Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/N6L5QmhhMfMiqar-w-bB2-X4JWE.roa
File: N6L5QmhhMfMiqar-w-bB2-X4JWE.roa (raw, json)
Hash identifier: NqC587zKZQD1JSX5/hW/4YE6cyA1qcewvTSTHoZeqVs=
Subject key identifier: 37:A2:F9:42:68:61:31:F3:22:A9:AA:FE:C3:E6:C1:DB:E5:F8:25:61
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01878ED6A08ADC8055359BD2746140D54620
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/N6L5QmhhMfMiqar-w-bB2-X4JWE.roa
Signing time: Mon 17 Apr 2023 10:50:43 +0000
ROA not before: Mon 17 Apr 2023 10:50:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 14:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:d6:a0:8a:dc:80:55:35:9b:d2:74:61:40:d5:46:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 17 10:50:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37a2f942686131f322a9aafec3e6c1dbe5f82561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:97:82:d2:30:7c:3a:5b:72:f8:36:ee:21:
86:60:a6:6f:2b:68:4f:c1:15:f9:3d:71:9e:bb:58:
26:80:7a:4f:b5:71:f4:85:e2:e5:fd:d5:bd:97:af:
05:00:57:4e:ee:11:c2:cc:b3:1d:7c:fc:93:50:a2:
03:61:d3:e1:85:c4:d6:85:c5:6e:f0:81:ab:0d:24:
64:37:62:63:59:7a:f6:f9:68:06:74:f5:8c:80:00:
24:f5:b8:9b:2e:f0:d1:81:e4:d9:98:50:dd:7f:33:
1a:33:bf:0a:b0:07:9f:98:0b:8c:95:a2:ee:b7:e7:
84:4d:a7:e7:52:0e:f8:ea:0f:8f:b3:9d:af:ce:5a:
a5:03:4c:f5:5f:a2:78:14:df:37:8a:3d:e9:42:ee:
54:fa:5b:65:6c:fc:f6:c5:65:0c:19:d7:3a:55:ed:
81:1d:41:c5:28:24:31:23:63:88:a6:a6:68:bc:33:
a0:71:95:9b:dd:5d:69:99:57:d2:8f:90:76:04:d3:
21:e3:5b:2d:51:19:64:d9:53:ba:18:33:9c:1c:73:
55:1b:41:54:06:a0:10:6b:de:35:b5:41:d8:3c:14:
5a:3f:8a:61:5a:44:78:cd:51:41:1d:e8:bd:27:96:
23:b7:78:b5:e2:c6:49:17:e1:1d:79:81:95:41:6d:
23:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A2:F9:42:68:61:31:F3:22:A9:AA:FE:C3:E6:C1:DB:E5:F8:25:61
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/N6L5QmhhMfMiqar-w-bB2-X4JWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
55:54:8a:33:32:a0:a9:46:6e:7d:a7:07:e0:fd:57:23:6d:60:
ed:bb:8a:db:23:4b:c9:5d:78:23:81:48:55:d6:7f:be:a0:0e:
66:6e:19:96:cd:c4:02:a1:3a:ae:94:c1:bd:0e:91:84:0d:6c:
ea:2b:42:9c:a5:ee:ba:b9:49:a7:4f:9f:24:c0:b6:ed:47:a4:
1e:92:94:e8:fd:29:0f:98:57:63:94:b3:8b:61:73:c2:67:15:
8e:cc:b2:b4:ed:de:92:18:be:5e:68:4f:b3:79:b2:d3:1b:6f:
19:44:b0:a3:e5:a4:c6:88:ad:04:bd:3d:19:6e:61:2b:3b:03:
76:70:54:b3:d0:62:1c:8b:49:d0:f9:18:8b:94:b6:9a:b2:07:
59:8c:91:39:75:53:ca:fc:2b:0a:87:64:2e:51:1f:e2:4e:3c:
58:5c:64:4f:3b:e7:ac:03:26:d9:7a:87:2c:f9:a8:3f:34:d1:
8e:d4:28:8c:5b:60:f2:3d:bc:f4:da:40:de:5a:81:4a:41:2e:
c3:d0:9e:85:6a:da:ac:9d:e4:6b:75:2d:1a:df:a8:11:6b:33:
0b:fd:ad:16:21:2b:3e:04:3a:92:c9:75:9d:30:cc:30:33:67:
fc:ef:3a:2a:85:6e:3d:db:6d:70:f2:48:2e:11:c9:51:06:c8:
1c:a0:24:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeO1qCK3IBVNZvSdGFA1UYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDE3MTA1MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2EyZjk0MjY4NjEzMWYzMjJhOWFhZmVjM2U2YzFkYmU1ZjgyNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq86XgtIwfDpbcvg27iGGYKZvK2hP
wRX5PXGeu1gmgHpPtXH0heLl/dW9l68FAFdO7hHCzLMdfPyTUKIDYdPhhcTWhcVu
8IGrDSRkN2JjWXr2+WgGdPWMgAAk9bibLvDRgeTZmFDdfzMaM78KsAefmAuMlaLu
t+eETafnUg746g+Ps52vzlqlA0z1X6J4FN83ij3pQu5U+ltlbPz2xWUMGdc6Ve2B
HUHFKCQxI2OIpqZovDOgcZWb3V1pmVfSj5B2BNMh41stURlk2VO6GDOcHHNVG0FU
BqAQa941tUHYPBRaP4phWkR4zVFBHei9J5Yjt3i14sZJF+EdeYGVQW0jswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDei+UJoYTHzIqmq/sPmwdvl+CVhMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTjZMNVFtaGhNZk1pcWFyLXctYkIyLVg0SldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV6rAwQB
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQBVVIozMqCpRm59pwfg/VcjbWDt
u4rbI0vJXXgjgUhV1n++oA5mbhmWzcQCoTqulMG9DpGEDWzqK0Kcpe66uUmnT58k
wLbtR6QekpTo/SkPmFdjlLOLYXPCZxWOzLK07d6SGL5eaE+zebLTG28ZRLCj5aTG
iK0EvT0ZbmErOwN2cFSz0GIci0nQ+RiLlLaasgdZjJE5dVPK/CsKh2QuUR/iTjxY
XGRPO+esAybZeocs+ag/NNGO1CiMW2DyPbz02kDeWoFKQS7D0J6FatqsneRrdS0a
36gRazML/a0WISs+BDqSyXWdMMwwM2f87zoqhW49221w8kguEclRBsgcoCTt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org