Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NtgZJsfb1iwPvpeJPKhyojci4bA.roa
File: NtgZJsfb1iwPvpeJPKhyojci4bA.roa (raw, json)
Hash identifier: 3Z1fLDAKHz1MQJ3nsbG4aWbeRhvMaJ10hcQY45HB8c8=
Subject key identifier: 36:D8:19:26:C7:DB:D6:2C:0F:BE:97:89:3C:A8:72:A2:37:22:E1:B0
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018B41E545A223645213A7C4A6E4323B6167
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NtgZJsfb1iwPvpeJPKhyojci4bA.roa
Signing time: Wed 18 Oct 2023 08:27:06 +0000
ROA not before: Wed 18 Oct 2023 08:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216408
IP address blocks: 185.87.216.0/24 maxlen: 24
2a13:85c0:100::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:e5:45:a2:23:64:52:13:a7:c4:a6:e4:32:3b:61:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Oct 18 08:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d81926c7dbd62c0fbe97893ca872a23722e1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d3:5d:44:82:d6:ed:d2:71:87:59:0b:ab:6a:
b0:f4:a1:de:8c:f9:ac:69:70:5d:8c:fc:aa:ff:34:
36:f1:87:31:eb:2d:c1:3b:99:cc:95:8a:b9:44:d1:
71:4d:73:86:cb:ec:53:3a:94:01:a5:6e:4f:80:9a:
5a:11:99:6c:ca:fa:32:20:f3:41:dd:f7:1b:d7:ee:
d4:65:79:5d:96:cf:cd:96:10:90:35:69:eb:b8:2b:
00:f0:fe:a8:2f:f5:83:a9:98:05:a8:bd:bb:ba:95:
61:a7:13:d6:ab:6e:f1:b9:ea:b7:31:f7:14:e2:35:
93:ba:87:e6:b8:53:b6:0a:af:8d:f9:de:b4:d5:b0:
f2:b2:3c:c4:03:aa:f2:f7:e7:43:0a:bc:d9:7e:5a:
77:3f:3d:63:eb:b1:94:4b:bf:28:10:6c:b9:7c:29:
9a:9b:6c:7f:40:b9:9c:f5:ea:c4:22:f5:89:8d:83:
2a:27:3e:a1:32:16:a0:21:bd:8f:38:1e:75:00:53:
50:44:30:8e:62:d2:a9:47:bd:1b:d6:f5:55:aa:6f:
6e:f2:b8:ba:0e:c4:2a:d9:9a:a4:fd:5d:9c:fe:3a:
f0:a5:ba:e6:ed:9e:4d:cc:78:12:b7:67:a4:b8:f2:
67:f3:61:6f:c8:7e:d0:bb:34:6c:ce:8a:be:4a:97:
6c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:19:26:C7:DB:D6:2C:0F:BE:97:89:3C:A8:72:A2:37:22:E1:B0
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NtgZJsfb1iwPvpeJPKhyojci4bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.216.0/24
IPv6:
2a13:85c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
02:03:e5:5b:47:10:dd:1a:6e:71:da:c2:75:a9:71:78:d5:4b:
5f:90:4c:0a:04:b9:c6:b1:3f:04:cc:1a:b6:c2:72:b2:7d:fd:
02:38:42:b7:1f:0c:ec:02:2b:0b:c3:9b:af:48:b3:9e:18:b2:
ee:0e:e8:51:f1:23:a7:ca:70:f5:f7:b6:da:65:f7:7b:ee:69:
46:3d:b5:bc:32:8d:1b:ab:d1:37:f8:bd:cb:83:55:92:d2:b4:
37:97:ef:53:86:a4:a3:e3:b1:d5:83:45:a0:5b:d9:37:23:41:
5f:d0:8b:90:1c:b8:6e:8a:3e:d0:60:be:8d:2a:53:c3:3c:6d:
94:42:ce:8d:6d:b8:c6:4a:1c:3f:e1:e5:4d:e1:8f:2c:a1:82:
37:49:1d:c7:0a:f2:24:79:b4:cf:bb:af:57:10:10:3a:1d:17:
bc:a5:a6:18:0c:eb:01:9f:a0:ab:45:db:df:e2:f2:47:49:17:
75:25:b4:1b:09:f3:ed:89:4f:ea:16:d7:ca:0c:3f:82:28:8e:
ec:aa:63:cb:36:73:ab:36:2f:0f:33:2b:a6:b3:c9:2f:51:42:
73:ce:0f:69:7e:e1:e4:60:bd:63:d2:a1:9c:dc:49:00:19:21:
91:a2:81:4e:35:06:14:5f:16:dd:74:a1:2d:ff:5c:02:50:a1:
f1:11:ef:bc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYtB5UWiI2RSE6fEpuQyO2FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMxMDE4MDgyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4MTkyNmM3ZGJkNjJjMGZiZTk3ODkzY2E4NzJhMjM3MjJlMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitNdRILW7dJxh1kLq2qw9KHejPms
aXBdjPyq/zQ28Ycx6y3BO5nMlYq5RNFxTXOGy+xTOpQBpW5PgJpaEZlsyvoyIPNB
3fcb1+7UZXldls/NlhCQNWnruCsA8P6oL/WDqZgFqL27upVhpxPWq27xueq3MfcU
4jWTuofmuFO2Cq+N+d601bDysjzEA6ry9+dDCrzZflp3Pz1j67GUS78oEGy5fCma
m2x/QLmc9erEIvWJjYMqJz6hMhagIb2POB51AFNQRDCOYtKpR70b1vVVqm9u8ri6
DsQq2Zqk/V2c/jrwpbrm7Z5NzHgSt2ekuPJn82FvyH7QuzRszoq+SpdsEwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDbYGSbH29YsD76XiTyocqI3IuGwMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvTnRnWkpzZmIxaXdQdnBlSlBLaHlvamNpNGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuVfYMA4E
AgACMAgDBgAqE4XAATANBgkqhkiG9w0BAQsFAAOCAQEAAgPlW0cQ3RpucdrCdalx
eNVLX5BMCgS5xrE/BMwatsJysn39AjhCtx8M7AIrC8Obr0iznhiy7g7oUfEjp8pw
9fe22mX3e+5pRj21vDKNG6vRN/i9y4NVktK0N5fvU4ako+Ox1YNFoFvZNyNBX9CL
kBy4boo+0GC+jSpTwzxtlELOjW24xkocP+HlTeGPLKGCN0kdxwryJHm0z7uvVxAQ
Oh0XvKWmGAzrAZ+gq0Xb3+LyR0kXdSW0Gwnz7YlP6hbXygw/giiO7KpjyzZzqzYv
DzMrprPJL1FCc84PaX7h5GC9Y9KhnNxJABkhkaKBTjUGFF8W3XShLf9cAlCh8RHv
vA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:02 2024 by rpki-client on console-ams.rpki-client.org