Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/norkA6w0xYzpCGbgpH568qFZnq4.roa
File: norkA6w0xYzpCGbgpH568qFZnq4.roa (raw, json)
Hash identifier: xSWePspdrcj/V37RSSeCXN9cuVIA2JZLIfPC57LcmXQ=
Subject key identifier: 9E:8A:E4:03:AC:34:C5:8C:E9:08:66:E0:A4:7E:7A:F2:A1:59:9E:AE
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018746B2C892E87E0BE94CFE47462C38C9C2
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/norkA6w0xYzpCGbgpH568qFZnq4.roa
Signing time: Mon 03 Apr 2023 10:38:54 +0000
ROA not before: Mon 03 Apr 2023 10:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 79.98.246.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 18:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:b2:c8:92:e8:7e:0b:e9:4c:fe:47:46:2c:38:c9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 3 10:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e8ae403ac34c58ce90866e0a47e7af2a1599eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f1:80:78:46:d4:69:ba:49:33:2c:eb:06:23:
38:de:a8:72:07:97:ce:3d:ff:e0:08:7b:9c:94:0d:
38:1d:de:80:97:ab:d9:60:1b:1e:8f:2f:83:af:5a:
98:33:cd:8b:6b:49:f2:08:56:10:68:01:4e:b0:72:
64:df:97:8d:26:ee:48:8b:25:da:69:e2:02:34:c4:
e8:91:41:ac:3c:3e:94:30:60:5a:07:c8:0b:7f:3d:
da:8c:d1:97:f8:8b:34:1f:ba:d0:11:77:5c:e0:d6:
8a:9c:7f:c6:fc:be:0f:6a:ee:4a:09:bf:01:47:a9:
98:f1:84:82:4b:b5:45:3f:9c:fc:c0:aa:e8:a0:14:
04:e9:92:69:bb:ef:3f:03:c6:28:83:9d:d8:4e:2e:
64:a9:2b:b4:c0:d0:c0:b6:8f:ae:f2:3a:1c:a7:d2:
df:6b:29:27:e1:2a:90:c5:83:ae:63:8d:a3:c2:4e:
76:bc:49:21:e8:5c:8c:fa:46:95:d5:52:96:a7:4d:
d7:80:5c:38:0d:d1:9b:f1:d8:70:b2:8f:38:ce:4e:
95:89:de:2a:2a:08:59:85:80:aa:6e:7e:ce:2f:12:
88:f5:a7:06:6f:7f:e8:25:9a:a1:c4:9d:c9:d6:d4:
96:aa:e6:d1:85:dd:0c:c0:2e:44:01:5a:96:48:7f:
4d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8A:E4:03:AC:34:C5:8C:E9:08:66:E0:A4:7E:7A:F2:A1:59:9E:AE
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/norkA6w0xYzpCGbgpH568qFZnq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.246.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
72:19:13:f0:e4:fa:b5:f7:d3:01:b1:bc:b2:4e:65:7d:27:d9:
0e:40:b5:c2:0f:bb:9e:e6:7b:22:52:7e:e9:81:53:af:c9:f8:
7b:c0:d1:a5:c9:e5:e9:83:63:d1:40:f2:e3:fa:be:54:b9:a5:
b3:43:00:7d:c9:08:0d:d2:9b:7c:9c:e9:74:28:74:9a:72:17:
8b:26:37:b9:cf:5c:db:88:35:fa:b6:ff:0c:53:59:e2:4b:80:
bc:71:de:db:0e:f0:ed:c2:bd:4c:fd:38:81:4b:bf:3c:85:6d:
52:6b:6b:d8:7c:45:69:97:81:ad:83:f4:43:cc:05:5e:07:82:
dd:6b:80:8a:5a:bd:17:ca:17:1a:c3:8b:f7:5a:2a:7c:2b:2f:
d9:6c:3b:5f:84:03:f2:95:6a:eb:a9:98:dd:5c:cb:9a:9f:5c:
f6:67:b4:fc:85:92:fe:a0:97:55:4b:6f:53:ec:33:eb:9e:c7:
99:be:61:12:a9:01:54:d9:15:5d:a7:68:22:e3:e5:3e:f1:75:
0c:06:ab:08:7a:c2:30:88:3d:f8:c4:ce:f0:f9:62:a5:67:c6:
2c:c7:6c:76:cd:59:4d:e0:3a:af:ba:9e:3d:de:86:df:c5:2c:
0e:df:bf:41:28:2c:c3:01:a6:a6:85:8c:14:ba:3d:ad:2b:90:
7e:78:fa:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdGssiS6H4L6Uz+R0YsOMnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDAzMTAzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZThhZTQwM2FjMzRjNThjZTkwODY2ZTBhNDdlN2FmMmExNTk5ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofGAeEbUabpJMyzrBiM43qhyB5fO
Pf/gCHuclA04Hd6Al6vZYBsejy+Dr1qYM82La0nyCFYQaAFOsHJk35eNJu5IiyXa
aeICNMTokUGsPD6UMGBaB8gLfz3ajNGX+Is0H7rQEXdc4NaKnH/G/L4Pau5KCb8B
R6mY8YSCS7VFP5z8wKrooBQE6ZJpu+8/A8Yog53YTi5kqSu0wNDAto+u8jocp9Lf
aykn4SqQxYOuY42jwk52vEkh6FyM+kaV1VKWp03XgFw4DdGb8dhwso84zk6Vid4q
KghZhYCqbn7OLxKI9acGb3/oJZqhxJ3J1tSWqubRhd0MwC5EAVqWSH9NFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ6K5AOsNMWM6Qhm4KR+evKhWZ6uMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbm9ya0E2dzB4WXpwQ0diZ3BINTY4cUZabnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2L2AwQA
ufoZMA0GCSqGSIb3DQEBCwUAA4IBAQByGRPw5Pq199MBsbyyTmV9J9kOQLXCD7ue
5nsiUn7pgVOvyfh7wNGlyeXpg2PRQPLj+r5UuaWzQwB9yQgN0pt8nOl0KHSacheL
Jje5z1zbiDX6tv8MU1niS4C8cd7bDvDtwr1M/TiBS788hW1Sa2vYfEVpl4Gtg/RD
zAVeB4Lda4CKWr0Xyhcaw4v3Wip8Ky/ZbDtfhAPylWrrqZjdXMuan1z2Z7T8hZL+
oJdVS29T7DPrnseZvmESqQFU2RVdp2gi4+U+8XUMBqsIesIwiD34xM7w+WKlZ8Ys
x2x2zVlN4Dqvup493obfxSwO379BKCzDAaamhYwUuj2tK5B+ePrq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org