Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/nLy-IJkRyvbv4nNaCniid3_R0zY.roa
File: nLy-IJkRyvbv4nNaCniid3_R0zY.roa (raw, json)
Hash identifier: EAFzqEpGM6v1todveRlzCxDuqvBUn/i7vpwgjwsnT28=
Subject key identifier: 9C:BC:BE:20:99:11:CA:F6:EF:E2:73:5A:0A:78:A2:77:7F:D1:D3:36
Certificate issuer: /CN=0ec3ad5ff65b8dcb476229f12d457d7761a0b97c
Certificate serial: 018570429C9DC3B33B28AEC9F91CDC33C9E8
Authority key identifier: 0E:C3:AD:5F:F6:5B:8D:CB:47:62:29:F1:2D:45:7D:77:61:A0:B9:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DsOtX_ZbjctHYinxLUV9d2GguXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/nLy-IJkRyvbv4nNaCniid3_R0zY.roa
Signing time: Mon 02 Jan 2023 02:14:51 +0000
ROA not before: Mon 02 Jan 2023 02:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201722
IP address blocks: 185.82.112.0/24 maxlen: 24
185.82.114.0/24 maxlen: 24
185.82.115.0/24 maxlen: 24
185.82.113.0/24 maxlen: 24
2a05:8f80::/32 maxlen: 32
2a05:8f81::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:9c:9d:c3:b3:3b:28:ae:c9:f9:1c:dc:33:c9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ec3ad5ff65b8dcb476229f12d457d7761a0b97c
Validity
Not Before: Jan 2 02:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbcbe209911caf6efe2735a0a78a2777fd1d336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:a8:02:9a:0b:03:db:0c:49:50:e9:35:26:
6b:21:1c:a5:29:02:ae:e5:fb:90:94:b9:28:5b:d7:
8e:78:52:c5:1b:46:e7:73:d3:84:2a:38:d0:e7:2f:
f2:24:c0:e8:69:20:0a:da:cb:b3:12:ac:a1:8e:91:
f8:42:f7:5d:9c:d4:da:b5:67:27:13:b2:0b:16:a4:
ae:ec:d5:35:05:da:0b:4b:c6:15:34:12:f8:c5:a2:
a5:51:7a:b5:72:07:70:9c:a3:87:d9:31:31:55:d9:
f4:cf:f6:03:15:4a:9e:aa:89:5b:fd:50:e0:0c:25:
8f:95:a2:56:7b:f6:3d:4e:a3:88:e6:07:c9:6f:d9:
8d:13:21:9e:ba:f6:0a:40:68:11:3f:07:a2:cd:f6:
2a:72:cf:73:43:93:9f:9e:c0:c6:4b:ef:7b:f8:1e:
a7:bf:bf:9d:4c:5a:4b:39:69:3a:d8:08:2b:d1:42:
c0:eb:9b:30:f4:17:b6:83:cb:d4:dc:c0:61:ca:6d:
ca:85:43:f1:17:02:b3:fe:c4:5f:a4:15:6c:fc:e7:
7f:e4:47:3c:1b:d0:43:74:ab:c0:2d:46:0c:8e:44:
2a:6f:b8:b3:4d:92:4f:f5:40:15:47:af:a8:8c:a1:
26:e9:dc:40:32:6f:13:80:31:26:cf:31:7a:e8:5f:
6d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BC:BE:20:99:11:CA:F6:EF:E2:73:5A:0A:78:A2:77:7F:D1:D3:36
X509v3 Authority Key Identifier:
keyid:0E:C3:AD:5F:F6:5B:8D:CB:47:62:29:F1:2D:45:7D:77:61:A0:B9:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DsOtX_ZbjctHYinxLUV9d2GguXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/nLy-IJkRyvbv4nNaCniid3_R0zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/DsOtX_ZbjctHYinxLUV9d2GguXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.112.0/22
IPv6:
2a05:8f80::/31
Signature Algorithm: sha256WithRSAEncryption
52:f5:49:a4:41:82:6b:c1:f7:1f:04:8a:57:5a:07:b9:a6:01:
d2:d8:55:a2:a0:1c:4a:9b:c5:fe:6c:82:13:4e:7e:ec:7c:37:
e1:46:bb:47:85:08:3a:82:fb:f0:83:de:45:49:64:49:da:ac:
bc:37:1e:ea:40:ca:50:a9:0c:99:a2:70:fc:07:8f:d7:95:32:
ea:5a:db:f7:29:12:e8:d3:ee:cf:b4:de:36:eb:5b:62:2c:3d:
c2:ff:d2:8a:dc:77:2b:e6:2d:5c:b8:da:e6:53:f3:df:ee:e6:
8a:2c:1a:af:54:7c:87:31:64:82:ff:b7:28:d4:a3:9e:8d:43:
81:89:b2:79:e1:3b:1a:9d:cd:92:24:4c:f3:ef:66:65:e2:1f:
38:51:f2:26:6b:6a:bd:a2:3c:5e:66:4e:91:14:f2:f3:ee:83:
6a:c3:73:98:11:0c:7d:a3:47:54:bc:2e:48:80:7e:88:3c:6d:
fe:a8:db:b0:a6:ff:35:79:94:64:1e:09:bb:e2:0d:e7:ee:17:
3b:c5:cb:d1:ae:87:bb:87:16:ca:b9:4b:79:19:01:30:f1:30:
8a:a0:d7:d4:b9:fa:0c:f4:81:02:94:7f:d2:59:fe:8e:62:dd:
0d:47:21:4e:cf:79:0a:ef:82:bd:9d:ea:80:6a:b5:f1:f5:5c:
58:01:b1:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwQpydw7M7KK7J+RzcM8noMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYzNhZDVmZjY1YjhkY2I0NzYyMjlmMTJkNDU3ZDc3NjFh
MGI5N2MwHhcNMjMwMTAyMDIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JjYmUyMDk5MTFjYWY2ZWZlMjczNWEwYTc4YTI3NzdmZDFkMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4CoApoLA9sMSVDpNSZrIRylKQKu
5fuQlLkoW9eOeFLFG0bnc9OEKjjQ5y/yJMDoaSAK2suzEqyhjpH4QvddnNTatWcn
E7ILFqSu7NU1BdoLS8YVNBL4xaKlUXq1cgdwnKOH2TExVdn0z/YDFUqeqolb/VDg
DCWPlaJWe/Y9TqOI5gfJb9mNEyGeuvYKQGgRPweizfYqcs9zQ5OfnsDGS+97+B6n
v7+dTFpLOWk62Agr0ULA65sw9Be2g8vU3MBhym3KhUPxFwKz/sRfpBVs/Od/5Ec8
G9BDdKvALUYMjkQqb7izTZJP9UAVR6+ojKEm6dxAMm8TgDEmzzF66F9tjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJy8viCZEcr27+JzWgp4ond/0dM2MB8GA1UdIwQY
MBaAFA7DrV/2W43LR2Ip8S1FfXdhoLl8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHNPdFhfWmJqY3RIWWlueExVVjlkMkdndVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81ODlhMTUtOWM1Mi00YTFiLThkMzIt
YjhhYWIzMzIzNTI0LzEvbkx5LUlKa1J5dmJ2NG5OYUNuaWlkM19SMHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81ODlhMTUtOWM1Mi00YTFiLThkMzItYjhhYWIzMzIzNTI0
LzEvRHNPdFhfWmJqY3RIWWlueExVVjlkMkdndVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJwMA0E
AgACMAcDBQEqBY+AMA0GCSqGSIb3DQEBCwUAA4IBAQBS9UmkQYJrwfcfBIpXWge5
pgHS2FWioBxKm8X+bIITTn7sfDfhRrtHhQg6gvvwg95FSWRJ2qy8Nx7qQMpQqQyZ
onD8B4/XlTLqWtv3KRLo0+7PtN4261tiLD3C/9KK3Hcr5i1cuNrmU/Pf7uaKLBqv
VHyHMWSC/7co1KOejUOBibJ54Tsanc2SJEzz72Zl4h84UfIma2q9ojxeZk6RFPLz
7oNqw3OYEQx9o0dUvC5IgH6IPG3+qNuwpv81eZRkHgm74g3n7hc7xcvRroe7hxbK
uUt5GQEw8TCKoNfUufoM9IEClH/SWf6OYt0NRyFOz3kK74K9neqAarXx9VxYAbEM
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:55 2024 by rpki-client on console-ams.rpki-client.org