Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/NNRdgFcSp1DK3ThDTW4BDOs2a-8.roa
File: NNRdgFcSp1DK3ThDTW4BDOs2a-8.roa (raw, json)
Hash identifier: XyIZnd3F+BiqOADYbYTTG76oUfxJQgBouyTmwx7iaXc=
Subject key identifier: 34:D4:5D:80:57:12:A7:50:CA:DD:38:43:4D:6E:01:0C:EB:36:6B:EF
Certificate issuer: /CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Certificate serial: 01856F39010C76A7E3DA8D34A14C2DFD9556
Authority key identifier: A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/NNRdgFcSp1DK3ThDTW4BDOs2a-8.roa
Signing time: Sun 01 Jan 2023 21:24:44 +0000
ROA not before: Sun 01 Jan 2023 21:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59419
IP address blocks: 185.141.84.0/22 maxlen: 24
2a0b:aa00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:01:0c:76:a7:e3:da:8d:34:a1:4c:2d:fd:95:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Validity
Not Before: Jan 1 21:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d45d805712a750cadd38434d6e010ceb366bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:ce:74:81:e7:f4:e3:b1:19:3c:0c:7f:e3:
af:84:35:37:8b:4a:80:c8:3f:c6:59:3e:1e:ba:49:
1f:60:ca:f4:f0:c2:8f:b5:02:39:1f:b3:84:15:5e:
18:69:9b:2c:12:26:6a:ed:14:0c:80:67:33:8e:09:
59:42:a8:6f:12:54:f4:c2:1d:a3:52:7c:41:b6:ff:
15:9e:97:dc:1a:ed:25:3d:52:07:26:cb:43:d2:98:
d2:a9:9f:31:26:fb:32:fb:3e:53:ae:6d:67:36:39:
63:da:55:f5:62:8d:44:e4:5d:7f:d6:20:7b:95:78:
0b:75:c8:08:54:d2:78:22:b0:04:b9:a4:75:be:0f:
6a:f2:96:d2:15:f2:83:40:d7:28:e2:29:09:bc:11:
55:80:bc:78:25:45:e3:54:4b:f9:33:c2:37:d3:9b:
bb:66:e2:68:65:43:74:19:53:34:52:3d:fd:a6:ad:
3c:49:a7:66:e0:50:14:b5:3b:24:7d:6f:99:7f:fb:
b3:ab:08:4b:9c:b5:ce:65:d1:5e:b7:2c:ab:20:29:
5f:36:e2:b1:7b:65:54:22:ea:ac:1f:79:29:61:04:
dd:b3:ef:2f:08:e8:88:ef:b4:85:be:36:bf:7e:5e:
88:05:e7:ed:84:67:31:83:06:4d:29:15:5e:31:82:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D4:5D:80:57:12:A7:50:CA:DD:38:43:4D:6E:01:0C:EB:36:6B:EF
X509v3 Authority Key Identifier:
keyid:A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/NNRdgFcSp1DK3ThDTW4BDOs2a-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/oOBJ0AuoQh5MRalISSlFx4_Z4W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.84.0/22
IPv6:
2a0b:aa00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:ab:0e:5e:ef:58:f5:fb:09:d3:60:9a:9c:77:ae:9b:50:7b:
81:b1:3f:9d:53:84:5e:52:79:ed:df:55:8f:59:d7:5d:73:8f:
6e:83:76:26:ae:e0:0c:bf:e4:de:31:12:5a:71:78:96:2c:ff:
3d:bf:f2:5e:41:9d:6d:4c:c0:16:76:28:59:83:62:9f:3f:50:
82:10:51:ca:82:20:85:c5:79:ad:23:c3:83:53:08:3d:d6:09:
f7:10:d2:b6:29:7a:b3:bb:a5:97:5b:20:91:cf:91:47:49:c4:
df:4d:3a:62:f1:93:58:1b:0c:bd:c8:f7:c8:e3:c9:6f:44:ff:
c1:71:f0:21:82:00:dc:5f:d1:c8:a0:4b:b8:f4:62:0f:b2:4f:
32:0a:53:63:d1:08:fe:69:a0:d5:41:c2:4a:6a:43:8f:42:09:
d1:a3:5a:b2:62:03:3d:81:38:c7:e0:66:f9:a7:4f:1c:39:7f:
5c:e6:3b:7b:73:d7:03:2a:57:7c:4f:32:6f:b3:5e:0d:b1:fa:
89:08:0b:c5:84:fc:e2:50:a6:6b:c9:11:9f:cb:3b:f6:2c:b1:
7d:3d:a0:f4:41:fc:a1:25:5e:81:83:c5:e6:f9:52:59:a1:7e:
3a:5b:34:cb:3e:1f:f8:c0:70:06:74:58:3a:fb:32:aa:1c:2b:
7e:ca:48:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOQEMdqfj2o00oUwt/ZVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTA0OWQwMGJhODQyMWU0YzQ1YTk0ODQ5Mjk0NWM3OGZk
OWUxNmQwHhcNMjMwMTAxMjEyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ0NWQ4MDU3MTJhNzUwY2FkZDM4NDM0ZDZlMDEwY2ViMzY2YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvvOdIHn9OOxGTwMf+OvhDU3i0qA
yD/GWT4eukkfYMr08MKPtQI5H7OEFV4YaZssEiZq7RQMgGczjglZQqhvElT0wh2j
UnxBtv8VnpfcGu0lPVIHJstD0pjSqZ8xJvsy+z5Trm1nNjlj2lX1Yo1E5F1/1iB7
lXgLdcgIVNJ4IrAEuaR1vg9q8pbSFfKDQNco4ikJvBFVgLx4JUXjVEv5M8I305u7
ZuJoZUN0GVM0Uj39pq08Sadm4FAUtTskfW+Zf/uzqwhLnLXOZdFetyyrIClfNuKx
e2VUIuqsH3kpYQTds+8vCOiI77SFvja/fl6IBefthGcxgwZNKRVeMYKC1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDTUXYBXEqdQyt04Q01uAQzrNmvvMB8GA1UdIwQY
MBaAFKDgSdALqEIeTEWpSEkpRceP2eFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEt
NWY0YTE1Y2I5MDU0LzEvTk5SZGdGY1NwMURLM1RoRFRXNEJET3MyYS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEtNWY0YTE1Y2I5MDU0
LzEvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY1UMA0E
AgACMAcDBQMqC6oAMA0GCSqGSIb3DQEBCwUAA4IBAQBrqw5e71j1+wnTYJqcd66b
UHuBsT+dU4ReUnnt31WPWdddc49ug3YmruAMv+TeMRJacXiWLP89v/JeQZ1tTMAW
dihZg2KfP1CCEFHKgiCFxXmtI8ODUwg91gn3ENK2KXqzu6WXWyCRz5FHScTfTTpi
8ZNYGwy9yPfI48lvRP/BcfAhggDcX9HIoEu49GIPsk8yClNj0Qj+aaDVQcJKakOP
QgnRo1qyYgM9gTjH4Gb5p08cOX9c5jt7c9cDKld8TzJvs14NsfqJCAvFhPziUKZr
yRGfyzv2LLF9PaD0QfyhJV6Bg8Xm+VJZoX46WzTLPh/4wHAGdFg6+zKqHCt+ykjh
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:14 2024 by rpki-client on console-fra.rpki-client.org