Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nr6Dw-oqhlV3A3eaT3SwUdviy0g.roa
File: Nr6Dw-oqhlV3A3eaT3SwUdviy0g.roa (raw, json)
Hash identifier: kfXB+x1SuDNqTKsZ3r5r87q81tQ03eD1q0ru/EUJOtk=
Subject key identifier: 36:BE:83:C3:EA:2A:86:55:77:03:77:9A:4F:74:B0:51:DB:E2:CB:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01858AEACECA7CC893EF54C11AFADC677E13
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nr6Dw-oqhlV3A3eaT3SwUdviy0g.roa
Signing time: Sat 07 Jan 2023 06:28:42 +0000
ROA not before: Sat 07 Jan 2023 06:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 212.87.204.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8a:ea:ce:ca:7c:c8:93:ef:54:c1:1a:fa:dc:67:7e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 7 06:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36be83c3ea2a86557703779a4f74b051dbe2cb48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:8e:ff:0b:f9:fd:ec:7c:a2:f3:4e:b8:18:
6a:86:1b:e1:8a:d0:ca:b1:97:a5:b2:fa:a7:89:d2:
85:c2:a7:b3:21:d4:20:f2:23:46:68:d3:e3:3d:0c:
65:aa:19:47:4f:a4:86:d3:4b:8a:0f:1b:f3:73:0d:
d9:00:d4:10:8b:24:ac:40:c9:b3:4b:92:bc:e0:eb:
95:02:d5:d0:64:b5:13:b3:2b:bf:f5:62:d3:cf:f3:
e7:a8:62:5c:43:67:8e:c7:f1:14:25:de:59:41:4b:
b8:e3:8b:c9:84:4e:f8:8d:74:05:66:a2:9c:14:c3:
76:ba:de:58:16:70:f6:cf:d6:58:5e:8c:a3:2c:81:
7f:e9:82:cf:b4:99:f0:bc:8c:e8:e8:08:ec:8f:e7:
89:c7:0d:79:4b:9d:64:d9:0c:71:56:06:0c:21:1f:
c1:f0:3d:d9:bd:9d:59:24:78:a3:f7:5a:fb:74:03:
5f:3b:14:d7:e2:b4:82:88:57:e7:47:74:79:b7:52:
7e:a6:4b:af:37:67:fd:2d:38:1f:77:c0:4a:6c:10:
09:cd:d3:90:75:76:9b:e0:54:b3:be:1f:2c:71:ae:
db:72:b6:c0:c1:1a:a4:6d:de:14:7e:96:8a:41:49:
55:8a:24:00:0d:05:35:a8:82:bd:59:e0:fe:45:e3:
88:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BE:83:C3:EA:2A:86:55:77:03:77:9A:4F:74:B0:51:DB:E2:CB:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nr6Dw-oqhlV3A3eaT3SwUdviy0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
109.206.237.0/24
109.206.242.0/24
185.218.138.0/24
185.246.222.0/24
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
48:59:e5:f3:c5:fb:1e:5f:87:8f:4a:94:4e:4a:2e:eb:f9:55:
d1:6f:48:cb:f9:3f:89:83:84:9b:da:e8:3a:b1:f3:c7:43:6a:
dc:a6:d7:1c:92:c0:91:c0:15:f6:b3:92:fd:c4:2c:3d:6a:2c:
7d:cc:d7:7c:89:e7:21:5b:70:4e:1b:ea:0c:5f:4c:00:62:84:
c4:e4:2b:49:83:74:d1:16:23:3a:e3:63:2a:e5:3d:9a:d8:dd:
4b:df:5e:c6:ab:dd:30:29:28:c9:3b:b4:5a:54:c0:e1:fa:3e:
bb:f2:54:4f:3b:51:3a:54:9b:fa:79:48:62:14:47:4b:fb:46:
9c:b5:cd:2e:3a:8d:a5:4b:b8:40:16:23:be:0b:ab:9a:4d:34:
03:7a:24:88:07:8a:b0:7c:65:67:d7:61:b8:27:fd:8c:db:76:
46:9e:c9:dc:1f:5c:31:51:f2:fc:b9:73:a8:39:4f:59:86:c3:
75:07:15:9d:cc:80:e7:7a:69:17:81:bc:cf:7e:00:d4:f9:8e:
ce:98:32:18:6a:7d:f6:b2:8c:97:5a:96:59:9b:92:00:1d:98:
9b:1d:05:42:40:43:70:88:33:6c:c6:e2:cc:57:f7:d5:3b:69:
7a:3e:fa:9a:d0:21:e4:6a:ac:9f:80:c2:b5:e5:d1:e5:d8:1c:
8a:f5:82:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWK6s7KfMiT71TBGvrcZ34TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTA3MDYyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJlODNjM2VhMmE4NjU1NzcwMzc3OWE0Zjc0YjA1MWRiZTJjYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0eO/wv5/ex8ovNOuBhqhhvhitDK
sZelsvqnidKFwqezIdQg8iNGaNPjPQxlqhlHT6SG00uKDxvzcw3ZANQQiySsQMmz
S5K84OuVAtXQZLUTsyu/9WLTz/PnqGJcQ2eOx/EUJd5ZQUu444vJhE74jXQFZqKc
FMN2ut5YFnD2z9ZYXoyjLIF/6YLPtJnwvIzo6Ajsj+eJxw15S51k2QxxVgYMIR/B
8D3ZvZ1ZJHij91r7dANfOxTX4rSCiFfnR3R5t1J+pkuvN2f9LTgfd8BKbBAJzdOQ
dXab4FSzvh8sca7bcrbAwRqkbd4UfpaKQUlViiQADQU1qIK9WeD+ReOImQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDa+g8PqKoZVdwN3mk90sFHb4stIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTnI2RHctb3FobFYzQTNlYVQzU3dVZHZpeTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUEwzAwQA
bc7tAwQAbc7yAwQAudqKAwQAufbeAwQA1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQBI
WeXzxfseX4ePSpROSi7r+VXRb0jL+T+Jg4Sb2ug6sfPHQ2rcptccksCRwBX2s5L9
xCw9aix9zNd8iechW3BOG+oMX0wAYoTE5CtJg3TRFiM642Mq5T2a2N1L317Gq90w
KSjJO7RaVMDh+j678lRPO1E6VJv6eUhiFEdL+0actc0uOo2lS7hAFiO+C6uaTTQD
eiSIB4qwfGVn12G4J/2M23ZGnsncH1wxUfL8uXOoOU9ZhsN1BxWdzIDnemkXgbzP
fgDU+Y7OmDIYan32soyXWpZZm5IAHZibHQVCQENwiDNsxuLMV/fVO2l6Pvqa0CHk
aqyfgMK15dHl2ByK9YKT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org