Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/098afNMONpc7DjJCzJdd8uOJgKs.roa
File: 098afNMONpc7DjJCzJdd8uOJgKs.roa (raw, json)
Hash identifier: MhIAgyXUt6sBrPLMg9xDFZoVr39J+Z9h04ckcXLWo40=
Subject key identifier: D3:DF:1A:7C:D3:0E:36:97:3B:0E:32:42:CC:97:5D:F2:E3:89:80:AB
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018CC500DCC141DED7B1C8E574F3A898C725
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/098afNMONpc7DjJCzJdd8uOJgKs.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 185.89.251.0/24 maxlen: 24
193.239.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 11:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:dc:c1:41:de:d7:b1:c8:e5:74:f3:a8:98:c7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3df1a7cd30e36973b0e3242cc975df2e38980ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:9a:55:e3:03:8f:cc:22:90:24:1c:f4:4c:
e7:03:e5:b0:89:4a:53:81:a0:06:12:1a:26:47:f9:
a7:50:e6:26:dc:d7:61:fe:90:ec:7c:1c:08:28:83:
a1:25:ff:a8:cb:51:af:52:95:ac:3c:5c:42:6c:9a:
a9:06:80:6a:2b:95:97:ef:ec:62:5a:9a:63:af:c9:
13:8c:0e:68:21:42:fc:00:b1:6a:51:34:97:90:ff:
89:42:b5:42:23:41:88:40:bb:c4:bc:e1:04:89:80:
51:70:11:7d:ad:20:ef:c1:4e:f6:b0:b2:36:b5:b0:
f7:e4:e8:f5:7a:27:2b:c3:4e:bc:74:76:6d:16:4e:
37:c5:a8:60:27:4a:cb:47:d4:80:f3:f6:fc:b1:76:
8a:26:8a:59:ec:5c:50:8d:cb:e6:12:b7:2e:e4:e1:
f9:00:d7:dc:b0:66:26:74:cc:85:1f:bb:df:62:a2:
62:f5:fa:be:7a:17:43:8e:6f:cb:12:2a:a7:ce:46:
73:9a:dd:88:49:c8:68:0a:c3:4e:50:b5:13:ef:62:
00:d4:6f:5c:60:62:b3:73:35:d5:06:47:01:15:19:
44:c8:99:ad:6c:9a:4f:3a:e9:d8:72:4a:65:11:16:
86:43:51:3b:fe:87:e2:d7:32:a2:97:fb:49:87:c6:
57:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DF:1A:7C:D3:0E:36:97:3B:0E:32:42:CC:97:5D:F2:E3:89:80:AB
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/098afNMONpc7DjJCzJdd8uOJgKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.251.0/24
193.239.146.0/23
Signature Algorithm: sha256WithRSAEncryption
92:93:52:f3:a2:41:be:ff:23:02:a0:15:4f:58:63:62:7b:7f:
3d:ea:20:74:a3:e4:db:58:39:ed:bf:85:81:93:0c:79:81:5a:
30:c5:a6:c2:9e:99:5d:b0:30:e7:50:68:3f:63:4f:d9:b3:f8:
19:fb:cc:96:43:44:89:f5:c0:ea:bd:85:17:bc:44:52:a1:25:
e0:59:e5:9e:d5:9a:9e:96:8e:b9:01:48:d6:45:5c:63:17:ff:
13:b3:75:39:42:97:8c:97:12:d2:31:2b:99:22:ee:a0:19:81:
87:1c:d5:d6:b4:04:fd:dd:81:83:10:23:1a:7b:79:4c:8a:c6:
09:80:11:2d:b7:4d:3b:ff:dd:86:7a:15:be:d1:92:76:d2:26:
60:fb:66:04:11:e7:3a:6f:1f:7a:8f:9e:6f:b5:a4:3f:9a:eb:
00:3a:ae:df:16:2b:99:19:81:dc:0f:7e:93:cd:e8:40:4d:60:
0f:fe:4f:c3:f4:de:3a:bb:09:d8:da:7c:40:d0:63:28:ba:e3:
5a:ee:f9:90:5a:55:e6:a2:f6:a8:55:e5:f5:5d:e1:0d:e9:10:
35:db:c1:1a:b4:b6:4f:85:74:14:67:5b:17:6c:44:b1:00:70:
d4:44:23:8a:68:08:0e:11:e2:0e:f8:ad:f8:15:9a:10:74:d9:
d6:6d:16:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFANzBQd7XscjldPOomMclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2RmMWE3Y2QzMGUzNjk3M2IwZTMyNDJjYzk3NWRmMmUzODk4MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaWaVeMDj8wikCQc9EznA+WwiUpT
gaAGEhomR/mnUOYm3Ndh/pDsfBwIKIOhJf+oy1GvUpWsPFxCbJqpBoBqK5WX7+xi
Wppjr8kTjA5oIUL8ALFqUTSXkP+JQrVCI0GIQLvEvOEEiYBRcBF9rSDvwU72sLI2
tbD35Oj1eicrw068dHZtFk43xahgJ0rLR9SA8/b8sXaKJopZ7FxQjcvmErcu5OH5
ANfcsGYmdMyFH7vfYqJi9fq+ehdDjm/LEiqnzkZzmt2ISchoCsNOULUT72IA1G9c
YGKzczXVBkcBFRlEyJmtbJpPOunYckplERaGQ1E7/ofi1zKil/tJh8ZXtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPfGnzTDjaXOw4yQsyXXfLjiYCrMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvMDk4YWZOTU9OcGM3RGpKQ3pKZGQ4dU9KZ0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVn7AwQB
we+SMA0GCSqGSIb3DQEBCwUAA4IBAQCSk1LzokG+/yMCoBVPWGNie3896iB0o+Tb
WDntv4WBkwx5gVowxabCnpldsDDnUGg/Y0/Zs/gZ+8yWQ0SJ9cDqvYUXvERSoSXg
WeWe1Zqelo65AUjWRVxjF/8Ts3U5QpeMlxLSMSuZIu6gGYGHHNXWtAT93YGDECMa
e3lMisYJgBEtt007/92GehW+0ZJ20iZg+2YEEec6bx96j55vtaQ/musAOq7fFiuZ
GYHcD36TzehATWAP/k/D9N46uwnY2nxA0GMouuNa7vmQWlXmovaoVeX1XeEN6RA1
28EatLZPhXQUZ1sXbESxAHDURCOKaAgOEeIO+K34FZoQdNnWbRZP
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:26 2024 by rpki-client on console-fra.rpki-client.org