Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/nKHwTnzlcK9lTkHH-cMk-2BSwzI.roa
File: nKHwTnzlcK9lTkHH-cMk-2BSwzI.roa (raw, json)
Hash identifier: RrBe7uPPRTm9y6/LNgs5xbNuhO/VZDLNQlKJ+rFhbvA=
Subject key identifier: 9C:A1:F0:4E:7C:E5:70:AF:65:4E:41:C7:F9:C3:24:FB:60:52:C3:32
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018BF5EC3BB9E7525BF513E9EDC2A2974E97
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/nKHwTnzlcK9lTkHH-cMk-2BSwzI.roa
Signing time: Wed 22 Nov 2023 07:26:21 +0000
ROA not before: Wed 22 Nov 2023 07:26:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.244.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:ec:3b:b9:e7:52:5b:f5:13:e9:ed:c2:a2:97:4e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 22 07:26:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ca1f04e7ce570af654e41c7f9c324fb6052c332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:40:fc:3f:a1:56:5b:42:49:8b:55:d0:72:02:
3e:61:5a:46:50:82:f0:d6:ae:ab:ad:60:72:b1:31:
db:1e:b5:ec:ba:1b:59:d2:d0:6a:99:44:9e:17:42:
2d:5f:f9:1e:06:52:38:5e:f5:a3:fb:d0:7b:21:70:
e5:89:26:be:3c:b8:95:99:89:3e:8b:27:31:f0:6c:
3f:3e:82:24:05:4e:ec:cd:99:c4:af:ee:c0:98:0f:
e3:a0:0f:8f:d1:86:01:0e:54:a1:f7:7c:35:1d:ca:
9c:bd:64:19:7a:0e:b8:11:ae:e6:c9:01:54:71:84:
69:b0:f4:71:6a:3f:4f:aa:53:37:e8:00:c3:c5:db:
2d:4f:73:6f:0a:e1:f7:9f:e6:78:c9:ad:7c:65:1c:
3f:fc:ab:df:03:6e:38:fe:1c:7b:df:73:2f:62:2b:
e8:10:3e:36:33:b8:b5:f2:6f:82:9b:89:72:06:23:
3c:7d:e1:15:c3:9e:e5:16:51:96:95:d7:a6:a4:8d:
a5:c8:13:48:12:34:24:d5:a3:d3:75:db:77:ea:52:
66:4d:90:c8:d2:73:72:00:0c:0a:4f:ba:ba:6a:f6:
66:f7:d3:7f:34:28:47:8c:5d:d6:b9:82:ec:97:a7:
7a:46:bc:57:b1:af:49:68:9a:49:2b:54:98:8a:98:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A1:F0:4E:7C:E5:70:AF:65:4E:41:C7:F9:C3:24:FB:60:52:C3:32
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/nKHwTnzlcK9lTkHH-cMk-2BSwzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
185.221.24.0/23
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:aa:d6:df:5e:93:ca:2f:91:ff:fe:9b:4e:5c:5f:e8:66:de:
ef:fe:d9:3d:3a:b8:98:05:5c:46:69:f2:66:8e:aa:23:7c:4c:
2e:f0:02:05:54:36:1c:6b:09:e9:a3:8f:f3:ef:aa:97:e9:e2:
24:03:b6:7d:53:4c:8a:e2:22:e1:b9:02:68:4e:97:3b:99:bc:
55:9b:3e:ed:3d:4c:ca:c0:36:8e:a7:54:3b:3c:75:57:38:66:
7c:9b:1d:b7:a7:00:cd:b0:18:da:c2:31:bc:f1:0b:9b:d0:b2:
10:06:d4:82:8e:bf:51:01:6a:b8:d4:a9:78:3f:31:43:71:3a:
97:c8:54:4a:4c:34:df:8e:15:9d:9c:93:93:b6:24:d6:0d:77:
21:3f:81:c4:22:6a:29:64:dd:95:19:a0:ed:fc:9c:48:ba:14:
fe:64:86:7c:3e:4c:d3:29:33:9c:65:f6:c6:8c:ec:f9:f5:d2:
c5:f4:87:41:39:e6:cd:06:76:26:6d:14:71:f8:37:91:df:5f:
9f:8c:af:de:c5:53:83:15:c8:57:15:d1:7c:83:b5:64:b3:87:
9b:19:2b:3b:a9:03:19:1a:9b:21:a0:58:29:a5:9b:2b:19:c2:
36:12:32:bd:26:7a:9d:24:a1:4c:f6:41:97:4f:d3:62:b9:6b:
cc:d6:c0:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv17Du551Jb9RPp7cKil06XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMTIyMDcyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ExZjA0ZTdjZTU3MGFmNjU0ZTQxYzdmOWMzMjRmYjYwNTJjMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40D8P6FWW0JJi1XQcgI+YVpGUILw
1q6rrWBysTHbHrXsuhtZ0tBqmUSeF0ItX/keBlI4XvWj+9B7IXDliSa+PLiVmYk+
iycx8Gw/PoIkBU7szZnEr+7AmA/joA+P0YYBDlSh93w1HcqcvWQZeg64Ea7myQFU
cYRpsPRxaj9PqlM36ADDxdstT3NvCuH3n+Z4ya18ZRw//KvfA244/hx733MvYivo
ED42M7i18m+Cm4lyBiM8feEVw57lFlGWldempI2lyBNIEjQk1aPTddt36lJmTZDI
0nNyAAwKT7q6avZm99N/NChHjF3WuYLsl6d6RrxXsa9JaJpJK1SYipjHBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJyh8E585XCvZU5Bx/nDJPtgUsMyMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbktId1RuemxjSzlsVGtISC1jTWstMkJTd3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT2L0AwQB
ud0YAwQBueGoMA0GCSqGSIb3DQEBCwUAA4IBAQDSqtbfXpPKL5H//ptOXF/oZt7v
/tk9OriYBVxGafJmjqojfEwu8AIFVDYcawnpo4/z76qX6eIkA7Z9U0yK4iLhuQJo
Tpc7mbxVmz7tPUzKwDaOp1Q7PHVXOGZ8mx23pwDNsBjawjG88Qub0LIQBtSCjr9R
AWq41Kl4PzFDcTqXyFRKTDTfjhWdnJOTtiTWDXchP4HEImopZN2VGaDt/JxIuhT+
ZIZ8PkzTKTOcZfbGjOz59dLF9IdBOebNBnYmbRRx+DeR31+fjK/exVODFchXFdF8
g7Vks4ebGSs7qQMZGpshoFgppZsrGcI2EjK9JnqdJKFM9kGXT9NiuWvM1sA7
-----END CERTIFICATE-----
Generated at Fri Nov 24 16:55:24 2023 by rpki-client on console-fra.rpki-client.org