Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/NdZnB35aMafyQ0dIRBr0B9iDmio.roa
File: NdZnB35aMafyQ0dIRBr0B9iDmio.roa (raw, json)
Hash identifier: K6CtBf+N91qkFd2h1YdUJNESTWlNIYpIT1hFbZYsYRA=
Subject key identifier: 35:D6:67:07:7E:5A:31:A7:F2:43:47:48:44:1A:F4:07:D8:83:9A:2A
Certificate issuer: /CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Certificate serial: 018A7ABD2B4CCA2D09B454853CB54E850FDB
Authority key identifier: 39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/NdZnB35aMafyQ0dIRBr0B9iDmio.roa
Signing time: Sat 09 Sep 2023 16:18:52 +0000
ROA not before: Sat 09 Sep 2023 16:18:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201503
IP address blocks: 185.72.210.0/24 maxlen: 24
185.72.209.0/24 maxlen: 24
185.72.208.0/24 maxlen: 24
185.72.208.0/22 maxlen: 22
82.163.120.0/22 maxlen: 22
82.163.132.0/22 maxlen: 22
2a05:3950::/31 maxlen: 31
2a05:3950:f000::/36 maxlen: 36
2a05:3950:8000::/48 maxlen: 48
2a05:3950:8660::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7a:bd:2b:4c:ca:2d:09:b4:54:85:3c:b5:4e:85:0f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Validity
Not Before: Sep 9 16:18:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d667077e5a31a7f2434748441af407d8839a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:78:d7:ea:8b:03:c8:f2:dd:ec:b2:4d:51:
fe:95:d7:d9:b9:60:a9:0f:1c:9b:af:92:ba:ba:29:
46:9d:19:45:60:21:af:1f:18:a1:cb:66:36:4f:bd:
e1:9f:8c:cd:30:e1:c9:2a:47:89:24:bf:81:81:9d:
af:b9:fe:ec:a3:cc:0e:cb:04:9a:78:5b:9e:54:cd:
ac:9a:9f:a1:14:d9:f9:81:80:25:07:85:31:da:22:
a3:1e:28:33:68:b8:fe:47:f8:70:92:cb:68:a3:b4:
1a:63:83:cd:41:78:6b:3c:60:d2:a6:81:58:22:77:
da:60:96:93:75:8d:ac:e5:d4:8b:b2:38:39:f5:ba:
03:ee:9e:d0:f4:70:66:3b:eb:a0:8f:4a:d6:c6:ed:
16:36:ea:0d:34:cc:49:27:40:38:94:19:d1:3d:61:
9a:f7:7b:6a:f9:22:b2:31:5d:d7:61:14:64:fb:55:
38:e3:c2:3b:e5:d5:05:86:48:45:4a:bc:1e:55:16:
9c:55:d1:7c:4c:2c:99:17:83:b8:c7:92:97:16:f6:
34:81:6d:10:f8:73:e5:9b:fa:87:f6:67:b7:a8:b3:
6d:87:55:2d:58:80:ff:e1:dc:ed:77:09:5d:c7:d5:
1c:f4:b4:24:b9:c8:ee:f6:4f:d3:ef:4b:31:da:bf:
23:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D6:67:07:7E:5A:31:A7:F2:43:47:48:44:1A:F4:07:D8:83:9A:2A
X509v3 Authority Key Identifier:
keyid:39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/NdZnB35aMafyQ0dIRBr0B9iDmio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/OUiGnOVLnTsvPjmu4snI6xnLWw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.120.0/22
82.163.132.0/22
185.72.208.0/22
IPv6:
2a05:3950::/31
Signature Algorithm: sha256WithRSAEncryption
68:dd:d5:05:5d:ba:49:47:8f:28:4b:32:d8:55:29:04:a5:a2:
f4:79:a1:73:62:3d:7a:a3:59:01:f0:58:05:3e:4a:48:df:9b:
d3:73:f1:02:9b:b4:a0:8c:d0:0b:ef:e7:29:02:1b:c2:ec:9a:
a3:58:e5:f4:6e:2b:09:10:39:f3:70:03:79:c1:3f:cf:57:10:
34:99:be:24:ed:31:95:08:68:c3:8c:81:e1:ce:aa:85:23:92:
1c:3a:28:ad:49:7d:57:43:36:83:2d:9c:91:c0:6c:58:b9:26:
d5:a2:7b:c5:1e:05:9c:e3:8a:f6:b0:f6:4b:c8:42:06:0d:c2:
41:ff:d5:e8:9d:a5:91:70:26:44:e9:1c:5f:02:bb:00:fd:b0:
51:52:17:c7:fc:69:47:1e:62:45:25:24:0d:33:d2:88:75:60:
3a:40:b6:54:c8:d4:55:87:bb:88:c3:4f:18:38:0a:ca:39:20:
b0:73:45:93:8f:3a:c2:f0:1b:64:3b:b4:86:ef:4b:df:c6:d2:
dd:07:06:56:2d:c0:9d:05:c3:14:89:4a:be:20:0a:0f:a3:a1:
6f:aa:6f:c4:31:8b:d0:76:1f:89:9d:7a:2e:2d:05:c9:ed:b6:
e3:40:ed:18:ca:df:2a:5e:b0:62:d9:10:f6:d0:b9:d1:21:1b:
89:3c:44:71
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYp6vStMyi0JtFSFPLVOhQ/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDg4NjljZTU0YjlkM2IyZjNlMzlhZWUyYzljOGViMTlj
YjViMGYwHhcNMjMwOTA5MTYxODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ2NjcwNzdlNWEzMWE3ZjI0MzQ3NDg0NDFhZjQwN2Q4ODM5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZh41+qLA8jy3eyyTVH+ldfZuWCp
Dxybr5K6uilGnRlFYCGvHxihy2Y2T73hn4zNMOHJKkeJJL+BgZ2vuf7so8wOywSa
eFueVM2smp+hFNn5gYAlB4Ux2iKjHigzaLj+R/hwkstoo7QaY4PNQXhrPGDSpoFY
InfaYJaTdY2s5dSLsjg59boD7p7Q9HBmO+ugj0rWxu0WNuoNNMxJJ0A4lBnRPWGa
93tq+SKyMV3XYRRk+1U448I75dUFhkhFSrweVRacVdF8TCyZF4O4x5KXFvY0gW0Q
+HPlm/qH9me3qLNth1UtWID/4dztdwldx9Uc9LQkucju9k/T70sx2r8j6QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDXWZwd+WjGn8kNHSEQa9AfYg5oqMB8GA1UdIwQY
MBaAFDlIhpzlS507Lz45ruLJyOsZy1sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDct
MjhiZGFiY2E3MGNiLzEvTmRabkIzNWFNYWZ5UTBkSVJCcjBCOWlEbWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDctMjhiZGFiY2E3MGNi
LzEvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCUqN4AwQC
UqOEAwQCuUjQMA0EAgACMAcDBQEqBTlQMA0GCSqGSIb3DQEBCwUAA4IBAQBo3dUF
XbpJR48oSzLYVSkEpaL0eaFzYj16o1kB8FgFPkpI35vTc/ECm7SgjNAL7+cpAhvC
7JqjWOX0bisJEDnzcAN5wT/PVxA0mb4k7TGVCGjDjIHhzqqFI5IcOiitSX1XQzaD
LZyRwGxYuSbVonvFHgWc44r2sPZLyEIGDcJB/9XonaWRcCZE6RxfArsA/bBRUhfH
/GlHHmJFJSQNM9KIdWA6QLZUyNRVh7uIw08YOArKOSCwc0WTjzrC8BtkO7SG70vf
xtLdBwZWLcCdBcMUiUq+IAoPo6Fvqm/EMYvQdh+JnXouLQXJ7bbjQO0Yyt8qXrBi
2RD20LnRIRuJPERx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:02 2024 by rpki-client on console-ams.rpki-client.org