ee:eb:58:6f:b9:62:
be:70:aa:c2:fd:b8:c8:06:1f:48:d7:c2:e1:a9:bd:f3:35:93:
91:a1:cf:e3:1e:7f:e2:7c:a7:4c:51:1a:9c:8d:fc:d0:d4:85:
08:fb:15:ec:97:55:d9:81:6b:13:5e:f3:ac:e7:c6:8d:b9:58:
4d:52:03:19:7a:53:b9:d5:4a:40:fc:a1:17:55:dd:fe:8e:47:
ea:cb:0a:8d:4a:95:f0:96:71:60:53:2b:ab:1a:37:81:36:4b:
aa:48:13:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYn0Ko/LVjQDPgRsooB3LGtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4N2NhZjBjYjZiMzMwMWNjMDg0YTI1ZDVjMjE0MTBhOTJj
YTdlMzYwHhcNMjMwODE0MTMwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNkMTY3ZjIwMmE3MmVlY2ZkNmQ2YzRhOWU5YWYwODk5OTllZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRqItfwN0HU98ACCeAPB+/5nzJii
SFy4luL4XWqD8fAEt6JqY/CPkR8viMqQv5YjtqYmvjhOvpLpkOEQl0ICf+URPpHt
KECddiOqVHt1nm35SLsrJ/ZIVPxtq2dW0u0SZx4oUoeMhOS7slHyfK1atLSB5FPL
Qj36ZmaUnzwBAtWBbpR+iCBKzlKHPDh3ROwJiVbs4ERu4auP3ECAepBbZ9Ux6C+8
Qj7W6RFobTfcUTMwYMSTNMLKnYu9cX1P2BT38pHK2iK8M1/GPemxA+qbhsz9rS2b
obbmRjqNDLBWxpkIBlARi5Mt6DPx0oQD0b/ZHMy6TRiwZx2r1Iq0FwhwTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDY9Fn8gKnLuz9bWxKnprwiZme1KMB8GA1UdIwQY
MBaAFJh8rwy2szAcwISiXVwhQQqSyn42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEt
MzYxNzBjZDgxMzMwLzEvTmowV2Z5QXFjdTdQMXRiRXFlbXZDSm1aN1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEtMzYxNzBjZDgxMzMw
LzEvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSswMA0E
AgACMAcDBQAqAVrgMA0GCSqGSIb3DQEBCwUAA4IBAQBTf60hI2QnTG5MXs6fQGT/
dSGrvv6TnXEEuqWnNDYdppoEeURdO6gQKRhjGwNYi3Il9DmbfBDEt4mTfZ58+eop
uAVVWLtfIj7gZQWSW7STOHCIkfdvMcVnyK8dtYWsFVK8hZ1LXsUn4A9vU6sZncHf
Uy7j3HxGQkejCRIQ6gqtfzeRJv8pJxtMWXvkjLXruJ/j/Aar6Ozx0pwWA/3u61hv
uWK+cKrC/bjIBh9I18Lhqb3zNZORoc/jHn/ifKdMURqcjfzQ1IUI+xXsl1XZgWsT
XvOs58aNuVhNUgMZelO51UpA/KEXVd3+jkfqywqNSpXwlnFgUyurGjeBNkuqSBOg
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:10 2024 by rpki-client on console-ams.rpki-client.org