Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nKDbxfuutHTSxFZ1E6jD0T53pwk.roa
File: nKDbxfuutHTSxFZ1E6jD0T53pwk.roa (raw, json)
Hash identifier: BtdNbGcw9qmaK6qtbpbiuwDYg9J4SlxCStBiEeqnfP8=
Subject key identifier: 9C:A0:DB:C5:FB:AE:B4:74:D2:C4:56:75:13:A8:C3:D1:3E:77:A7:09
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0186C0F6BCDD9FF3036FD88120159711E3C4
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nKDbxfuutHTSxFZ1E6jD0T53pwk.roa
Signing time: Wed 08 Mar 2023 11:24:01 +0000
ROA not before: Wed 08 Mar 2023 11:24:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.185.43.0/24 maxlen: 24
2a0e:e800::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 17 Apr 2023 15:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:f6:bc:dd:9f:f3:03:6f:d8:81:20:15:97:11:e3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 8 11:24:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ca0dbc5fbaeb474d2c4567513a8c3d13e77a709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:85:08:d0:f5:1b:c1:78:76:de:57:2f:af:8f:
85:63:c9:0a:d2:fc:80:97:c8:8e:1c:d9:ff:13:92:
ae:e7:fe:27:77:71:2c:ab:23:20:b3:47:9c:07:6e:
af:93:3e:4b:8e:9f:ba:56:d6:a8:42:40:27:b3:26:
f5:7b:b8:19:c8:ff:87:dd:42:a9:86:88:37:46:a9:
11:ac:c5:e7:f6:e3:bc:e2:d2:00:79:b0:91:5e:32:
d3:4b:2b:04:1f:80:aa:57:8b:d8:8b:d0:24:71:2e:
45:9e:ca:b0:50:10:a6:ba:37:1c:6e:59:e7:b1:14:
e6:41:78:9f:ac:6f:17:1f:13:ea:66:c8:9a:0a:dc:
b8:b3:dc:94:85:4a:dd:a7:67:42:19:ff:f8:2e:2e:
76:35:f0:4d:03:3f:49:7b:1f:7c:43:c4:a2:da:db:
35:52:44:65:0e:ab:67:de:9f:93:de:cb:34:0f:17:
22:b4:77:44:37:28:29:0f:21:e6:29:34:68:6d:4f:
3f:f9:e1:21:e0:64:e4:ee:a5:5a:5c:5b:03:4c:fc:
3a:af:d5:bf:4a:f7:c1:f2:e0:2c:db:2c:28:d5:d2:
94:57:31:27:c8:85:4e:20:59:08:7e:cc:43:71:57:
e2:eb:75:f3:52:b1:d0:b7:8f:fe:c4:cc:ad:96:74:
ab:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A0:DB:C5:FB:AE:B4:74:D2:C4:56:75:13:A8:C3:D1:3E:77:A7:09
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nKDbxfuutHTSxFZ1E6jD0T53pwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.43.0/24
IPv6:
2a0e:e800::/29
Signature Algorithm: sha256WithRSAEncryption
a1:61:bf:85:94:a6:dc:9a:23:0e:6e:0d:2d:ac:57:64:44:82:
19:1d:a9:d8:c4:92:23:a1:a9:99:4d:8d:f3:6e:58:29:0d:56:
47:6c:c1:f4:e8:c2:a9:95:74:36:72:21:c0:18:75:a0:ac:bd:
71:66:0f:9b:c7:41:71:5e:13:a9:9f:8c:52:50:fd:44:3d:da:
31:f0:2c:4d:1a:f7:0e:e3:74:26:d2:e5:52:e6:19:d2:11:b4:
ea:09:ae:06:a7:d8:b3:d4:f1:b2:f5:10:ea:c7:4d:c2:33:a9:
46:e0:70:f8:c6:7e:c6:b8:49:bd:6f:94:49:eb:e2:65:8c:a7:
8c:8b:f9:6f:a2:e7:69:5c:ad:75:3e:ba:93:be:24:f3:a9:fd:
e6:24:6b:cd:eb:40:6f:2c:d7:56:93:9e:a3:e4:46:34:b0:94:
aa:87:13:ba:61:b5:99:f4:84:10:96:11:2f:59:77:51:b8:91:
e3:53:3e:d4:c6:08:8d:f3:a0:e1:5c:a3:30:16:90:ea:d3:0a:
60:f9:31:5d:1d:42:03:5d:d4:3c:4e:5d:70:16:fb:2b:76:91:
52:01:d3:92:86:c3:41:b4:d3:97:04:46:3a:59:3c:a6:a9:2c:
43:42:ae:ed:01:e1:6c:1b:ed:1e:5a:28:d9:5a:11:33:cd:23:
fd:b0:ab:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbA9rzdn/MDb9iBIBWXEePEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMzA4MTEyNDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2EwZGJjNWZiYWViNDc0ZDJjNDU2NzUxM2E4YzNkMTNlNzdhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYUI0PUbwXh23lcvr4+FY8kK0vyA
l8iOHNn/E5Ku5/4nd3EsqyMgs0ecB26vkz5Ljp+6VtaoQkAnsyb1e7gZyP+H3UKp
hog3RqkRrMXn9uO84tIAebCRXjLTSysEH4CqV4vYi9AkcS5FnsqwUBCmujccblnn
sRTmQXifrG8XHxPqZsiaCty4s9yUhUrdp2dCGf/4Li52NfBNAz9Jex98Q8Si2ts1
UkRlDqtn3p+T3ss0DxcitHdENygpDyHmKTRobU8/+eEh4GTk7qVaXFsDTPw6r9W/
SvfB8uAs2ywo1dKUVzEnyIVOIFkIfsxDcVfi63XzUrHQt4/+xMytlnSr0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJyg28X7rrR00sRWdROow9E+d6cJMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbktEYnhmdXV0SFRTeEZaMUU2akQwVDUzcHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubkrMA0E
AgACMAcDBQMqDugAMA0GCSqGSIb3DQEBCwUAA4IBAQChYb+FlKbcmiMObg0trFdk
RIIZHanYxJIjoamZTY3zblgpDVZHbMH06MKplXQ2ciHAGHWgrL1xZg+bx0FxXhOp
n4xSUP1EPdox8CxNGvcO43Qm0uVS5hnSEbTqCa4Gp9iz1PGy9RDqx03CM6lG4HD4
xn7GuEm9b5RJ6+JljKeMi/lvoudpXK11PrqTviTzqf3mJGvN60BvLNdWk56j5EY0
sJSqhxO6YbWZ9IQQlhEvWXdRuJHjUz7UxgiN86DhXKMwFpDq0wpg+TFdHUIDXdQ8
Tl1wFvsrdpFSAdOShsNBtNOXBEY6WTymqSxDQq7tAeFsG+0eWijZWhEzzSP9sKut
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org