Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/nhCc7oM1rtJu7N6biXepFqsgbPI.roa
File: nhCc7oM1rtJu7N6biXepFqsgbPI.roa (raw, json)
Hash identifier: 1p+h+gitPrNzJdxoklQnZ3b4g8bOJDnokQjMo8Rp+qk=
Subject key identifier: 9E:10:9C:EE:83:35:AE:D2:6E:EC:DE:9B:89:77:A9:16:AB:20:6C:F2
Certificate issuer: /CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Certificate serial: 01856F795C3A252179F55E565A8AAD971932
Authority key identifier: 01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/nhCc7oM1rtJu7N6biXepFqsgbPI.roa
Signing time: Sun 01 Jan 2023 22:35:02 +0000
ROA not before: Sun 01 Jan 2023 22:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.111.76.0/22 maxlen: 24
46.149.168.0/22 maxlen: 24
2a0d:f7c0::/32 maxlen: 34
2a06:5bc0::/29 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:5c:3a:25:21:79:f5:5e:56:5a:8a:ad:97:19:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Validity
Not Before: Jan 1 22:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e109cee8335aed26eecde9b8977a916ab206cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:80:28:88:61:e3:9e:08:0a:db:08:b5:94:cc:
08:0c:b8:10:53:58:dc:30:e6:00:19:33:ab:f4:27:
41:75:7d:9a:43:9e:36:04:df:fd:6c:db:f3:25:ab:
50:ce:ea:a4:84:45:a2:f7:30:35:c7:6f:4a:40:1b:
c7:51:8e:9e:5d:2d:6d:73:bc:62:6c:70:92:76:37:
d1:94:14:92:76:ae:37:25:7e:51:6e:d4:f5:88:d1:
0a:1e:3f:5f:07:c7:98:55:1e:84:19:50:10:e6:ec:
e2:83:4d:6f:04:2b:bc:70:55:af:41:3e:52:ab:de:
b4:79:ef:17:0c:27:22:8d:a1:76:4f:3f:c1:f1:3b:
42:cf:ed:79:75:32:52:03:cf:a6:b2:92:39:a7:12:
22:73:a0:28:98:b5:4d:65:92:2c:12:1a:e3:39:fa:
95:3c:b6:13:94:dd:84:2a:12:92:4a:73:2e:c0:52:
ba:c8:5d:fc:bb:cb:b5:9e:f4:ee:3a:c3:ec:87:4e:
c3:ce:0d:25:08:87:7a:3c:12:6e:40:20:d6:f0:1a:
5d:6d:30:b6:ec:e4:5b:c0:e9:c1:20:ce:a0:73:b4:
2e:1d:b8:ab:16:2a:00:ea:7f:e1:66:aa:15:cc:bc:
97:d9:5b:5c:c9:c7:b9:7e:2c:b1:b8:3a:33:ff:a8:
fb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:10:9C:EE:83:35:AE:D2:6E:EC:DE:9B:89:77:A9:16:AB:20:6C:F2
X509v3 Authority Key Identifier:
keyid:01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/nhCc7oM1rtJu7N6biXepFqsgbPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.168.0/22
185.111.76.0/22
IPv6:
2a06:5bc0::/29
2a0d:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
54:91:4f:1d:a2:8d:14:d5:9d:ab:ca:97:f6:c4:72:db:a8:85:
b2:66:3b:bf:bf:4a:d3:0b:d9:c1:86:9c:14:77:0f:f4:52:1c:
0a:fa:bd:35:45:98:a4:00:ed:43:ab:9c:ab:a8:29:f5:82:4b:
b7:ae:0a:1e:3b:63:eb:ab:95:a0:11:06:23:1f:f8:c0:08:55:
68:a3:0b:eb:28:2f:ff:eb:2a:c4:8e:3f:d7:71:4d:f8:8b:61:
a5:0b:a2:07:20:52:72:59:29:b5:ed:c3:b7:58:08:ba:90:bd:
ec:9e:8e:3a:81:18:4f:1e:df:6a:1f:c2:14:fc:4c:97:d1:1a:
75:60:ac:12:55:e0:bd:9d:90:be:ce:29:e3:45:76:c0:18:f9:
ae:dd:44:9f:f0:31:d6:fd:58:63:29:4f:5c:85:ec:c8:fe:84:
36:f5:9d:3f:68:47:b4:02:d7:39:14:f1:dd:1b:53:96:5d:f5:
76:0f:f1:00:23:d0:8a:cf:5f:c9:d6:7d:94:74:c8:e0:cc:92:
7b:64:b7:0f:bd:85:21:5e:6c:db:2d:6c:58:8f:63:dc:48:7b:
f8:a6:e7:b1:9c:4f:86:25:f3:3b:b5:3d:37:02:f1:4a:10:9b:
34:7e:59:de:ec:4d:ce:7b:3e:04:46:1e:13:3a:0d:8c:3a:0c:
87:37:a6:40
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVveVw6JSF59V5WWoqtlxkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzIzNTA2NzE4ZGZjZjJhOGJkMTc2ZDRlYTI0ZTI3NTMy
MmZjZmIwHhcNMjMwMTAxMjIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTEwOWNlZTgzMzVhZWQyNmVlY2RlOWI4OTc3YTkxNmFiMjA2Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYAoiGHjnggK2wi1lMwIDLgQU1jc
MOYAGTOr9CdBdX2aQ542BN/9bNvzJatQzuqkhEWi9zA1x29KQBvHUY6eXS1tc7xi
bHCSdjfRlBSSdq43JX5RbtT1iNEKHj9fB8eYVR6EGVAQ5uzig01vBCu8cFWvQT5S
q960ee8XDCcijaF2Tz/B8TtCz+15dTJSA8+mspI5pxIic6AomLVNZZIsEhrjOfqV
PLYTlN2EKhKSSnMuwFK6yF38u8u1nvTuOsPsh07Dzg0lCId6PBJuQCDW8BpdbTC2
7ORbwOnBIM6gc7QuHbirFioA6n/hZqoVzLyX2Vtcyce5fiyxuDoz/6j7UwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJ4QnO6DNa7Sbuzem4l3qRarIGzyMB8GA1UdIwQY
MBaAFAFyNQZxjfzyqL0XbU6iTidTIvz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEt
MDUzNzNiYTk0ODNkLzEvbmhDYzdvTTFydEp1N042YmlYZXBGcXNnYlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEtMDUzNzNiYTk0ODNk
LzEvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLpWoAwQC
uW9MMBQEAgACMA4DBQMqBlvAAwUAKg33wDANBgkqhkiG9w0BAQsFAAOCAQEAVJFP
HaKNFNWdq8qX9sRy26iFsmY7v79K0wvZwYacFHcP9FIcCvq9NUWYpADtQ6ucq6gp
9YJLt64KHjtj66uVoBEGIx/4wAhVaKML6ygv/+sqxI4/13FN+IthpQuiByBSclkp
te3Dt1gIupC97J6OOoEYTx7fah/CFPxMl9EadWCsElXgvZ2Qvs4p40V2wBj5rt1E
n/Ax1v1YYylPXIXsyP6ENvWdP2hHtALXORTx3RtTll31dg/xACPQis9fydZ9lHTI
4MySe2S3D72FIV5s2y1sWI9j3Eh7+KbnsZxPhiXzO7U9NwLxShCbNH5Z3uxNzns+
BEYeEzoNjDoMhzemQA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:48 2024 by rpki-client on console-ams.rpki-client.org