Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSHY_tTDHRVlf7ssPTCpJcSq61M.roa
File: NSHY_tTDHRVlf7ssPTCpJcSq61M.roa (raw, json)
Hash identifier: 8sjTOcqIkf72pJUVLLNIjLPHGiG//g3Isfqxd9orOUo=
Subject key identifier: 35:21:D8:FE:D4:C3:1D:15:65:7F:BB:2C:3D:30:A9:25:C4:AA:EB:53
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFBD9D72AE7091B9130A4F64624159
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSHY_tTDHRVlf7ssPTCpJcSq61M.roa
Signing time: Sun 01 Jan 2023 18:54:49 +0000
ROA not before: Sun 01 Jan 2023 18:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51167
IP address blocks: 88.216.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 May 2023 07:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:bd:9d:72:ae:70:91:b9:13:0a:4f:64:62:41:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3521d8fed4c31d15657fbb2c3d30a925c4aaeb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:98:13:e0:d3:1d:7d:ce:d2:8e:f9:77:86:f8:
36:55:b2:e6:1f:90:56:b6:4b:c1:21:54:6e:0b:8b:
57:1c:a6:26:59:f9:d6:08:78:00:8a:5b:62:ff:a7:
67:dd:71:6d:8e:89:eb:9d:0b:a9:a0:3b:99:4d:60:
31:8b:74:d6:be:e2:59:06:c8:db:73:9b:7a:1f:15:
9b:96:c4:0e:e1:b5:51:c5:11:c0:02:56:ec:f9:b6:
57:71:bd:76:6e:e4:89:f7:d4:ba:da:42:12:a8:f2:
3e:71:59:99:3f:d3:ed:1c:0f:32:be:1d:b7:3b:7c:
ed:46:60:b3:a0:86:fe:0f:14:3d:23:0b:25:c1:e4:
b3:14:ea:92:7c:0d:1d:12:6f:e0:dd:0d:43:17:e3:
4c:d1:24:c3:c4:bc:70:a4:b5:1f:4c:46:39:30:c0:
81:bd:4a:08:7f:23:fe:f1:bf:d8:ac:c8:26:d7:ea:
4a:14:b5:15:39:69:ee:42:c3:4a:f2:bf:38:16:db:
f7:ff:41:91:1c:7e:92:93:f0:cf:5b:46:44:7f:75:
97:95:94:c4:57:a6:1f:af:9c:2b:dc:5f:bd:d3:2e:
7a:63:b6:aa:3b:ee:27:6a:a0:51:35:5a:db:eb:bc:
42:56:9e:b5:87:48:d8:7a:8e:90:5b:c6:dd:07:38:
2e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:D8:FE:D4:C3:1D:15:65:7F:BB:2C:3D:30:A9:25:C4:AA:EB:53
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSHY_tTDHRVlf7ssPTCpJcSq61M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.2.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:be:fc:a8:23:08:25:9a:d4:45:5a:71:33:ca:71:4e:24:8e:
1f:16:19:50:11:37:b7:00:1d:d1:55:4f:38:f7:4b:28:88:e1:
48:35:5a:a4:a9:2f:d4:c1:23:ea:91:f5:b5:ac:a8:b7:3a:6c:
3b:70:1f:76:54:35:4c:51:89:5a:86:b4:3c:54:ed:63:67:b2:
41:fb:cd:22:90:86:44:d7:2c:00:9e:3d:de:64:08:13:94:af:
45:44:58:91:b1:6c:a0:70:e6:25:e6:25:de:a5:8c:41:a1:04:
cd:cd:ab:22:01:db:69:70:20:2e:cf:c2:8f:f9:bf:8b:71:5c:
07:19:2a:b3:f8:53:57:4c:2b:04:c7:5d:e8:3c:a8:d4:79:30:
c7:65:2c:bb:36:e0:0f:30:21:1f:65:99:29:cc:a1:4c:45:4a:
c4:0f:d7:97:0e:ae:c0:f0:b7:ea:ac:6f:dd:03:8d:27:50:a7:
6f:ae:b4:cd:81:d7:eb:69:23:ae:bf:98:5b:c3:2c:59:7c:9e:
5c:8a:18:c4:0f:19:06:c2:e4:02:62:3c:05:3d:b8:1d:9d:a6:
40:44:db:dc:85:a7:cf:a2:9d:4f:b4:18:59:a2:b5:56:1c:e5:
0e:ab:79:68:eb:79:8e:f8:95:c5:b6:ed:b3:04:d1:60:09:c7:
9b:fc:3e:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur72dcq5wkbkTCk9kYkFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIxZDhmZWQ0YzMxZDE1NjU3ZmJiMmMzZDMwYTkyNWM0YWFlYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5gT4NMdfc7Sjvl3hvg2VbLmH5BW
tkvBIVRuC4tXHKYmWfnWCHgAilti/6dn3XFtjonrnQupoDuZTWAxi3TWvuJZBsjb
c5t6HxWblsQO4bVRxRHAAlbs+bZXcb12buSJ99S62kISqPI+cVmZP9PtHA8yvh23
O3ztRmCzoIb+DxQ9IwslweSzFOqSfA0dEm/g3Q1DF+NM0STDxLxwpLUfTEY5MMCB
vUoIfyP+8b/YrMgm1+pKFLUVOWnuQsNK8r84Ftv3/0GRHH6Sk/DPW0ZEf3WXlZTE
V6Yfr5wr3F+90y56Y7aqO+4naqBRNVrb67xCVp61h0jYeo6QW8bdBzguaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUh2P7Uwx0VZX+7LD0wqSXEqutTMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTlNIWV90VERIUlZsZjdzc1BUQ3BKY1NxNjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNgCMA0G
CSqGSIb3DQEBCwUAA4IBAQAsvvyoIwglmtRFWnEzynFOJI4fFhlQETe3AB3RVU84
90soiOFINVqkqS/UwSPqkfW1rKi3Omw7cB92VDVMUYlahrQ8VO1jZ7JB+80ikIZE
1ywAnj3eZAgTlK9FRFiRsWygcOYl5iXepYxBoQTNzasiAdtpcCAuz8KP+b+LcVwH
GSqz+FNXTCsEx13oPKjUeTDHZSy7NuAPMCEfZZkpzKFMRUrED9eXDq7A8LfqrG/d
A40nUKdvrrTNgdfraSOuv5hbwyxZfJ5cihjEDxkGwuQCYjwFPbgdnaZARNvchafP
op1PtBhZorVWHOUOq3lo63mO+JXFtu2zBNFgCceb/D70
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org