Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/5f0f06-56f4-41a5-889a-b15b3fbc04a6/1/nkXjKZEXb1eATgwxfkhy601krzE.roa
File: nkXjKZEXb1eATgwxfkhy601krzE.roa (raw, json)
Hash identifier: UB0GeNtbHOy8KntkUtE582U1Q9jspDiBd3By+7zefMs=
Subject key identifier: 9E:45:E3:29:91:17:6F:57:80:4E:0C:31:7E:48:72:EB:4D:64:AF:31
Certificate issuer: /CN=6cf96a7c01d62e37acecf0786f64978905121647
Certificate serial: 0185730CAE7090DA4404CB6B160CDE00A5CC
Authority key identifier: 6C:F9:6A:7C:01:D6:2E:37:AC:EC:F0:78:6F:64:97:89:05:12:16:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPlqfAHWLjes7PB4b2SXiQUSFkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/5f0f06-56f4-41a5-889a-b15b3fbc04a6/1/nkXjKZEXb1eATgwxfkhy601krzE.roa
Signing time: Mon 02 Jan 2023 15:14:48 +0000
ROA not before: Mon 02 Jan 2023 15:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204006
IP address blocks: 185.117.134.0/24 maxlen: 24
185.117.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:ae:70:90:da:44:04:cb:6b:16:0c:de:00:a5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf96a7c01d62e37acecf0786f64978905121647
Validity
Not Before: Jan 2 15:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e45e32991176f57804e0c317e4872eb4d64af31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:52:82:6c:59:a0:1c:4f:27:8e:f2:fc:0d:
33:eb:26:fc:f0:2a:bd:97:b9:fc:b0:f1:a4:ba:ee:
94:0e:18:e4:a1:44:6b:fd:7b:7f:cd:d1:1c:4a:b6:
8c:1e:e8:f3:33:a1:c2:1d:aa:96:33:74:71:c4:b1:
3c:20:b0:5b:69:cc:30:05:69:f7:95:ad:71:24:a1:
58:eb:37:f6:d8:88:93:55:04:7e:94:b9:a3:e9:cd:
2d:33:8f:41:cd:17:00:be:e8:ae:52:55:a5:f9:d8:
fd:dc:4c:c6:f0:c5:e1:b1:bb:13:c5:45:83:99:9b:
3d:f8:2f:ce:a4:1c:ba:a6:90:ef:6e:70:a6:05:47:
64:5b:f2:b7:69:2b:fe:18:c6:a0:3d:3b:57:f7:eb:
3c:ec:fc:74:a1:3e:80:d4:7b:3f:ef:3e:08:a4:6f:
6c:82:67:43:d2:cb:a5:ff:10:ac:c6:6d:86:b3:b4:
b6:26:b9:7a:1f:52:be:50:6e:6f:80:21:d1:cf:28:
48:cc:23:eb:02:ea:2c:bf:fa:39:31:34:8c:13:3e:
9a:42:7f:96:23:52:8a:03:89:bb:14:cb:3d:3d:0d:
34:e1:e5:df:2c:bb:86:52:b8:ae:d1:1b:d3:58:15:
a1:d8:af:a2:e1:a2:8a:f0:58:36:97:36:6f:a8:ed:
b4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:45:E3:29:91:17:6F:57:80:4E:0C:31:7E:48:72:EB:4D:64:AF:31
X509v3 Authority Key Identifier:
keyid:6C:F9:6A:7C:01:D6:2E:37:AC:EC:F0:78:6F:64:97:89:05:12:16:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPlqfAHWLjes7PB4b2SXiQUSFkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/5f0f06-56f4-41a5-889a-b15b3fbc04a6/1/nkXjKZEXb1eATgwxfkhy601krzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/5f0f06-56f4-41a5-889a-b15b3fbc04a6/1/bPlqfAHWLjes7PB4b2SXiQUSFkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.134.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:91:b8:fc:91:2e:fe:42:05:ad:9f:4e:57:95:ce:4d:81:cc:
39:90:a5:2b:2c:ba:80:d0:b1:ed:19:13:90:4c:eb:8d:b8:03:
f3:e6:16:07:6a:6b:81:94:5d:8a:39:e8:74:27:4a:92:f0:92:
f5:b2:c3:1f:4e:89:07:cd:e1:43:e9:a6:b2:e0:a7:21:93:fa:
23:15:37:d6:45:7d:21:97:d4:23:c5:c0:7a:3b:ae:b5:f6:e1:
c4:58:56:71:ce:d1:ae:1f:ae:ca:f1:f6:04:b7:72:5f:a1:cf:
b3:50:f6:ce:f9:b4:17:e4:b6:8c:87:9a:0a:c9:ea:cd:b9:fb:
a7:cd:5e:a5:7b:78:fb:4b:59:b6:75:94:ea:b4:4e:59:a3:a6:
ac:bb:81:c0:6b:ba:92:10:37:2e:55:1d:60:99:ba:c9:c3:af:
16:6b:19:c3:0a:52:f4:95:a3:21:de:a4:2f:9b:e9:cc:2d:f7:
30:f6:60:4c:ca:4a:53:f7:11:cd:cb:0c:cf:f4:5c:b1:f6:77:
84:4b:48:a6:21:16:c7:f7:9f:c6:fc:bc:1c:4a:7f:4a:6e:40:
2f:7f:d5:dd:70:13:83:da:d1:54:bd:af:e8:a6:e5:53:f1:25:
b6:97:bd:7b:3c:86:8b:f0:c6:28:0f:ad:24:64:fe:72:8d:f8:
89:6b:10:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDK5wkNpEBMtrFgzeAKXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZjk2YTdjMDFkNjJlMzdhY2VjZjA3ODZmNjQ5Nzg5MDUx
MjE2NDcwHhcNMjMwMTAyMTUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ1ZTMyOTkxMTc2ZjU3ODA0ZTBjMzE3ZTQ4NzJlYjRkNjRhZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilZSgmxZoBxPJ47y/A0z6yb88Cq9
l7n8sPGkuu6UDhjkoURr/Xt/zdEcSraMHujzM6HCHaqWM3RxxLE8ILBbacwwBWn3
la1xJKFY6zf22IiTVQR+lLmj6c0tM49BzRcAvuiuUlWl+dj93EzG8MXhsbsTxUWD
mZs9+C/OpBy6ppDvbnCmBUdkW/K3aSv+GMagPTtX9+s87Px0oT6A1Hs/7z4IpG9s
gmdD0sul/xCsxm2Gs7S2Jrl6H1K+UG5vgCHRzyhIzCPrAuosv/o5MTSMEz6aQn+W
I1KKA4m7FMs9PQ004eXfLLuGUriu0RvTWBWh2K+i4aKK8Fg2lzZvqO20OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5F4ymRF29XgE4MMX5IcutNZK8xMB8GA1UdIwQY
MBaAFGz5anwB1i43rOzweG9kl4kFEhZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlBscWZBSFdMamVzN1BCNGIyU1hpUVVTRmtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy81ZjBmMDYtNTZmNC00MWE1LTg4OWEt
YjE1YjNmYmMwNGE2LzEvbmtYaktaRVhiMWVBVGd3eGZraHk2MDFrcnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy81ZjBmMDYtNTZmNC00MWE1LTg4OWEtYjE1YjNmYmMwNGE2
LzEvYlBscWZBSFdMamVzN1BCNGIyU1hpUVVTRmtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXWGMA0G
CSqGSIb3DQEBCwUAA4IBAQAakbj8kS7+QgWtn05Xlc5Ngcw5kKUrLLqA0LHtGROQ
TOuNuAPz5hYHamuBlF2KOeh0J0qS8JL1ssMfTokHzeFD6aay4Kchk/ojFTfWRX0h
l9QjxcB6O6619uHEWFZxztGuH67K8fYEt3Jfoc+zUPbO+bQX5LaMh5oKyerNufun
zV6le3j7S1m2dZTqtE5Zo6asu4HAa7qSEDcuVR1gmbrJw68WaxnDClL0laMh3qQv
m+nMLfcw9mBMykpT9xHNywzP9Fyx9neES0imIRbH95/G/LwcSn9KbkAvf9XdcBOD
2tFUva/opuVT8SW2l717PIaL8MYoD60kZP5yjfiJaxCd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:29 2024 by rpki-client on console-ams.rpki-client.org