Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NlGadcw9JtJEuiX7S3vCrwWiouA.roa
File: NlGadcw9JtJEuiX7S3vCrwWiouA.roa (raw, json)
Hash identifier: PZtP8ATvtthQE8a0bcaKEAprZTOYnzpdTSlpqrEIMFY=
Subject key identifier: 36:51:9A:75:CC:3D:26:D2:44:BA:25:FB:4B:7B:C2:AF:05:A2:A2:E0
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 0185723A4EBE0BD2A39295FAB8D6B15E7972
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NlGadcw9JtJEuiX7S3vCrwWiouA.roa
Signing time: Mon 02 Jan 2023 11:25:01 +0000
ROA not before: Mon 02 Jan 2023 11:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.132.0/23 maxlen: 23
89.107.128.0/23 maxlen: 23
185.173.158.0/24 maxlen: 24
89.107.130.0/23 maxlen: 23
89.107.135.0/24 maxlen: 24
89.107.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Feb 2023 11:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:4e:be:0b:d2:a3:92:95:fa:b8:d6:b1:5e:79:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Jan 2 11:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36519a75cc3d26d244ba25fb4b7bc2af05a2a2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e7:c8:bc:51:93:41:74:1c:cf:62:6e:ac:0d:
48:e3:a2:45:60:04:7c:1b:35:40:2b:41:a5:b1:cb:
1f:f3:89:4d:2a:7b:fd:54:8e:89:7f:3e:c5:68:1d:
20:7a:e7:4a:aa:f3:f2:74:11:c2:94:c5:ee:62:b1:
69:27:48:53:94:32:3d:62:cf:1c:d7:1a:ab:d9:f7:
26:d8:6e:da:a8:d8:62:70:09:13:ef:20:e4:ba:87:
05:c0:95:e9:d7:97:09:0d:07:02:ea:ac:10:c3:a0:
65:70:c2:76:3d:27:6a:92:bc:8f:9a:e1:43:fc:fe:
89:1f:41:92:c3:74:74:b1:03:69:19:58:c0:98:8f:
1b:9e:18:e7:8a:2d:fd:ee:06:24:6d:88:99:ef:fd:
33:07:0e:0b:a9:40:35:5f:86:7a:e4:0e:37:99:fb:
ca:96:54:65:32:dc:97:3a:75:d3:ef:b2:7c:c2:db:
9e:d8:7c:ca:eb:40:38:df:13:25:07:e2:a9:15:54:
bd:93:f6:77:ed:db:21:8e:f4:b3:21:fb:21:b8:9b:
82:6d:83:d1:f7:43:55:36:da:5f:d8:e3:55:79:cb:
51:8b:04:ef:b3:d4:fb:48:d5:63:68:7d:70:c6:8d:
60:ec:02:f3:72:5e:a9:b1:52:cd:d0:af:bc:06:5b:
55:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:51:9A:75:CC:3D:26:D2:44:BA:25:FB:4B:7B:C2:AF:05:A2:A2:E0
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NlGadcw9JtJEuiX7S3vCrwWiouA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:d1:80:95:f8:bd:0b:bc:5a:8e:41:83:ca:10:94:75:b1:cc:
a0:66:79:2c:27:bd:08:68:2f:16:02:fb:c6:c9:c0:b7:32:54:
9c:10:1a:03:45:ea:f8:f8:bc:4b:80:49:c7:26:cb:2f:be:04:
27:ee:01:1e:73:41:b3:e7:b3:7f:f4:91:fc:dd:f1:8b:3e:12:
ce:e4:96:70:8a:7e:4d:48:3c:d3:a7:b0:7b:b2:f6:da:b4:55:
59:d6:fc:d3:5b:b5:f2:3a:3f:80:f9:2c:61:36:64:dd:40:58:
e3:39:08:17:94:f8:b4:95:13:8a:9a:68:27:f4:58:2f:8d:5b:
27:7c:84:98:44:89:75:28:81:c3:13:30:3e:0d:ae:e9:35:77:
22:33:df:28:c4:db:9d:3d:ea:eb:af:0b:28:75:e7:0d:a8:f6:
27:32:34:de:dd:ee:fa:6c:c5:6f:a5:b2:bf:a2:0c:20:76:f3:
10:59:01:69:08:cd:17:61:8d:88:82:44:a9:22:54:5e:09:9a:
6f:a3:88:29:c1:f6:e9:42:d9:44:ed:f4:3c:2b:37:19:78:fa:
69:f8:2d:8a:1e:18:6f:4d:9b:43:d4:e0:72:4d:be:a4:71:62:
e0:5f:d9:48:1f:77:8d:2e:47:9b:06:62:7b:4e:f5:9b:dd:c0:
60:22:12:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyOk6+C9KjkpX6uNaxXnlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMTAyMTEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUxOWE3NWNjM2QyNmQyNDRiYTI1ZmI0YjdiYzJhZjA1YTJhMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgefIvFGTQXQcz2JurA1I46JFYAR8
GzVAK0Glscsf84lNKnv9VI6Jfz7FaB0geudKqvPydBHClMXuYrFpJ0hTlDI9Ys8c
1xqr2fcm2G7aqNhicAkT7yDkuocFwJXp15cJDQcC6qwQw6BlcMJ2PSdqkryPmuFD
/P6JH0GSw3R0sQNpGVjAmI8bnhjnii397gYkbYiZ7/0zBw4LqUA1X4Z65A43mfvK
llRlMtyXOnXT77J8wtue2HzK60A43xMlB+KpFVS9k/Z37dshjvSzIfshuJuCbYPR
90NVNtpf2ONVectRiwTvs9T7SNVjaH1wxo1g7ALzcl6psVLN0K+8BltVMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZRmnXMPSbSRLol+0t7wq8FoqLgMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvTmxHYWRjdzlKdEpFdWlYN1MzdkNyd1dpb3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQBt0YCV+L0LvFqOQYPKEJR1scyg
ZnksJ70IaC8WAvvGycC3MlScEBoDRer4+LxLgEnHJssvvgQn7gEec0Gz57N/9JH8
3fGLPhLO5JZwin5NSDzTp7B7svbatFVZ1vzTW7XyOj+A+SxhNmTdQFjjOQgXlPi0
lROKmmgn9FgvjVsnfISYRIl1KIHDEzA+Da7pNXciM98oxNudPerrrwsodecNqPYn
MjTe3e76bMVvpbK/ogwgdvMQWQFpCM0XYY2IgkSpIlReCZpvo4gpwfbpQtlE7fQ8
KzcZePpp+C2KHhhvTZtD1OByTb6kcWLgX9lIH3eNLkebBmJ7TvWb3cBgIhJf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org