Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/NURjPxir9R86kzOSGp1xlFsCKl0.roa
File: NURjPxir9R86kzOSGp1xlFsCKl0.roa (raw, json)
Hash identifier: N8CeYU0s7I/6rkmecD6a8l8YER/oF+DANSDFoTxaI9Q=
Subject key identifier: 35:44:63:3F:18:AB:F5:1F:3A:93:33:92:1A:9D:71:94:5B:02:2A:5D
Certificate issuer: /CN=767c1766fbbdcff68bbc34a3c6be69a0c8a03ab9
Certificate serial: 018CC7950EEC01EF32F6B159A9E4E6FB572B
Authority key identifier: 76:7C:17:66:FB:BD:CF:F6:8B:BC:34:A3:C6:BE:69:A0:C8:A0:3A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnwXZvu9z_aLvDSjxr5poMigOrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/NURjPxir9R86kzOSGp1xlFsCKl0.roa
Signing time: Tue 02 Jan 2024 00:31:23 +0000
ROA not before: Tue 02 Jan 2024 00:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57000
IP address blocks: 185.143.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 20:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:0e:ec:01:ef:32:f6:b1:59:a9:e4:e6:fb:57:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767c1766fbbdcff68bbc34a3c6be69a0c8a03ab9
Validity
Not Before: Jan 2 00:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3544633f18abf51f3a9333921a9d71945b022a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:76:bd:6e:41:0a:28:15:00:9c:0d:48:bb:
02:f8:71:27:d8:e3:8a:3a:db:a7:4a:44:21:b8:70:
d3:43:e4:c2:6b:b0:c1:e5:ae:94:3e:06:13:39:3b:
8d:c3:e0:9a:a4:d1:08:0a:c6:84:00:1f:6d:c2:83:
ff:fd:9f:59:2f:a5:ab:89:bb:27:b5:1c:57:fb:b0:
62:56:cc:8c:99:44:71:42:7d:e8:c6:81:01:f0:bb:
82:d3:7f:e7:eb:89:ad:93:3d:81:6b:1e:75:ad:fe:
9d:69:22:c1:53:60:53:f3:d2:22:6a:b0:b1:bc:98:
0f:70:bf:c0:27:06:33:4a:8c:97:c6:92:5a:23:d7:
56:73:ce:47:48:ea:87:3e:f7:0a:c7:09:ae:ff:ce:
9a:61:bc:13:f8:b1:c7:04:17:72:32:8c:0f:98:4d:
78:3f:69:ac:37:ba:50:c0:3d:06:1d:01:f7:f1:2d:
35:e3:1b:40:9b:88:7e:64:9a:4c:e6:ba:87:04:16:
6d:63:24:53:ae:ab:00:00:3a:4b:eb:c4:d6:36:64:
d4:9c:eb:80:54:fc:a5:14:43:65:ef:15:46:88:12:
ae:6f:70:15:a4:da:f5:0c:7f:3e:57:e0:4c:6d:33:
2f:25:98:aa:4b:23:af:39:ea:f4:93:c9:9b:83:d9:
01:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:44:63:3F:18:AB:F5:1F:3A:93:33:92:1A:9D:71:94:5B:02:2A:5D
X509v3 Authority Key Identifier:
keyid:76:7C:17:66:FB:BD:CF:F6:8B:BC:34:A3:C6:BE:69:A0:C8:A0:3A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnwXZvu9z_aLvDSjxr5poMigOrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/NURjPxir9R86kzOSGp1xlFsCKl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/dnwXZvu9z_aLvDSjxr5poMigOrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.42.0/24
Signature Algorithm: sha256WithRSAEncryption
70:6c:f6:57:8e:28:77:86:6c:13:4c:c4:94:4a:98:bc:03:f1:
6a:3a:26:b7:d8:16:ce:e3:9c:8a:ea:43:77:3a:23:22:42:b8:
da:05:23:a7:ae:60:f4:95:80:b9:b9:84:fd:cb:b3:93:df:ab:
e5:e2:85:c6:80:80:52:73:94:eb:3d:98:14:29:45:e0:fa:bd:
1e:42:dd:61:d7:49:73:ca:2e:e8:bb:7b:34:2d:99:25:99:3b:
1e:0b:57:88:30:8d:8b:85:e5:91:27:24:a5:a6:d7:c1:07:45:
de:84:53:d9:fa:cd:15:9e:d0:84:4b:d0:c7:e1:9f:81:39:e8:
d5:a1:f6:eb:b2:1e:1a:1a:1b:b4:47:81:d3:23:e0:15:f9:86:
ca:b8:33:f4:3a:d2:e0:bc:87:e4:ff:b5:73:62:3c:b5:bc:b6:
00:f9:af:5c:8f:e2:7d:23:b2:fa:5d:90:6e:51:99:a1:b8:21:
f3:61:f9:32:ec:77:93:b7:89:39:ba:1b:17:a6:8b:30:c5:70:
08:f4:2a:0a:ea:31:aa:45:13:ed:12:37:24:76:de:d9:8d:db:
3a:74:47:54:f3:82:70:26:8a:23:de:46:db:72:83:b1:bd:88:
96:c9:c0:c2:f7:a0:b2:cf:09:c4:7a:a1:58:73:f6:f2:69:37:
ce:87:5d:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQ7sAe8y9rFZqeTm+1crMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2MxNzY2ZmJiZGNmZjY4YmJjMzRhM2M2YmU2OWEwYzhh
MDNhYjkwHhcNMjQwMTAyMDAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ0NjMzZjE4YWJmNTFmM2E5MzMzOTIxYTlkNzE5NDViMDIyYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5t2vW5BCigVAJwNSLsC+HEn2OOK
OtunSkQhuHDTQ+TCa7DB5a6UPgYTOTuNw+CapNEICsaEAB9twoP//Z9ZL6Wribsn
tRxX+7BiVsyMmURxQn3oxoEB8LuC03/n64mtkz2Bax51rf6daSLBU2BT89IiarCx
vJgPcL/AJwYzSoyXxpJaI9dWc85HSOqHPvcKxwmu/86aYbwT+LHHBBdyMowPmE14
P2msN7pQwD0GHQH38S014xtAm4h+ZJpM5rqHBBZtYyRTrqsAADpL68TWNmTUnOuA
VPylFENl7xVGiBKub3AVpNr1DH8+V+BMbTMvJZiqSyOvOer0k8mbg9kBhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVEYz8Yq/UfOpMzkhqdcZRbAipdMB8GA1UdIwQY
MBaAFHZ8F2b7vc/2i7w0o8a+aaDIoDq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG53WFp2dTl6X2FMdkRTanhyNXBvTWlnT3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84ODQzNTYtN2UyYS00YzJhLThmZjQt
MzU2OGUxZDI5ZDRhLzEvTlVSalB4aXI5Ujg2a3pPU0dwMXhsRnNDS2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84ODQzNTYtN2UyYS00YzJhLThmZjQtMzU2OGUxZDI5ZDRh
LzEvZG53WFp2dTl6X2FMdkRTanhyNXBvTWlnT3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY8qMA0G
CSqGSIb3DQEBCwUAA4IBAQBwbPZXjih3hmwTTMSUSpi8A/FqOia32BbO45yK6kN3
OiMiQrjaBSOnrmD0lYC5uYT9y7OT36vl4oXGgIBSc5TrPZgUKUXg+r0eQt1h10lz
yi7ou3s0LZklmTseC1eIMI2LheWRJySlptfBB0XehFPZ+s0VntCES9DH4Z+BOejV
ofbrsh4aGhu0R4HTI+AV+YbKuDP0OtLgvIfk/7VzYjy1vLYA+a9cj+J9I7L6XZBu
UZmhuCHzYfky7HeTt4k5uhsXposwxXAI9CoK6jGqRRPtEjckdt7Zjds6dEdU84Jw
Jooj3kbbcoOxvYiWycDC96CyzwnEeqFYc/byaTfOh10w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:41 2025 by rpki-client