Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa
File: nVsh54zCsqWklGz_aASzTbQTU40.roa (raw, json)
Hash identifier: ISY6o+XqfoNsw/GycMNsdal9afS64Gxvh4dOn/SYENE=
Subject key identifier: 9D:5B:21:E7:8C:C2:B2:A5:A4:94:6C:FF:68:04:B3:4D:B4:13:53:8D
Certificate issuer: /CN=042ac382689687b60fce5ce9db887b21d68a6abc
Certificate serial: 01856CF83532840C0CA8F6C58C853F977A42
Authority key identifier: 04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa
Signing time: Sun 01 Jan 2023 10:54:43 +0000
ROA not before: Sun 01 Jan 2023 10:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 185.226.92.0/24 maxlen: 24
185.226.95.0/24 maxlen: 24
185.226.94.0/24 maxlen: 24
185.226.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:35:32:84:0c:0c:a8:f6:c5:8c:85:3f:97:7a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042ac382689687b60fce5ce9db887b21d68a6abc
Validity
Not Before: Jan 1 10:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d5b21e78cc2b2a5a4946cff6804b34db413538d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:19:61:13:ad:25:68:20:a4:b2:be:28:2b:ab:
af:e2:ce:ef:64:cb:f8:13:2f:5d:f4:aa:e8:fa:ff:
19:b9:ed:13:d5:93:de:72:4c:c3:a5:e4:d9:e3:f9:
05:37:48:62:fa:39:9c:db:51:6a:8b:53:80:b0:a0:
3c:b1:bb:ef:83:3e:47:b6:3f:70:2b:ce:2d:9e:20:
c1:d8:04:83:56:db:c4:9f:e6:16:99:93:94:34:5a:
6a:32:91:1b:aa:f4:80:11:51:fd:6f:88:07:57:bd:
53:c0:eb:eb:f7:fe:0e:ec:16:99:bb:eb:13:49:e9:
c0:bf:f5:c5:75:5f:40:c1:a9:9b:bd:47:3b:b7:45:
55:a3:32:be:eb:79:7f:00:81:63:90:0d:f3:8b:cc:
e7:10:f6:6c:00:17:ab:30:10:fd:6f:61:f0:9b:6d:
7e:fe:4d:72:21:21:93:15:e0:65:00:b7:a2:88:d2:
8d:79:ea:16:df:96:9d:0a:74:a0:de:bb:24:bd:b3:
ea:bd:86:98:a6:82:e7:5f:9a:04:55:aa:e0:f9:00:
27:dc:08:47:4a:ce:83:8a:51:41:45:85:09:04:6f:
2e:3d:e7:18:90:04:d7:02:2f:f6:80:75:4a:2f:73:
2a:64:f0:5a:b7:35:aa:b8:7a:65:b3:5c:21:f2:85:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:21:E7:8C:C2:B2:A5:A4:94:6C:FF:68:04:B3:4D:B4:13:53:8D
X509v3 Authority Key Identifier:
keyid:04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.92.0/22
Signature Algorithm: sha256WithRSAEncryption
10:31:42:63:54:32:e2:86:d1:cf:cf:99:a6:80:88:c7:f5:8f:
90:c1:30:86:0c:40:9a:88:c9:68:72:f8:75:05:b6:66:de:67:
22:b5:56:7f:f1:c1:59:37:19:6b:4b:59:73:0d:8d:08:31:b1:
2a:5e:8b:43:0d:d9:61:db:66:69:c5:06:aa:0b:ac:7d:45:bc:
4b:8f:e6:3e:9d:e7:f9:73:95:02:3b:47:bb:57:c9:2a:e1:a9:
a4:0d:90:0f:4e:b0:e8:64:fa:67:e2:fc:52:f2:4f:63:40:01:
44:44:bd:5b:84:10:36:b4:cc:aa:f1:f0:2a:ba:bb:ec:9e:d5:
58:c9:03:55:fc:2b:f1:0d:48:71:79:eb:07:02:b0:04:44:29:
4f:cb:8f:8b:51:27:ed:fd:7b:95:f7:a3:05:ce:84:a2:a4:50:
c1:ec:ce:b3:2c:5b:cf:aa:c8:80:bb:da:74:54:be:70:62:95:
51:f2:ac:be:e6:f2:51:26:60:7b:70:d3:33:f5:29:bb:28:b6:
06:c4:ff:65:5b:51:84:12:46:60:25:8f:98:04:16:bb:a9:8e:
54:fb:a0:a3:ad:22:f0:b9:8d:03:4c:7f:73:2a:c9:88:3a:bc:
bd:5a:86:d4:02:ed:e2:79:d3:a7:8c:55:54:a1:58:9b:e8:4e:
36:bc:e9:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+DUyhAwMqPbFjIU/l3pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmFjMzgyNjg5Njg3YjYwZmNlNWNlOWRiODg3YjIxZDY4
YTZhYmMwHhcNMjMwMTAxMTA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViMjFlNzhjYzJiMmE1YTQ5NDZjZmY2ODA0YjM0ZGI0MTM1MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxlhE60laCCksr4oK6uv4s7vZMv4
Ey9d9Kro+v8Zue0T1ZPeckzDpeTZ4/kFN0hi+jmc21Fqi1OAsKA8sbvvgz5Htj9w
K84tniDB2ASDVtvEn+YWmZOUNFpqMpEbqvSAEVH9b4gHV71TwOvr9/4O7BaZu+sT
SenAv/XFdV9AwambvUc7t0VVozK+63l/AIFjkA3zi8znEPZsABerMBD9b2Hwm21+
/k1yISGTFeBlALeiiNKNeeoW35adCnSg3rskvbPqvYaYpoLnX5oEVarg+QAn3AhH
Ss6DilFBRYUJBG8uPecYkATXAi/2gHVKL3MqZPBatzWquHpls1wh8oU3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1bIeeMwrKlpJRs/2gEs020E1ONMB8GA1UdIwQY
MBaAFAQqw4Joloe2D85c6duIeyHWimq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUt
NzBiYzY2ODkzZTVjLzEvblZzaDU0ekNzcVdrbEd6X2FBU3pUYlFUVTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUtNzBiYzY2ODkzZTVj
LzEvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueJcMA0G
CSqGSIb3DQEBCwUAA4IBAQAQMUJjVDLihtHPz5mmgIjH9Y+QwTCGDECaiMlocvh1
BbZm3mcitVZ/8cFZNxlrS1lzDY0IMbEqXotDDdlh22ZpxQaqC6x9RbxLj+Y+nef5
c5UCO0e7V8kq4amkDZAPTrDoZPpn4vxS8k9jQAFERL1bhBA2tMyq8fAqurvsntVY
yQNV/CvxDUhxeesHArAERClPy4+LUSft/XuV96MFzoSipFDB7M6zLFvPqsiAu9p0
VL5wYpVR8qy+5vJRJmB7cNMz9Sm7KLYGxP9lW1GEEkZgJY+YBBa7qY5U+6CjrSLw
uY0DTH9zKsmIOry9WobUAu3iedOnjFVUoVib6E42vOm+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org