Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/NqitE-pOtVH6gOUgSeJxV9GyhvY.roa
File: NqitE-pOtVH6gOUgSeJxV9GyhvY.roa (raw, json)
Hash identifier: 3l/HY/MbBsrlsacm8m//zO4XytKEnA1Ovc35V9nJ+S0=
Subject key identifier: 36:A8:AD:13:EA:4E:B5:51:FA:80:E5:20:49:E2:71:57:D1:B2:86:F6
Certificate issuer: /CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Certificate serial: 01856D385B41FA8131AB2A287C786FE33F9B
Authority key identifier: 47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/NqitE-pOtVH6gOUgSeJxV9GyhvY.roa
Signing time: Sun 01 Jan 2023 12:04:47 +0000
ROA not before: Sun 01 Jan 2023 12:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47178
IP address blocks: 93.188.112.0/21 maxlen: 21
185.99.225.0/24 maxlen: 24
185.99.224.0/22 maxlen: 22
185.99.226.0/24 maxlen: 24
185.99.224.0/24 maxlen: 24
185.99.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5b:41:fa:81:31:ab:2a:28:7c:78:6f:e3:3f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Validity
Not Before: Jan 1 12:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36a8ad13ea4eb551fa80e52049e27157d1b286f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f6:91:34:fe:c7:1f:5c:2a:2a:a0:d3:b6:7e:
37:40:eb:6e:45:1a:a8:4b:48:24:9f:46:cd:b6:3d:
c9:10:29:be:dc:97:a3:9b:15:7e:5d:a0:d1:37:8a:
8a:d0:14:96:9c:69:12:13:ef:12:87:ae:91:93:fd:
1f:a5:7c:7a:4c:47:4b:65:b2:ca:bb:17:bb:b9:61:
7b:4c:b8:54:b6:21:b3:54:5e:86:d3:0a:33:14:60:
61:da:30:e0:ba:cf:e9:fc:82:7a:64:15:90:a4:17:
6e:bb:c2:c4:68:01:78:0d:03:26:a1:94:34:1a:f9:
4e:53:58:05:b2:b8:c4:b5:00:a0:e6:da:77:19:e2:
30:88:2f:18:e8:0e:27:7b:b5:3d:4d:3a:82:14:32:
f7:3d:cb:f5:db:db:8f:0b:e3:ba:0a:8d:b4:fc:0e:
4b:2e:c3:8b:63:88:87:87:f8:c4:a4:ae:fc:9f:75:
39:a8:e2:92:c9:89:e9:62:b8:fc:f7:a6:42:c2:81:
92:f6:02:8b:a6:7e:77:c8:8a:3a:55:0c:b4:fd:6c:
4d:b9:74:63:b5:6b:cb:81:bb:52:25:fd:34:0b:55:
82:9c:da:21:6c:ed:45:57:91:28:4a:f1:74:f9:05:
53:34:d0:2e:d3:4d:1d:85:be:54:cc:e3:00:e3:a0:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A8:AD:13:EA:4E:B5:51:FA:80:E5:20:49:E2:71:57:D1:B2:86:F6
X509v3 Authority Key Identifier:
keyid:47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/NqitE-pOtVH6gOUgSeJxV9GyhvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.112.0/21
185.99.224.0/22
Signature Algorithm: sha256WithRSAEncryption
35:23:9c:3b:1b:8d:8a:cd:d8:f7:33:fe:d4:c5:ce:3b:ac:97:
8c:fd:a7:b9:fd:cb:8c:f0:1d:a7:fc:8f:ff:c1:18:1c:35:31:
cb:3f:d3:07:67:ba:1b:c1:cb:82:42:ac:16:94:7f:19:06:be:
31:db:f1:cd:d9:97:b5:f9:9d:0b:c7:eb:0f:0e:4d:06:8b:8a:
b9:64:7e:b4:e1:8a:17:b9:b5:9a:9c:7b:4f:98:ea:52:18:c1:
0b:21:69:85:c5:4d:0f:5b:69:bc:aa:47:70:8b:38:53:f8:5d:
27:68:c2:40:11:35:cc:c8:02:02:02:7c:88:3d:53:93:8c:e0:
9a:1f:97:1b:a0:f2:9a:37:1c:c1:00:7e:8e:d1:ca:36:58:ef:
13:90:22:cc:7c:1a:03:a5:81:3b:8d:08:2b:80:1b:bb:d3:41:
cb:20:05:a0:2b:d8:d4:39:f2:e7:86:0f:05:c3:80:95:ca:de:
fd:1e:59:e8:cb:e3:ab:33:eb:b3:e8:e4:18:72:bc:57:c3:c7:
da:2b:5e:19:74:cd:13:98:9c:e9:54:c3:ca:15:bf:73:1a:fd:
76:04:b0:5b:33:f6:f1:b3:f0:36:2c:10:52:82:65:07:e6:a6:
1a:9e:58:e1:9f:5e:dc:81:c4:1f:6b:13:16:ed:f3:53:da:5b:
7c:20:4f:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtOFtB+oExqyoofHhv4z+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ODljNWRjMGRkNTQ0ZmMwMmI3ZTY3ZTVmMWJhYzQ1NmFh
YmZlNjEwHhcNMjMwMTAxMTIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmE4YWQxM2VhNGViNTUxZmE4MGU1MjA0OWUyNzE1N2QxYjI4NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvaRNP7HH1wqKqDTtn43QOtuRRqo
S0gkn0bNtj3JECm+3JejmxV+XaDRN4qK0BSWnGkSE+8Sh66Rk/0fpXx6TEdLZbLK
uxe7uWF7TLhUtiGzVF6G0wozFGBh2jDgus/p/IJ6ZBWQpBduu8LEaAF4DQMmoZQ0
GvlOU1gFsrjEtQCg5tp3GeIwiC8Y6A4ne7U9TTqCFDL3Pcv129uPC+O6Co20/A5L
LsOLY4iHh/jEpK78n3U5qOKSyYnpYrj896ZCwoGS9gKLpn53yIo6VQy0/WxNuXRj
tWvLgbtSJf00C1WCnNohbO1FV5EoSvF0+QVTNNAu000dhb5UzOMA46BrcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDaorRPqTrVR+oDlIEnicVfRsob2MB8GA1UdIwQY
MBaAFEeJxdwN1UT8Arfmfl8brEVqq/5hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMt
NmExYjljMWM2OTI0LzEvTnFpdEUtcE90Vkg2Z09VZ1NlSnhWOUd5aHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMtNmExYjljMWM2OTI0
LzEvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXbxwAwQC
uWPgMA0GCSqGSIb3DQEBCwUAA4IBAQA1I5w7G42Kzdj3M/7Uxc47rJeM/ae5/cuM
8B2n/I//wRgcNTHLP9MHZ7obwcuCQqwWlH8ZBr4x2/HN2Ze1+Z0Lx+sPDk0Gi4q5
ZH604YoXubWanHtPmOpSGMELIWmFxU0PW2m8qkdwizhT+F0naMJAETXMyAICAnyI
PVOTjOCaH5cboPKaNxzBAH6O0co2WO8TkCLMfBoDpYE7jQgrgBu700HLIAWgK9jU
OfLnhg8Fw4CVyt79Hlnoy+OrM+uz6OQYcrxXw8faK14ZdM0TmJzpVMPKFb9zGv12
BLBbM/bxs/A2LBBSgmUH5qYanljhn17cgcQfaxMW7fNT2lt8IE+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org