Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NvAOQKrV8UNFEo6gTEwGGqCCeT0.roa
File: NvAOQKrV8UNFEo6gTEwGGqCCeT0.roa (raw, json)
Hash identifier: flHWGgNH7tSE5u8xa6j5BrKyayU5j2agiY7kBIf/SM0=
Subject key identifier: 36:F0:0E:40:AA:D5:F1:43:45:12:8E:A0:4C:4C:06:1A:A0:82:79:3D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018AA5610E508D07E7B9315852D0F1AA5179
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NvAOQKrV8UNFEo6gTEwGGqCCeT0.roa
Signing time: Sun 17 Sep 2023 23:01:55 +0000
ROA not before: Sun 17 Sep 2023 23:01:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60683
IP address blocks: 78.135.96.0/24 maxlen: 24
185.17.138.0/24 maxlen: 24
185.17.139.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 12:13:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a5:61:0e:50:8d:07:e7:b9:31:58:52:d0:f1:aa:51:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Sep 17 23:01:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36f00e40aad5f14345128ea04c4c061aa082793d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2c:9f:da:26:b2:75:77:3a:39:f8:92:2c:ed:
fb:76:3c:19:d3:3c:e0:32:f7:8f:7d:ca:a2:5b:a5:
8c:fc:4b:1c:28:4c:0b:9a:f6:f3:79:cd:a0:4d:18:
ab:18:0c:2b:cf:ca:03:1c:f9:57:4f:66:bf:cd:6c:
62:92:4a:d4:58:14:a3:8b:74:8d:66:30:3a:5b:e0:
c5:96:7f:6d:ed:b4:df:c6:33:1c:03:57:5a:2d:30:
14:12:52:be:78:06:3e:b5:ec:5f:54:a3:5b:6a:15:
22:38:b7:46:0f:3c:25:24:0e:5e:ac:7f:24:25:dc:
37:5c:a8:2b:07:14:8d:4c:fe:bf:d6:10:23:13:7a:
af:e4:3b:d7:e6:e9:e6:6d:71:9f:d4:50:f1:b0:38:
cc:46:2f:94:ba:9d:a9:71:79:99:90:8d:b7:c7:9e:
0f:d8:06:e3:fa:05:0a:5f:5a:6c:c2:b6:1e:5c:74:
e9:eb:15:10:ad:70:1a:51:70:f7:45:4e:5e:da:2a:
23:30:49:58:8f:8d:8a:0b:03:2e:86:a3:35:f9:6f:
77:fd:b8:6d:a9:3f:48:8c:8f:5e:e8:98:05:ef:b6:
3d:02:1b:1d:40:a9:80:0e:f2:52:1d:db:00:4e:d0:
77:5f:a6:65:4b:b2:3c:0e:3f:20:81:fa:48:59:73:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F0:0E:40:AA:D5:F1:43:45:12:8E:A0:4C:4C:06:1A:A0:82:79:3D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NvAOQKrV8UNFEo6gTEwGGqCCeT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.152.0/24
78.135.96.0/24
185.17.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:1e:8c:b9:b8:71:f7:af:7d:9d:66:61:81:3b:c2:c6:af:27:
e3:a8:38:98:2d:2a:3d:14:7d:4b:74:9a:da:fc:85:ed:6b:e9:
af:e0:64:15:fd:58:b4:3e:e0:b3:99:1a:84:be:1e:00:e4:23:
16:b1:63:0f:ca:9f:62:c4:74:38:67:aa:2f:8c:9e:b1:49:28:
76:20:8c:f7:72:d6:2a:76:b3:0d:f6:f3:b5:60:2d:fe:80:43:
46:18:a3:74:f3:b9:8d:cd:57:58:3d:9a:e0:4f:de:8f:c2:25:
41:bd:54:c6:8f:3d:4c:87:d8:25:35:93:e0:0c:33:af:e7:b6:
5f:39:57:2f:80:c7:78:51:02:d4:f0:b4:8d:2c:45:c5:e0:7d:
78:9a:55:ff:56:d5:ff:c6:97:74:30:e5:dd:65:e5:a3:76:5d:
15:8e:e1:c5:87:70:f8:c4:ef:dc:e1:bb:f7:21:9d:5b:94:f0:
2a:2f:b5:7c:4a:97:e9:0e:b7:bd:a2:1e:1d:5c:f8:c0:f2:8c:
e2:9b:5d:9c:fd:78:de:23:aa:8d:00:b1:dc:9f:44:d7:df:bf:
0e:c8:83:a9:48:20:f1:b6:9b:f9:5c:f0:3d:2c:72:29:e1:75:
ac:fe:ec:f6:07:82:83:3b:ab:ec:38:2d:cb:fa:a0:ec:90:d4:
14:01:4b:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqlYQ5QjQfnuTFYUtDxqlF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwOTE3MjMwMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYwMGU0MGFhZDVmMTQzNDUxMjhlYTA0YzRjMDYxYWEwODI3OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Syf2iaydXc6OfiSLO37djwZ0zzg
MvePfcqiW6WM/EscKEwLmvbzec2gTRirGAwrz8oDHPlXT2a/zWxikkrUWBSji3SN
ZjA6W+DFln9t7bTfxjMcA1daLTAUElK+eAY+texfVKNbahUiOLdGDzwlJA5erH8k
Jdw3XKgrBxSNTP6/1hAjE3qv5DvX5unmbXGf1FDxsDjMRi+Uup2pcXmZkI23x54P
2Abj+gUKX1pswrYeXHTp6xUQrXAaUXD3RU5e2iojMElYj42KCwMuhqM1+W93/bht
qT9IjI9e6JgF77Y9AhsdQKmADvJSHdsATtB3X6ZlS7I8Dj8ggfpIWXMXMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDbwDkCq1fFDRRKOoExMBhqggnk9MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTnZBT1FLclY4VU5GRW82Z1RFd0dHcUNDZVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVyYAwQA
TodgAwQBuRGKMA0GCSqGSIb3DQEBCwUAA4IBAQCnHoy5uHH3r32dZmGBO8LGryfj
qDiYLSo9FH1LdJra/IXta+mv4GQV/Vi0PuCzmRqEvh4A5CMWsWMPyp9ixHQ4Z6ov
jJ6xSSh2IIz3ctYqdrMN9vO1YC3+gENGGKN087mNzVdYPZrgT96PwiVBvVTGjz1M
h9glNZPgDDOv57ZfOVcvgMd4UQLU8LSNLEXF4H14mlX/VtX/xpd0MOXdZeWjdl0V
juHFh3D4xO/c4bv3IZ1blPAqL7V8SpfpDre9oh4dXPjA8ozim12c/XjeI6qNALHc
n0TX378OyIOpSCDxtpv5XPA9LHIp4XWs/uz2B4KDO6vsOC3L+qDskNQUAUuw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org