Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/NNKtBfwfVddYj62JUPYjx1D80oY.roa
File: NNKtBfwfVddYj62JUPYjx1D80oY.roa (raw, json)
Hash identifier: IYoSmKF44QqyKYyU+3eT3WlL8wsLQpsE24+/1ilH03s=
Subject key identifier: 34:D2:AD:05:FC:1F:55:D7:58:8F:AD:89:50:F6:23:C7:50:FC:D2:86
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018774A42BF0629EC015AC58DBF14165DFF8
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/NNKtBfwfVddYj62JUPYjx1D80oY.roa
Signing time: Wed 12 Apr 2023 08:45:28 +0000
ROA not before: Wed 12 Apr 2023 08:45:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.105.197.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
109.105.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 00:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:a4:2b:f0:62:9e:c0:15:ac:58:db:f1:41:65:df:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Apr 12 08:45:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d2ad05fc1f55d7588fad8950f623c750fcd286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:e5:28:ec:42:cb:26:ae:57:2f:ad:8e:bf:
41:fc:3f:fe:60:89:e5:bb:09:90:fc:54:bb:f5:34:
20:78:10:04:ce:2f:30:0e:6f:be:4b:52:33:29:59:
94:79:a0:8e:5a:4f:b6:06:c7:c7:16:be:7a:14:57:
02:27:94:a6:c4:6b:d1:a5:54:2a:d0:6d:7c:bc:41:
91:d2:8c:1d:a3:91:41:84:4f:a7:20:2a:01:18:1b:
99:b1:9c:26:b6:c3:74:d1:f9:26:35:d9:18:0e:de:
7d:3d:87:58:18:4e:07:00:e1:78:bd:ae:a9:57:a1:
9c:09:12:7a:1c:04:f5:91:c6:fc:92:40:b3:df:31:
51:1b:01:12:5c:b1:7e:ea:87:e3:e4:09:17:b8:b2:
c6:29:ca:92:68:c0:81:b8:27:7f:3a:ff:e4:d5:3f:
f4:8d:86:1c:4a:0c:de:ed:8c:db:78:d6:b3:e8:b8:
f1:8e:86:ea:76:df:21:98:bb:bd:8a:6b:fc:53:f1:
a5:91:36:b9:56:f6:24:5d:64:ae:4a:b6:aa:ce:c3:
16:09:da:ef:1d:1a:75:19:a3:a5:c6:e0:f7:6b:11:
b4:cc:58:00:dd:5c:08:73:87:a0:b3:e9:1e:28:52:
1e:a0:eb:ed:df:fe:ca:1f:d1:b0:88:7b:ec:df:c3:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D2:AD:05:FC:1F:55:D7:58:8F:AD:89:50:F6:23:C7:50:FC:D2:86
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/NNKtBfwfVddYj62JUPYjx1D80oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.193.0/24
109.105.197.0/24
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b8:53:77:bc:cc:fb:02:ce:1b:9a:85:63:ca:5f:d9:27:93:
27:ef:5a:f5:b6:b1:64:63:46:c3:ae:65:28:55:92:a5:e3:8f:
8f:1d:a5:a3:11:bd:8d:c8:c7:53:02:15:35:23:53:b5:d4:d9:
09:60:8f:4d:0e:71:10:5a:e2:bf:19:b3:c9:6b:a2:3a:e1:16:
fa:79:91:b6:a9:32:58:ca:d7:b9:86:20:12:45:99:6d:4b:8a:
d0:5b:f8:15:e5:bf:72:85:11:29:d3:83:b7:21:29:8c:9d:53:
b0:30:90:3d:ac:04:a1:e3:4f:5a:ee:d2:b2:24:3d:c6:04:dc:
f2:37:fb:25:29:1d:32:6c:93:cc:6b:2b:4e:6c:49:62:1d:21:
c7:9e:f8:93:de:f9:c1:89:c7:18:cd:b7:48:b8:7a:29:14:69:
ed:e1:cc:d4:ad:5f:b5:50:40:ff:db:fc:0d:cc:2d:7d:18:bf:
91:98:0d:4f:4e:01:a9:7a:53:eb:94:51:96:08:d7:66:68:30:
07:3f:5c:1b:a7:83:67:ea:15:3b:2f:97:a2:2d:fb:fd:df:2a:
fd:3a:4a:a1:81:84:8e:84:95:bb:0f:ed:a4:dc:bc:d2:78:da:
2e:46:ed:bf:70:23:dc:85:bf:85:2c:ae:e3:c1:c9:5c:e6:3e:
81:a4:ce:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd0pCvwYp7AFaxY2/FBZd/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwNDEyMDg0NTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQyYWQwNWZjMWY1NWQ3NTg4ZmFkODk1MGY2MjNjNzUwZmNkMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswnlKOxCyyauVy+tjr9B/D/+YInl
uwmQ/FS79TQgeBAEzi8wDm++S1IzKVmUeaCOWk+2BsfHFr56FFcCJ5SmxGvRpVQq
0G18vEGR0owdo5FBhE+nICoBGBuZsZwmtsN00fkmNdkYDt59PYdYGE4HAOF4va6p
V6GcCRJ6HAT1kcb8kkCz3zFRGwESXLF+6ofj5AkXuLLGKcqSaMCBuCd/Ov/k1T/0
jYYcSgze7YzbeNaz6Ljxjobqdt8hmLu9imv8U/GlkTa5VvYkXWSuSraqzsMWCdrv
HRp1GaOlxuD3axG0zFgA3VwIc4egs+keKFIeoOvt3/7KH9GwiHvs38MtxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDTSrQX8H1XXWI+tiVD2I8dQ/NKGMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvTk5LdEJmd2ZWZGRZajYySlVQWWp4MUQ4MG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbWnBAwQA
bWnFAwQAbWnHMA0GCSqGSIb3DQEBCwUAA4IBAQBJuFN3vMz7As4bmoVjyl/ZJ5Mn
71r1trFkY0bDrmUoVZKl44+PHaWjEb2NyMdTAhU1I1O11NkJYI9NDnEQWuK/GbPJ
a6I64Rb6eZG2qTJYyte5hiASRZltS4rQW/gV5b9yhREp04O3ISmMnVOwMJA9rASh
409a7tKyJD3GBNzyN/slKR0ybJPMaytObEliHSHHnviT3vnBiccYzbdIuHopFGnt
4czUrV+1UED/2/wNzC19GL+RmA1PTgGpelPrlFGWCNdmaDAHP1wbp4Nn6hU7L5ei
Lfv93yr9OkqhgYSOhJW7D+2k3LzSeNouRu2/cCPchb+FLK7jwclc5j6BpM4X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org