Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/NxeZKNtVgy7T-FMzoOdvdU9qh4Y.roa
File: NxeZKNtVgy7T-FMzoOdvdU9qh4Y.roa (raw, json)
Hash identifier: RyaGWztVqbtlyNZ5l/f+rXD5muxw9+jY8m6zX2QMXs8=
Subject key identifier: 37:17:99:28:DB:55:83:2E:D3:F8:53:33:A0:E7:6F:75:4F:6A:87:86
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018B96D1873FC302B62EC9C152871C20186D
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/NxeZKNtVgy7T-FMzoOdvdU9qh4Y.roa
Signing time: Fri 03 Nov 2023 20:13:15 +0000
ROA not before: Fri 03 Nov 2023 20:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 194.126.198.0/24 maxlen: 24
185.45.250.0/23 maxlen: 24
185.45.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:d1:87:3f:c3:02:b6:2e:c9:c1:52:87:1c:20:18:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 3 20:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37179928db55832ed3f85333a0e76f754f6a8786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:f4:86:61:cc:4d:16:f4:c9:66:47:41:26:
ab:6b:94:86:63:37:bc:e8:6d:90:46:58:29:ac:03:
92:d4:39:35:b7:47:05:67:fc:bb:38:95:3b:b6:4a:
31:b5:56:89:e0:85:e5:3b:07:95:92:36:8a:67:ec:
f5:31:5f:3d:31:eb:56:de:bb:29:69:08:ce:7c:09:
6b:d5:04:ac:34:04:c2:08:01:10:9c:5c:5f:77:8a:
0e:00:82:5d:21:c7:fb:81:78:e5:f8:d2:de:8d:f1:
50:30:69:33:83:38:dd:3f:b1:52:5f:9d:06:24:a9:
67:71:d9:5d:7a:0e:b9:48:78:02:f1:f3:b9:c5:c7:
50:e7:05:e5:d8:8a:79:29:3a:df:a9:c9:a9:57:1b:
83:0d:25:37:c6:7c:14:d0:73:96:72:6e:cb:47:5d:
30:ab:7c:6c:15:5e:2b:95:6e:81:20:04:dd:d3:c1:
93:24:60:6f:83:2d:74:16:d8:56:73:2e:1e:ca:93:
f6:2e:e3:7c:f9:cc:70:8f:09:00:01:42:5f:c4:82:
d4:cd:84:7b:d5:c0:f3:39:76:40:a4:a3:9b:2d:8c:
a7:2e:b0:3c:26:3b:50:37:3c:36:1b:52:b3:7d:14:
a4:14:2e:f2:b2:09:00:c6:d9:ff:24:3e:a8:26:3e:
3f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:17:99:28:DB:55:83:2E:D3:F8:53:33:A0:E7:6F:75:4F:6A:87:86
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/NxeZKNtVgy7T-FMzoOdvdU9qh4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.248.0/22
194.126.198.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:c7:45:de:95:f3:55:37:14:fa:2e:6a:03:67:b1:0d:0f:a4:
00:d9:c0:18:5f:c7:4c:8a:88:cc:6a:e6:86:85:61:a0:3b:71:
f0:ba:f1:57:05:b3:88:e7:e3:ed:6f:fb:f9:03:19:7d:bc:42:
1f:c4:f3:3b:b2:9f:69:ee:e1:0d:d1:eb:9c:cb:27:e1:98:d8:
ed:ff:9c:ae:16:13:4c:83:9e:ea:15:6d:91:e1:d6:61:1a:65:
1c:eb:3e:1f:ef:89:88:3a:b9:cf:00:22:4c:df:f8:a5:26:42:
69:1d:50:f5:89:78:aa:b2:0d:4e:9d:12:c7:e8:f1:d8:58:22:
ed:27:50:69:6e:01:33:7a:b5:b4:db:f8:4f:24:c1:bf:d8:7c:
a8:22:74:c1:ae:88:22:7c:ed:ba:3f:ae:60:73:65:39:9f:19:
69:e1:4e:53:95:15:4e:73:82:a7:59:72:f8:2c:6e:2f:6f:e2:
96:18:7d:c2:d8:f7:ba:84:85:fe:0e:0f:49:60:a8:bb:d1:4b:
e1:fa:23:2f:f8:8b:53:6b:32:10:4b:9f:40:d9:54:8e:f7:a3:
84:6e:4c:97:17:24:89:3d:25:63:20:c1:45:7a:65:77:eb:11:
f1:b7:81:7a:50:13:01:2b:cf:5c:5e:3b:da:98:1c:37:ee:df:
d8:eb:f0:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuW0Yc/wwK2LsnBUoccIBhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMxMTAzMjAxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE3OTkyOGRiNTU4MzJlZDNmODUzMzNhMGU3NmY3NTRmNmE4Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7b0hmHMTRb0yWZHQSara5SGYze8
6G2QRlgprAOS1Dk1t0cFZ/y7OJU7tkoxtVaJ4IXlOweVkjaKZ+z1MV89MetW3rsp
aQjOfAlr1QSsNATCCAEQnFxfd4oOAIJdIcf7gXjl+NLejfFQMGkzgzjdP7FSX50G
JKlncdldeg65SHgC8fO5xcdQ5wXl2Ip5KTrfqcmpVxuDDSU3xnwU0HOWcm7LR10w
q3xsFV4rlW6BIATd08GTJGBvgy10FthWcy4eypP2LuN8+cxwjwkAAUJfxILUzYR7
1cDzOXZApKObLYynLrA8JjtQNzw2G1KzfRSkFC7ysgkAxtn/JD6oJj4/7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcXmSjbVYMu0/hTM6Dnb3VPaoeGMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvTnhlWktOdFZneTdULUZNem9PZHZkVTlxaDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS34AwQA
wn7GMA0GCSqGSIb3DQEBCwUAA4IBAQDKx0XelfNVNxT6LmoDZ7END6QA2cAYX8dM
iojMauaGhWGgO3HwuvFXBbOI5+Ptb/v5Axl9vEIfxPM7sp9p7uEN0eucyyfhmNjt
/5yuFhNMg57qFW2R4dZhGmUc6z4f74mIOrnPACJM3/ilJkJpHVD1iXiqsg1OnRLH
6PHYWCLtJ1BpbgEzerW02/hPJMG/2HyoInTBrogifO26P65gc2U5nxlp4U5TlRVO
c4KnWXL4LG4vb+KWGH3C2Pe6hIX+Dg9JYKi70Uvh+iMv+ItTazIQS59A2VSO96OE
bkyXFySJPSVjIMFFemV36xHxt4F6UBMBK89cXjvamBw37t/Y6/A5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org