Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/KqvgDEFKIrkNw3M8au3rbxY_nss.roa
File: KqvgDEFKIrkNw3M8au3rbxY_nss.roa (raw, json)
Hash identifier: s8mUy2MHzIp8hJQeg48M4R67Ds68Z7cKEafwiXRUGto=
Subject key identifier: 2A:AB:E0:0C:41:4A:22:B9:0D:C3:73:3C:6A:ED:EB:6F:16:3F:9E:CB
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 01856CAF16A220EDF38A7D73C0407D4F37D2
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/KqvgDEFKIrkNw3M8au3rbxY_nss.roa
Signing time: Sun 01 Jan 2023 09:34:51 +0000
ROA not before: Sun 01 Jan 2023 09:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202269
IP address blocks: 185.208.172.0/24 maxlen: 24
185.208.173.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.110.188.0/24 maxlen: 24
185.110.190.0/24 maxlen: 24
185.110.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:16:a2:20:ed:f3:8a:7d:73:c0:40:7d:4f:37:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Jan 1 09:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aabe00c414a22b90dc3733c6aedeb6f163f9ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:f3:ae:89:50:14:9b:31:04:c5:b2:17:d4:
3d:5d:07:fa:26:b7:28:bd:c6:32:6d:af:84:8f:13:
2e:74:83:c5:08:eb:67:21:62:b8:41:a8:9e:b7:f5:
b2:2a:ba:87:cd:f3:74:7d:4b:d1:99:a7:88:a8:38:
e0:2d:9c:ef:6d:b3:c5:04:d0:78:ea:38:4b:db:70:
18:64:52:e9:c0:48:42:d1:9e:23:f8:bc:be:e6:97:
e9:85:9c:65:b5:16:c2:a4:0d:e9:a3:4e:75:33:42:
d5:56:ce:5e:72:ca:38:82:b4:94:c0:23:65:be:55:
c6:13:b9:d8:a7:f6:98:4c:24:d1:b1:26:84:21:a6:
c9:97:ed:70:9a:77:7a:69:bb:3e:2a:b5:5d:ba:f3:
9e:5c:c1:5f:ac:b0:7f:59:46:99:a7:61:d3:2e:b8:
d6:f5:f8:40:35:22:3f:9a:10:6c:ce:b4:9a:96:b3:
5e:89:8a:1e:af:c6:f9:1b:94:5a:a2:db:6c:89:43:
ac:45:e2:f7:5d:a9:62:b3:4e:37:d0:79:aa:c0:fb:
90:ea:70:ad:f5:dd:2f:db:40:cf:9d:32:d0:ce:46:
8c:f9:5f:d8:ea:d3:01:81:85:3c:89:6a:d8:7d:81:
0b:61:5e:ed:c4:4d:43:ad:c0:af:27:5a:33:34:f1:
16:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AB:E0:0C:41:4A:22:B9:0D:C3:73:3C:6A:ED:EB:6F:16:3F:9E:CB
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/KqvgDEFKIrkNw3M8au3rbxY_nss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.188.0/22
185.208.172.0/23
Signature Algorithm: sha256WithRSAEncryption
26:2d:3c:6b:c0:99:84:84:a1:a2:54:6b:ae:47:fc:20:ca:2b:
f9:9d:8a:61:dd:45:e5:1f:0e:25:f0:83:44:cc:c8:3c:b8:13:
d3:a0:a6:05:dd:81:59:8a:fd:02:43:16:cc:07:ed:9c:3f:48:
b9:7c:58:fe:d4:0a:52:9c:9b:c5:33:52:8a:94:e3:a0:33:72:
92:60:07:bc:c9:70:5c:c0:95:e8:6f:fa:94:d7:8b:5a:61:1b:
dc:d5:3b:4b:02:6d:4b:69:c1:d8:3e:af:64:89:f3:24:5c:09:
b5:01:9f:82:03:58:37:76:58:d2:49:b5:0c:1e:dd:45:c4:1c:
61:ad:c8:cc:42:cd:bf:51:67:e6:a1:6c:a8:bc:d7:6d:47:df:
e4:d3:1a:a9:56:20:3c:a7:1a:9a:9c:f1:f9:41:ab:a3:0a:8e:
99:15:07:cd:e8:b6:9e:be:71:23:86:05:b6:11:16:c4:5d:24:
4d:9a:ee:48:8d:ca:7d:ab:68:ad:50:80:bd:db:04:c7:de:b2:
bf:a1:cb:b7:64:cd:bb:7c:c3:87:c4:dd:76:18:58:b7:10:42:
19:e3:c2:6a:ce:d7:84:8c:f9:7b:09:49:e0:55:e9:03:de:fd:
91:bb:d4:46:06:3a:e7:7c:0a:15:52:ee:e2:f7:d7:0c:c4:5a:
7d:46:90:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsrxaiIO3zin1zwEB9TzfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjMwMTAxMDkzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFiZTAwYzQxNGEyMmI5MGRjMzczM2M2YWVkZWI2ZjE2M2Y5ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspfzrolQFJsxBMWyF9Q9XQf6Jrco
vcYyba+EjxMudIPFCOtnIWK4Qaiet/WyKrqHzfN0fUvRmaeIqDjgLZzvbbPFBNB4
6jhL23AYZFLpwEhC0Z4j+Ly+5pfphZxltRbCpA3po051M0LVVs5ecso4grSUwCNl
vlXGE7nYp/aYTCTRsSaEIabJl+1wmnd6abs+KrVduvOeXMFfrLB/WUaZp2HTLrjW
9fhANSI/mhBszrSalrNeiYoer8b5G5RaottsiUOsReL3Xalis0430HmqwPuQ6nCt
9d0v20DPnTLQzkaM+V/Y6tMBgYU8iWrYfYELYV7txE1DrcCvJ1ozNPEW/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqr4AxBSiK5DcNzPGrt628WP57LMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvS3F2Z0RFRktJcmtOdzNNOGF1M3JieFlfbnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW68AwQB
udCsMA0GCSqGSIb3DQEBCwUAA4IBAQAmLTxrwJmEhKGiVGuuR/wgyiv5nYph3UXl
Hw4l8INEzMg8uBPToKYF3YFZiv0CQxbMB+2cP0i5fFj+1ApSnJvFM1KKlOOgM3KS
YAe8yXBcwJXob/qU14taYRvc1TtLAm1LacHYPq9kifMkXAm1AZ+CA1g3dljSSbUM
Ht1FxBxhrcjMQs2/UWfmoWyovNdtR9/k0xqpViA8pxqanPH5QaujCo6ZFQfN6Lae
vnEjhgW2ERbEXSRNmu5Ijcp9q2itUIC92wTH3rK/ocu3ZM27fMOHxN12GFi3EEIZ
48JqzteEjPl7CUngVekD3v2Ru9RGBjrnfAoVUu7i99cMxFp9RpC3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org