Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/N-cNAScWzgV49ULLVdM-MKjUT5g.roa
File: N-cNAScWzgV49ULLVdM-MKjUT5g.roa (raw, json)
Hash identifier: BjqgjS67hBKG1lwxq1k+AxfZiGXeQIto3rYUCd/E5Gw=
Subject key identifier: 37:E7:0D:01:27:16:CE:05:78:F5:42:CB:55:D3:3E:30:A8:D4:4F:98
Certificate issuer: /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial: 01856DC1ADA31E2D6D05C92EE23D1EE1EC3B
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/N-cNAScWzgV49ULLVdM-MKjUT5g.roa
Signing time: Sun 01 Jan 2023 14:34:47 +0000
ROA not before: Sun 01 Jan 2023 14:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52051
IP address blocks: 185.124.48.0/22 maxlen: 24
2a0e:8f80::/48 maxlen: 48
2a01:b1c2::/32 maxlen: 48
2a01:b1c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ad:a3:1e:2d:6d:05:c9:2e:e2:3d:1e:e1:ec:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
Validity
Not Before: Jan 1 14:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37e70d012716ce0578f542cb55d33e30a8d44f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f7:84:53:82:50:ac:ff:07:6b:33:18:d0:ad:
51:c0:f7:f2:8c:5a:88:b7:e4:71:1d:94:45:c6:3b:
ea:1b:cd:8b:bb:ea:d9:5e:fc:49:38:de:7f:44:c9:
1d:99:b9:2f:6e:56:7f:eb:53:c6:c6:74:54:fb:12:
93:d7:e3:57:90:49:9e:78:a2:3a:9e:81:6b:54:4d:
7c:b4:23:4b:78:c7:14:bf:55:40:22:60:27:ae:0e:
dd:2a:d6:04:a4:7a:12:12:e4:b7:46:5d:5a:16:a4:
20:c4:3a:9c:d7:ae:c5:3a:35:84:44:ea:24:86:ae:
44:63:0a:35:e3:f6:92:7e:06:51:aa:4f:f8:57:2c:
a3:31:60:16:09:18:52:4f:53:16:b4:58:f7:72:c6:
4a:a8:65:1e:37:56:f6:af:9f:a5:2b:a3:00:c6:de:
61:c1:3b:17:a0:59:c4:0d:20:79:9d:4f:e5:73:43:
2e:c5:24:de:b5:fe:47:ec:58:87:ca:10:96:99:bd:
a2:62:e9:29:b3:11:22:b0:d8:bb:7b:a5:99:bc:d4:
51:ab:e1:f1:ba:0d:a6:c1:64:30:f9:cd:43:ab:19:
e5:63:75:af:b1:58:95:4e:df:45:c1:27:c8:9e:f0:
1b:68:ed:09:5a:fa:ef:1f:b1:7a:a3:f9:ad:bd:a7:
d5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E7:0D:01:27:16:CE:05:78:F5:42:CB:55:D3:3E:30:A8:D4:4F:98
X509v3 Authority Key Identifier:
keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/N-cNAScWzgV49ULLVdM-MKjUT5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.48.0/22
IPv6:
2a01:b1c2::/31
2a0e:8f80::/48
Signature Algorithm: sha256WithRSAEncryption
8e:78:8e:d5:17:3a:df:04:92:c2:a8:0c:81:db:e8:57:b8:2f:
71:6b:d4:96:20:8c:47:95:5b:23:46:21:57:07:ec:d2:84:2c:
7a:0e:89:12:06:04:a7:20:32:a6:a5:b2:fb:e8:03:6b:47:07:
31:1b:b6:9b:40:95:b7:30:c2:62:57:8a:af:9e:6c:76:00:83:
06:1a:cd:b4:1d:a3:99:0b:41:5e:e4:66:9a:36:c0:e5:77:ca:
9b:83:cd:28:55:2a:51:f6:cf:8c:c1:b0:37:af:0b:5a:92:a3:
db:b7:94:7f:34:f4:93:c4:ae:b4:99:13:23:44:1c:a9:bd:b7:
1c:ed:6f:3c:9e:46:3b:0d:28:5c:25:28:c2:3a:6c:13:f8:ee:
9d:0a:5c:24:b8:b9:9d:a3:c2:10:86:17:87:7b:3a:2d:83:18:
62:e3:b2:5c:cf:bb:ea:36:be:dd:26:16:7f:c7:b7:20:e2:dc:
6d:6c:8b:03:95:a7:80:a6:d2:4a:a0:d7:1e:61:80:13:10:bc:
f1:03:85:04:db:f9:49:31:71:e1:9a:d4:ff:c8:e2:bc:94:a5:
9d:43:5f:34:2c:c0:44:e3:d5:b1:24:88:bb:39:20:7f:a9:86:
79:a1:04:16:51:42:76:53:96:79:21:9b:76:78:1d:1b:cd:5c:
59:77:60:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtwa2jHi1tBcku4j0e4ew7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDc0MzM5YmIyMTZiODViZGM4M2Q2MTc3ODgyMWFkZjkx
NDlkNTYwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2U3MGQwMTI3MTZjZTA1NzhmNTQyY2I1NWQzM2UzMGE4ZDQ0Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/eEU4JQrP8HazMY0K1RwPfyjFqI
t+RxHZRFxjvqG82Lu+rZXvxJON5/RMkdmbkvblZ/61PGxnRU+xKT1+NXkEmeeKI6
noFrVE18tCNLeMcUv1VAImAnrg7dKtYEpHoSEuS3Rl1aFqQgxDqc167FOjWEROok
hq5EYwo14/aSfgZRqk/4VyyjMWAWCRhST1MWtFj3csZKqGUeN1b2r5+lK6MAxt5h
wTsXoFnEDSB5nU/lc0MuxSTetf5H7FiHyhCWmb2iYukpsxEisNi7e6WZvNRRq+Hx
ug2mwWQw+c1DqxnlY3WvsViVTt9FwSfInvAbaO0JWvrvH7F6o/mtvafVlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDfnDQEnFs4FePVCy1XTPjCo1E+YMB8GA1UdIwQY
MBaAFKIHQzm7IWuFvcg9YXeIIa35FJ1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGIt
MGZlYjY2ZTdmMjhhLzEvTi1jTkFTY1d6Z1Y0OVVMTFZkTS1NS2pVVDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGItMGZlYjY2ZTdmMjhh
LzEvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuXwwMBYE
AgACMBADBQEqAbHCAwcAKg6PgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCOeI7VFzrf
BJLCqAyB2+hXuC9xa9SWIIxHlVsjRiFXB+zShCx6DokSBgSnIDKmpbL76ANrRwcx
G7abQJW3MMJiV4qvnmx2AIMGGs20HaOZC0Fe5GaaNsDld8qbg80oVSpR9s+MwbA3
rwtakqPbt5R/NPSTxK60mRMjRBypvbcc7W88nkY7DShcJSjCOmwT+O6dClwkuLmd
o8IQhheHezotgxhi47Jcz7vqNr7dJhZ/x7cg4txtbIsDlaeAptJKoNceYYATELzx
A4UE2/lJMXHhmtT/yOK8lKWdQ180LMBE49WxJIi7OSB/qYZ5oQQWUUJ2U5Z5IZt2
eB0bzVxZd2CM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org