Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/afa091-b16f-4527-8b00-1ddac2b08404/1/NtdskuMP3znW4I6yZ7fz3V7RN3U.roa
File: NtdskuMP3znW4I6yZ7fz3V7RN3U.roa (raw, json)
Hash identifier: 9hC3c4Ht/qBhjPCDOt06EK6I40i8G0zh0VLybxZ7SYU=
Subject key identifier: 36:D7:6C:92:E3:0F:DF:39:D6:E0:8E:B2:67:B7:F3:DD:5E:D1:37:75
Certificate issuer: /CN=bf982def77a26d7cc19473b3a4064dcc5217e471
Certificate serial: 01857203573399BEA64C7E58E1AE55424A8F
Authority key identifier: BF:98:2D:EF:77:A2:6D:7C:C1:94:73:B3:A4:06:4D:CC:52:17:E4:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v5gt73eibXzBlHOzpAZNzFIX5HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/afa091-b16f-4527-8b00-1ddac2b08404/1/NtdskuMP3znW4I6yZ7fz3V7RN3U.roa
Signing time: Mon 02 Jan 2023 10:24:59 +0000
ROA not before: Mon 02 Jan 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198710
IP address blocks: 91.217.174.0/24 maxlen: 24
2a05:e700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:57:33:99:be:a6:4c:7e:58:e1:ae:55:42:4a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf982def77a26d7cc19473b3a4064dcc5217e471
Validity
Not Before: Jan 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d76c92e30fdf39d6e08eb267b7f3dd5ed13775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a9:1e:d6:0c:43:b1:75:4f:fb:e2:62:1c:e6:
3c:69:1f:86:72:f1:27:de:1f:26:99:f5:8a:37:f5:
76:08:55:7a:9b:48:9f:fd:94:53:99:9c:f5:2f:a4:
27:92:a5:e1:29:13:5b:54:b3:84:9e:66:af:65:ba:
98:64:8e:83:e1:f0:b6:53:2f:25:68:7e:46:3b:a8:
3a:64:99:e4:df:64:0f:93:de:b1:6a:c9:4f:ce:45:
5d:f3:a9:41:cf:92:8a:8b:ad:fa:24:7f:35:18:a6:
38:99:6f:a6:d2:80:20:13:01:cb:05:e9:39:d2:c1:
98:90:a9:99:30:9f:a0:ea:f6:53:5f:8a:3d:50:0a:
97:7e:a1:48:c5:55:81:33:0a:0d:ad:36:57:1e:10:
6e:83:0c:00:68:e7:40:af:4d:ca:b5:ed:7c:bc:f9:
14:28:ab:fc:4a:14:77:f9:40:24:0b:4b:fa:fe:96:
17:e9:6f:9d:9c:ee:57:70:d4:06:85:7f:e1:b0:b6:
36:df:26:52:99:a9:8b:91:78:3f:77:bf:24:d1:ae:
0b:b3:31:c1:ae:bf:8d:c8:4d:91:77:04:d9:90:ef:
3f:6b:70:91:f3:52:fa:c0:c9:25:17:9c:b5:7f:31:
69:50:51:19:46:8d:a4:49:3e:7e:9f:88:83:65:78:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D7:6C:92:E3:0F:DF:39:D6:E0:8E:B2:67:B7:F3:DD:5E:D1:37:75
X509v3 Authority Key Identifier:
keyid:BF:98:2D:EF:77:A2:6D:7C:C1:94:73:B3:A4:06:4D:CC:52:17:E4:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5gt73eibXzBlHOzpAZNzFIX5HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/afa091-b16f-4527-8b00-1ddac2b08404/1/NtdskuMP3znW4I6yZ7fz3V7RN3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/afa091-b16f-4527-8b00-1ddac2b08404/1/v5gt73eibXzBlHOzpAZNzFIX5HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.174.0/24
IPv6:
2a05:e700::/29
Signature Algorithm: sha256WithRSAEncryption
88:88:74:af:d3:48:a1:01:ce:ee:e1:18:2e:52:ea:12:58:b2:
5c:1e:07:ca:92:33:4b:76:3c:09:2c:c5:02:99:25:d1:ec:a8:
60:40:ea:86:07:b1:81:de:6c:c8:32:a4:4f:23:96:33:88:20:
7d:ce:46:11:dd:e0:48:5e:2b:dd:49:b0:2d:58:00:97:a5:11:
fb:24:40:7c:1d:42:a7:d3:52:9b:ab:49:0c:30:2c:f4:71:4b:
8b:b3:5e:3d:92:83:ac:fd:6c:c4:fe:8f:a4:38:6a:e5:c9:1e:
3f:90:da:69:e2:b0:8c:af:1b:d1:be:e4:6a:47:71:38:91:71:
d1:0b:f0:5b:a9:58:88:7c:08:f2:52:96:2f:91:bb:9e:fc:35:
47:df:1c:47:54:4a:d1:8f:11:12:8d:3a:72:ea:5b:d2:86:8e:
0c:b1:b7:9f:eb:1e:84:3d:4b:2d:bd:8c:7d:f7:62:8e:80:97:
d6:ba:55:30:61:4e:b0:ce:aa:0b:9b:ff:9a:87:7a:60:b6:5e:
16:ca:70:f4:fa:c0:98:4d:32:e1:d0:9b:cd:74:68:90:dd:76:
64:d6:19:66:cf:19:de:15:57:51:c8:e0:b8:16:97:28:43:db:
0a:29:76:4e:64:bf:74:1b:ca:a0:74:5d:50:10:6d:fb:4a:64:
58:95:6d:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA1czmb6mTH5Y4a5VQkqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOTgyZGVmNzdhMjZkN2NjMTk0NzNiM2E0MDY0ZGNjNTIx
N2U0NzEwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ3NmM5MmUzMGZkZjM5ZDZlMDhlYjI2N2I3ZjNkZDVlZDEzNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qke1gxDsXVP++JiHOY8aR+GcvEn
3h8mmfWKN/V2CFV6m0if/ZRTmZz1L6QnkqXhKRNbVLOEnmavZbqYZI6D4fC2Uy8l
aH5GO6g6ZJnk32QPk96xaslPzkVd86lBz5KKi636JH81GKY4mW+m0oAgEwHLBek5
0sGYkKmZMJ+g6vZTX4o9UAqXfqFIxVWBMwoNrTZXHhBugwwAaOdAr03Kte18vPkU
KKv8ShR3+UAkC0v6/pYX6W+dnO5XcNQGhX/hsLY23yZSmamLkXg/d78k0a4LszHB
rr+NyE2RdwTZkO8/a3CR81L6wMklF5y1fzFpUFEZRo2kST5+n4iDZXhnEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbXbJLjD9851uCOsme3891e0Td1MB8GA1UdIwQY
MBaAFL+YLe93om18wZRzs6QGTcxSF+RxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjVndDczZWliWHpCbEhPenBBWk56RklYNUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZmEwOTEtYjE2Zi00NTI3LThiMDAt
MWRkYWMyYjA4NDA0LzEvTnRkc2t1TVAzem5XNEk2eVo3ZnozVjdSTjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZmEwOTEtYjE2Zi00NTI3LThiMDAtMWRkYWMyYjA4NDA0
LzEvdjVndDczZWliWHpCbEhPenBBWk56RklYNUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9muMA0E
AgACMAcDBQMqBecAMA0GCSqGSIb3DQEBCwUAA4IBAQCIiHSv00ihAc7u4RguUuoS
WLJcHgfKkjNLdjwJLMUCmSXR7KhgQOqGB7GB3mzIMqRPI5YziCB9zkYR3eBIXivd
SbAtWACXpRH7JEB8HUKn01Kbq0kMMCz0cUuLs149koOs/WzE/o+kOGrlyR4/kNpp
4rCMrxvRvuRqR3E4kXHRC/BbqViIfAjyUpYvkbue/DVH3xxHVErRjxESjTpy6lvS
ho4Msbef6x6EPUstvYx992KOgJfWulUwYU6wzqoLm/+ah3pgtl4WynD0+sCYTTLh
0JvNdGiQ3XZk1hlmzxneFVdRyOC4FpcoQ9sKKXZOZL90G8qgdF1QEG37SmRYlW0A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org