Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NLQKAl9zq2e94AgjblexFZLbF1c.roa
File: NLQKAl9zq2e94AgjblexFZLbF1c.roa (raw, json)
Hash identifier: RVy/8HLUNYXQFJUoDzx87mMrTqRm0NYFO2OGCVic2fU=
Subject key identifier: 34:B4:0A:02:5F:73:AB:67:BD:E0:08:23:6E:57:B1:15:92:DB:17:57
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D9EB6E911D76606856742527101E
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NLQKAl9zq2e94AgjblexFZLbF1c.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212598
IP address blocks: 185.250.210.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 20:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d9:eb:6e:91:1d:76:60:68:56:74:25:27:10:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b40a025f73ab67bde008236e57b11592db1757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:42:8e:1c:da:e3:84:0f:71:26:fe:2d:5b:
92:99:cc:23:5f:97:39:f2:8f:f5:e7:58:d6:c7:f4:
07:e2:9a:32:f1:6e:36:d9:89:b3:78:39:f0:27:bd:
e0:95:ac:b5:97:b4:5b:ff:6d:59:95:00:fb:2e:2b:
79:46:be:91:d0:f4:37:8f:eb:f0:36:15:b2:2e:06:
6b:46:ee:9f:43:12:8f:b8:04:18:b2:fa:c9:57:33:
59:2b:b9:50:27:13:d6:6b:ff:f9:b7:17:7a:9e:6e:
dd:06:a4:75:58:54:90:df:2d:02:ed:12:d0:33:82:
f6:b3:9b:44:4b:f3:90:08:62:83:b8:06:bb:e8:80:
84:82:f7:6d:7a:af:8e:d6:56:7d:08:5a:44:70:fd:
49:46:e0:b3:3f:e3:d4:fb:e6:68:1a:1d:2b:85:16:
b3:88:1f:42:c3:89:11:38:ad:13:ef:5c:94:e1:b5:
0b:6c:8c:b2:f0:c0:40:ab:cb:35:39:3b:b9:0f:5a:
37:94:c2:e5:44:ec:c6:91:92:bb:73:bb:21:d7:24:
dc:11:f7:49:7a:3f:78:ab:e2:21:41:a0:9e:13:8b:
44:3c:b3:2d:4b:7d:c5:0b:1f:48:ef:b6:4d:4b:74:
fa:1d:eb:2e:83:7b:9c:fb:a3:b4:4d:ac:ec:b6:44:
8f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B4:0A:02:5F:73:AB:67:BD:E0:08:23:6E:57:B1:15:92:DB:17:57
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NLQKAl9zq2e94AgjblexFZLbF1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.210.0/24
185.254.236.0/24
185.254.239.0/24
194.62.54.0/24
Signature Algorithm: sha256WithRSAEncryption
07:7f:11:1b:46:ca:fa:99:25:99:67:9d:8e:9a:88:2d:d8:0d:
ab:29:1b:94:7d:1f:25:de:2d:3f:9d:b0:78:bd:6b:5f:08:7a:
3f:a9:e7:48:e3:16:51:fc:43:69:13:cf:85:0d:55:0c:ce:ec:
1a:60:e5:0f:cb:b2:b0:7c:06:78:35:b7:f7:b5:dc:bc:3c:69:
77:0a:85:84:22:8c:b2:b8:3d:e7:e4:e2:06:63:7c:74:bd:63:
a6:71:e2:bb:eb:dc:da:40:8e:da:2a:25:c8:b3:1a:ea:0b:c4:
fa:db:24:12:45:eb:6d:d0:db:37:e6:2e:96:c7:b6:3a:09:78:
3d:35:55:8f:b1:58:34:04:9b:9e:17:d2:80:d1:56:e0:cd:7e:
d2:52:15:44:69:95:07:c9:d5:4a:7a:ad:4a:2e:f2:8f:d8:f4:
0e:bf:89:af:79:a9:b0:9d:9a:d9:dd:b8:01:d9:1d:8d:74:b2:
03:40:71:5f:7b:1c:db:c1:74:43:11:ac:e8:f5:bc:2c:c2:1f:
90:04:11:44:90:d6:3c:25:ca:40:d6:7d:45:2d:32:d6:bc:21:
b7:fe:bd:24:20:31:37:23:77:9f:72:78:e2:41:15:7b:df:32:
6d:1d:19:73:17:94:19:3a:b3:4c:98:d1:d0:04:62:54:95:6e:
3c:66:6e:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsU9nrbpEddmBoVnQlJxAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI0MGEwMjVmNzNhYjY3YmRlMDA4MjM2ZTU3YjExNTkyZGIxNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWRCjhza44QPcSb+LVuSmcwjX5c5
8o/151jWx/QH4poy8W422YmzeDnwJ73glay1l7Rb/21ZlQD7Lit5Rr6R0PQ3j+vw
NhWyLgZrRu6fQxKPuAQYsvrJVzNZK7lQJxPWa//5txd6nm7dBqR1WFSQ3y0C7RLQ
M4L2s5tES/OQCGKDuAa76ICEgvdteq+O1lZ9CFpEcP1JRuCzP+PU++ZoGh0rhRaz
iB9Cw4kROK0T71yU4bULbIyy8MBAq8s1OTu5D1o3lMLlROzGkZK7c7sh1yTcEfdJ
ej94q+IhQaCeE4tEPLMtS33FCx9I77ZNS3T6Hesug3uc+6O0TazstkSP6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDS0CgJfc6tnveAII25XsRWS2xdXMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTkxRS0FsOXpxMmU5NEFnamJsZXhGWkxiRjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAufrSAwQA
uf7sAwQAuf7vAwQAwj42MA0GCSqGSIb3DQEBCwUAA4IBAQAHfxEbRsr6mSWZZ52O
mogt2A2rKRuUfR8l3i0/nbB4vWtfCHo/qedI4xZR/ENpE8+FDVUMzuwaYOUPy7Kw
fAZ4Nbf3tdy8PGl3CoWEIoyyuD3n5OIGY3x0vWOmceK769zaQI7aKiXIsxrqC8T6
2yQSRett0Ns35i6Wx7Y6CXg9NVWPsVg0BJueF9KA0VbgzX7SUhVEaZUHydVKeq1K
LvKP2PQOv4mveamwnZrZ3bgB2R2NdLIDQHFfexzbwXRDEazo9bwswh+QBBFEkNY8
JcpA1n1FLTLWvCG3/r0kIDE3I3efcnjiQRV73zJtHRlzF5QZOrNMmNHQBGJUlW48
Zm4e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org