Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/nPR78GUWwQQag57Ojw64xE8rh3I.roa
File: nPR78GUWwQQag57Ojw64xE8rh3I.roa (raw, json)
Hash identifier: t3b2qhCpav9JogbuLktcjIg1eR+c7cv4grfGe3bNmaM=
Subject key identifier: 9C:F4:7B:F0:65:16:C1:04:1A:83:9E:CE:8F:0E:B8:C4:4F:2B:87:72
Certificate issuer: /CN=14c51262fe87f4e295ef9e7f87a1f9e49f57c300
Certificate serial: 0185711E715DE6A0ADBB230A137DFAF201E6
Authority key identifier: 14:C5:12:62:FE:87:F4:E2:95:EF:9E:7F:87:A1:F9:E4:9F:57:C3:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMUSYv6H9OKV755_h6H55J9XwwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/nPR78GUWwQQag57Ojw64xE8rh3I.roa
Signing time: Mon 02 Jan 2023 06:14:58 +0000
ROA not before: Mon 02 Jan 2023 06:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62024
IP address blocks: 185.50.96.0/24 maxlen: 24
185.50.98.0/24 maxlen: 24
185.50.97.0/24 maxlen: 24
2a01:a3e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:71:5d:e6:a0:ad:bb:23:0a:13:7d:fa:f2:01:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14c51262fe87f4e295ef9e7f87a1f9e49f57c300
Validity
Not Before: Jan 2 06:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cf47bf06516c1041a839ece8f0eb8c44f2b8772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:c4:0d:8c:b3:b5:12:dd:de:c5:76:ee:4f:
a1:80:44:94:5f:03:f1:e1:5f:b8:6a:fd:29:26:42:
1c:c3:97:62:e1:7a:6c:38:a2:0e:a1:64:3b:3c:2e:
d5:c4:29:96:7c:c2:bd:6e:7b:d5:0f:3e:af:7d:54:
e1:20:9b:de:22:04:76:46:fd:44:0e:3e:be:fd:bd:
ec:ba:16:b2:3c:14:cd:80:c4:23:1d:cd:06:f6:bb:
10:cb:26:14:77:74:96:d8:0e:43:ae:67:b7:fb:d9:
96:ea:94:6e:7c:d3:6c:9f:4d:ef:c0:d4:ef:f4:0c:
59:3e:41:1d:56:47:a4:a5:cd:50:ed:f5:8d:2f:27:
69:e6:e0:03:1e:07:ae:09:5e:2d:6c:86:13:83:95:
6e:6e:de:14:95:cf:a3:52:46:10:5c:38:39:3e:8a:
16:52:b7:0a:b5:2d:c5:12:7d:a4:ea:16:c3:69:6f:
10:be:fc:db:ca:1a:b1:08:fb:51:59:33:d6:3e:d8:
59:8f:46:cd:25:55:b3:59:32:4f:70:2c:48:3a:ba:
ed:ab:cb:41:81:01:b9:5b:7e:26:9a:74:71:a0:4b:
29:4a:9d:9c:61:95:2b:b1:35:cc:98:e6:02:a6:de:
d7:a9:20:51:65:c0:23:20:c4:61:09:bf:20:b1:1e:
0f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F4:7B:F0:65:16:C1:04:1A:83:9E:CE:8F:0E:B8:C4:4F:2B:87:72
X509v3 Authority Key Identifier:
keyid:14:C5:12:62:FE:87:F4:E2:95:EF:9E:7F:87:A1:F9:E4:9F:57:C3:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMUSYv6H9OKV755_h6H55J9XwwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/nPR78GUWwQQag57Ojw64xE8rh3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/FMUSYv6H9OKV755_h6H55J9XwwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.96.0-185.50.98.255
IPv6:
2a01:a3e0::/32
Signature Algorithm: sha256WithRSAEncryption
32:f7:d3:56:b2:8f:96:01:da:de:68:6a:74:90:ef:30:f2:ad:
f0:c8:2c:5f:8f:6b:90:dc:1e:f4:84:f7:f9:b7:98:6c:67:26:
a7:3a:8e:8f:f7:fa:18:9f:4c:c8:a7:c0:12:e6:c9:51:31:e4:
8e:36:82:f5:84:d1:18:7f:98:14:58:98:0b:54:8d:df:52:d3:
9c:ed:a9:a7:fe:1b:89:1f:09:13:aa:3d:da:75:7e:91:2b:9f:
58:c9:c1:0e:85:d1:ae:03:db:08:0b:13:5a:99:8f:c3:cc:f6:
bd:8b:8b:20:da:a6:8d:43:5c:82:eb:e0:b0:71:0f:0a:c1:46:
ea:75:a4:c3:7e:7e:9a:0a:0b:cc:b7:9b:e9:c6:8c:90:55:2a:
00:d5:50:ad:ce:fe:05:7c:68:d1:ef:6a:71:b2:ae:a3:f2:e0:
00:77:7a:42:47:9a:30:3c:69:90:94:fa:97:09:b1:d7:fb:38:
80:8d:28:06:1f:c7:74:f0:c5:6b:2c:d7:72:9f:a8:27:36:8b:
35:70:42:0a:19:15:0c:7f:01:56:40:89:8a:77:12:c8:25:34:
d9:39:96:80:82:b6:d6:0c:7d:f0:83:14:4c:35:28:78:1d:51:
1b:69:f6:4a:f4:5c:7b:16:ba:80:a6:45:6c:d5:46:07:7c:88:
15:0c:61:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxHnFd5qCtuyMKE3368gHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzUxMjYyZmU4N2Y0ZTI5NWVmOWU3Zjg3YTFmOWU0OWY1
N2MzMDAwHhcNMjMwMTAyMDYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Y0N2JmMDY1MTZjMTA0MWE4MzllY2U4ZjBlYjhjNDRmMmI4NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM3EDYyztRLd3sV27k+hgESUXwPx
4V+4av0pJkIcw5di4XpsOKIOoWQ7PC7VxCmWfMK9bnvVDz6vfVThIJveIgR2Rv1E
Dj6+/b3suhayPBTNgMQjHc0G9rsQyyYUd3SW2A5Drme3+9mW6pRufNNsn03vwNTv
9AxZPkEdVkekpc1Q7fWNLydp5uADHgeuCV4tbIYTg5Vubt4Ulc+jUkYQXDg5PooW
UrcKtS3FEn2k6hbDaW8QvvzbyhqxCPtRWTPWPthZj0bNJVWzWTJPcCxIOrrtq8tB
gQG5W34mmnRxoEspSp2cYZUrsTXMmOYCpt7XqSBRZcAjIMRhCb8gsR4P6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJz0e/BlFsEEGoOezo8OuMRPK4dyMB8GA1UdIwQY
MBaAFBTFEmL+h/Tile+ef4eh+eSfV8MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1VU1l2Nkg5T0tWNzU1X2g2SDU1SjlYd3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iZGZkMTktMjAxYS00NDRkLThkODgt
NmVmNGM3Yzc0NzBiLzEvblBSNzhHVVd3UVFhZzU3T2p3NjR4RThyaDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iZGZkMTktMjAxYS00NDRkLThkODgtNmVmNGM3Yzc0NzBi
LzEvRk1VU1l2Nkg5T0tWNzU1X2g2SDU1SjlYd3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAW5MmAD
BAC5MmIwDQQCAAIwBwMFACoBo+AwDQYJKoZIhvcNAQELBQADggEBADL301ayj5YB
2t5oanSQ7zDyrfDILF+Pa5DcHvSE9/m3mGxnJqc6jo/3+hifTMinwBLmyVEx5I42
gvWE0Rh/mBRYmAtUjd9S05ztqaf+G4kfCROqPdp1fpErn1jJwQ6F0a4D2wgLE1qZ
j8PM9r2LiyDapo1DXILr4LBxDwrBRup1pMN+fpoKC8y3m+nGjJBVKgDVUK3O/gV8
aNHvanGyrqPy4AB3ekJHmjA8aZCU+pcJsdf7OICNKAYfx3TwxWss13KfqCc2izVw
QgoZFQx/AVZAiYp3EsglNNk5loCCttYMffCDFEw1KHgdURtp9kr0XHsWuoCmRWzV
Rgd8iBUMYVU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:25 2024 by rpki-client on console-ams.rpki-client.org