Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/Nhvq7xWJqGYterF73ArcM7bnYvI.roa
File: Nhvq7xWJqGYterF73ArcM7bnYvI.roa (raw, json)
Hash identifier: /H+gBakvluR+OfgWEV1qrdrHavbSGN6xsjjmCBz8ky0=
Subject key identifier: 36:1B:EA:EF:15:89:A8:66:2D:7A:B1:7B:DC:0A:DC:33:B6:E7:62:F2
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018A7D8832536A2CB5FFD01DF93A0700FD9E
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/Nhvq7xWJqGYterF73ArcM7bnYvI.roa
Signing time: Sun 10 Sep 2023 05:19:52 +0000
ROA not before: Sun 10 Sep 2023 05:19:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.244.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7d:88:32:53:6a:2c:b5:ff:d0:1d:f9:3a:07:00:fd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Sep 10 05:19:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=361beaef1589a8662d7ab17bdc0adc33b6e762f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:f1:e3:45:73:77:71:57:98:dc:f0:a9:c7:
33:a0:16:ec:72:44:f3:53:2e:46:f8:5e:15:cd:aa:
37:09:55:73:98:9c:a9:9a:e4:9f:f3:1c:10:18:c4:
0e:32:bf:63:99:44:4c:ca:6b:51:c3:cd:ab:78:ea:
e3:67:c1:0b:38:a9:2c:fe:d2:7b:2a:66:0e:a9:03:
a0:b2:19:ed:7f:df:16:35:54:79:37:1b:27:63:d9:
f6:5c:0f:db:30:58:45:35:68:4c:26:e5:61:a2:36:
61:f7:f8:17:67:da:37:66:40:ca:5b:24:7a:95:89:
87:0c:98:32:e4:0a:80:62:db:95:40:8e:aa:57:96:
15:8b:9e:45:dc:8b:17:99:fb:67:80:a3:38:2f:1c:
17:b0:54:f5:a9:a3:b0:d8:37:95:9a:08:d6:9d:ea:
0a:c9:cf:91:f9:94:dc:ee:ca:8c:cc:34:eb:91:e4:
51:0b:48:97:fb:a9:b3:e2:f1:28:61:1d:b2:b5:ec:
bb:f0:59:5e:7f:93:64:2f:12:c5:95:0a:62:25:51:
1a:27:83:6e:58:0b:1a:87:27:fb:cc:63:20:84:93:
28:b8:87:82:24:33:19:57:0c:63:d0:29:f3:ff:50:
de:f1:ac:31:90:44:01:27:a6:25:54:a6:d5:a6:71:
5e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1B:EA:EF:15:89:A8:66:2D:7A:B1:7B:DC:0A:DC:33:B6:E7:62:F2
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/Nhvq7xWJqGYterF73ArcM7bnYvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:80:df:2d:0a:5d:50:10:97:70:13:dc:2c:1f:b0:88:f2:c7:
78:83:b5:9e:7e:ed:92:ef:58:99:57:25:79:01:f1:c9:28:b1:
d4:c2:b7:8e:4b:35:9f:cc:a0:44:ae:51:2f:fa:85:04:2c:47:
9b:75:0f:c5:1a:28:a8:f6:df:f3:7f:67:bd:4a:54:01:90:99:
91:5b:93:f5:19:ff:53:3e:52:4c:e5:46:8b:a2:d0:48:2a:b5:
2d:4d:b1:ab:dd:b3:bb:f3:a2:39:c2:aa:3b:85:f8:42:94:97:
f9:09:3c:d1:3c:76:21:89:02:93:f6:f4:88:96:65:b1:68:d7:
81:91:9a:93:9e:1d:4f:df:a2:3a:fa:7b:91:fa:e6:9f:0f:0b:
a2:e2:65:bc:2a:a4:2d:40:46:ea:a3:1a:87:ed:ed:12:3b:3a:
67:a9:d6:33:a0:9b:57:19:d2:04:9a:0c:1a:7c:3c:29:78:0c:
83:74:09:a5:c3:ad:b6:f6:98:f1:a5:b6:65:c2:1b:53:be:1b:
b5:77:6b:dd:05:e3:a5:f3:65:a1:a3:da:5e:da:24:9c:78:40:
36:e8:0a:c0:9c:9f:f1:96:57:31:9f:e9:8c:fd:58:12:4c:b4:
42:94:be:8d:71:ad:92:ba:cf:0f:7f:22:d9:f8:e7:14:a9:c0:
a7:14:fd:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp9iDJTaiy1/9Ad+ToHAP2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTEwMDUxOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFiZWFlZjE1ODlhODY2MmQ3YWIxN2JkYzBhZGMzM2I2ZTc2MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUHx40Vzd3FXmNzwqcczoBbsckTz
Uy5G+F4Vzao3CVVzmJypmuSf8xwQGMQOMr9jmURMymtRw82reOrjZ8ELOKks/tJ7
KmYOqQOgshntf98WNVR5NxsnY9n2XA/bMFhFNWhMJuVhojZh9/gXZ9o3ZkDKWyR6
lYmHDJgy5AqAYtuVQI6qV5YVi55F3IsXmftngKM4LxwXsFT1qaOw2DeVmgjWneoK
yc+R+ZTc7sqMzDTrkeRRC0iX+6mz4vEoYR2ytey78Flef5NkLxLFlQpiJVEaJ4Nu
WAsahyf7zGMghJMouIeCJDMZVwxj0Cnz/1De8awxkEQBJ6YlVKbVpnFexwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYb6u8ViahmLXqxe9wK3DO252LyMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvTmh2cTd4V0pxR1l0ZXJGNzNBcmNNN2JuWXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufRrMA0G
CSqGSIb3DQEBCwUAA4IBAQALgN8tCl1QEJdwE9wsH7CI8sd4g7Wefu2S71iZVyV5
AfHJKLHUwreOSzWfzKBErlEv+oUELEebdQ/FGiio9t/zf2e9SlQBkJmRW5P1Gf9T
PlJM5UaLotBIKrUtTbGr3bO786I5wqo7hfhClJf5CTzRPHYhiQKT9vSIlmWxaNeB
kZqTnh1P36I6+nuR+uafDwui4mW8KqQtQEbqoxqH7e0SOzpnqdYzoJtXGdIEmgwa
fDwpeAyDdAmlw6229pjxpbZlwhtTvhu1d2vdBeOl82Who9pe2iSceEA26ArAnJ/x
llcxn+mM/VgSTLRClL6Nca2Sus8PfyLZ+OcUqcCnFP0l
-----END CERTIFICATE-----
Generated at Tue Sep 12 18:50:40 2023 by rpki-client on console-ams.rpki-client.org