Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/nkcKgNZ65fSwRB-77LVc6CaYui0.roa
File: nkcKgNZ65fSwRB-77LVc6CaYui0.roa (raw, json)
Hash identifier: Fs/VowlZwPF9lr/AunAUJ0SC9HWV0GqZU8bVhrrpmkA=
Subject key identifier: 9E:47:0A:80:D6:7A:E5:F4:B0:44:1F:BB:EC:B5:5C:E8:26:98:BA:2D
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 01856B8A36C6A78D3C78285787EDC6140084
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/nkcKgNZ65fSwRB-77LVc6CaYui0.roa
Signing time: Sun 01 Jan 2023 04:14:57 +0000
ROA not before: Sun 01 Jan 2023 04:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57724
IP address blocks: 185.231.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:36:c6:a7:8d:3c:78:28:57:87:ed:c6:14:00:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 1 04:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e470a80d67ae5f4b0441fbbecb55ce82698ba2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b7:48:45:7b:2e:be:d9:5a:5c:52:33:61:89:
8f:57:8f:66:e7:4d:52:31:f2:a0:d3:25:72:5e:e8:
a4:11:11:c0:8f:33:f2:74:3f:60:99:0c:55:91:f8:
6b:ea:87:7f:84:c2:d0:ab:a5:2e:fd:37:05:f9:34:
13:6d:ec:71:cb:d0:df:19:e0:32:a0:3b:f9:ea:25:
65:7c:e6:de:3b:f2:fa:39:02:fc:f1:f7:88:e8:dc:
9a:b2:bb:4a:4d:59:4e:97:69:4b:ec:c3:6c:0e:ed:
d6:21:b1:f1:cf:3c:79:84:4e:1e:71:32:96:fb:29:
1e:6e:42:c5:34:cd:ed:f9:d3:15:50:21:c8:74:6e:
08:66:5b:e8:36:89:d8:6d:93:f0:77:7e:ef:a7:d4:
aa:29:53:38:bf:93:72:56:35:cf:c5:63:de:50:0c:
08:be:d5:e5:6d:64:cc:ff:b8:48:71:df:bb:69:d4:
a6:15:bc:f6:6a:f3:df:23:a1:2a:33:a7:81:e6:85:
0d:35:71:99:7d:33:88:42:10:f7:23:fa:6c:ae:64:
42:c0:74:b0:85:57:47:8e:89:5b:d0:53:86:3c:5a:
80:60:51:6c:84:f7:e5:a1:5a:9a:25:2e:74:8a:73:
95:6c:6e:77:38:71:77:39:81:b6:1e:b0:24:42:6c:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:47:0A:80:D6:7A:E5:F4:B0:44:1F:BB:EC:B5:5C:E8:26:98:BA:2D
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/nkcKgNZ65fSwRB-77LVc6CaYui0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.33.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:11:c0:be:a7:df:0b:4b:58:bc:e7:57:ef:a8:d4:5d:d7:1f:
73:d5:cc:23:e2:79:2a:36:d3:96:df:46:44:10:2f:1a:c7:00:
fd:c3:83:70:98:30:d2:eb:e4:6e:0d:79:91:ff:25:ee:aa:3c:
99:fd:e5:25:84:f8:da:b3:e0:6f:17:da:cb:b2:f3:25:54:b8:
2c:a8:50:53:2b:31:1f:a1:9e:93:06:38:c0:57:91:88:14:e2:
82:78:75:10:f0:f3:86:89:41:7a:fd:10:ac:27:e0:6e:3e:fa:
ca:3c:6c:5b:fc:e0:4c:a0:69:d6:24:31:ae:85:0b:4c:de:ba:
01:0e:12:1c:7e:4c:15:d0:df:ba:97:11:8c:75:b1:01:01:7f:
d4:4c:ee:03:5b:94:7f:d7:3f:12:6c:c7:56:ab:24:4f:d1:8f:
90:fc:56:e7:02:07:58:46:6f:01:e8:a1:2a:1d:f3:75:f8:41:
9c:1b:97:4b:3e:45:d5:71:f9:5f:29:47:4b:95:56:9f:cf:e3:
a2:ec:13:9c:fc:8e:7a:16:a7:84:34:15:f8:8d:55:e6:88:04:
5f:7d:ad:c6:7b:60:3f:6e:91:4c:32:5d:8d:cf:44:87:ae:c5:
d4:b3:35:c6:65:e9:8e:f1:c0:77:e3:4d:d9:e6:5a:a9:eb:23:
d7:b4:c9:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrijbGp408eChXh+3GFACEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjMwMTAxMDQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ3MGE4MGQ2N2FlNWY0YjA0NDFmYmJlY2I1NWNlODI2OThiYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLdIRXsuvtlaXFIzYYmPV49m501S
MfKg0yVyXuikERHAjzPydD9gmQxVkfhr6od/hMLQq6Uu/TcF+TQTbexxy9DfGeAy
oDv56iVlfObeO/L6OQL88feI6NyasrtKTVlOl2lL7MNsDu3WIbHxzzx5hE4ecTKW
+ykebkLFNM3t+dMVUCHIdG4IZlvoNonYbZPwd37vp9SqKVM4v5NyVjXPxWPeUAwI
vtXlbWTM/7hIcd+7adSmFbz2avPfI6EqM6eB5oUNNXGZfTOIQhD3I/psrmRCwHSw
hVdHjolb0FOGPFqAYFFshPfloVqaJS50inOVbG53OHF3OYG2HrAkQmxR2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5HCoDWeuX0sEQfu+y1XOgmmLotMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvbmtjS2dOWjY1ZlN3UkItNzdMVmM2Q2FZdWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuechMA0G
CSqGSIb3DQEBCwUAA4IBAQA8EcC+p98LS1i851fvqNRd1x9z1cwj4nkqNtOW30ZE
EC8axwD9w4NwmDDS6+RuDXmR/yXuqjyZ/eUlhPjas+BvF9rLsvMlVLgsqFBTKzEf
oZ6TBjjAV5GIFOKCeHUQ8POGiUF6/RCsJ+BuPvrKPGxb/OBMoGnWJDGuhQtM3roB
DhIcfkwV0N+6lxGMdbEBAX/UTO4DW5R/1z8SbMdWqyRP0Y+Q/FbnAgdYRm8B6KEq
HfN1+EGcG5dLPkXVcflfKUdLlVafz+Oi7BOc/I56FqeENBX4jVXmiARffa3Ge2A/
bpFMMl2Nz0SHrsXUszXGZemO8cB3403Z5lqp6yPXtMny
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:30 2024 by rpki-client on console-fra.rpki-client.org