Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/NCuu3jtHMxCSXh2-Hm_DzpSFx38.roa
File: NCuu3jtHMxCSXh2-Hm_DzpSFx38.roa (raw, json)
Hash identifier: DVctUdFUT6VhP24E24u0CRyJlQApGLdgZHCXb+9T/tE=
Subject key identifier: 34:2B:AE:DE:3B:47:33:10:92:5E:1D:BE:1E:6F:C3:CE:94:85:C7:7F
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 018AD686DC075C2B26A2D2AE0E5CFE8DEAEB
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/NCuu3jtHMxCSXh2-Hm_DzpSFx38.roa
Signing time: Wed 27 Sep 2023 12:04:36 +0000
ROA not before: Wed 27 Sep 2023 12:04:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48722
IP address blocks: 185.140.132.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:86:dc:07:5c:2b:26:a2:d2:ae:0e:5c:fe:8d:ea:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Sep 27 12:04:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=342baede3b473310925e1dbe1e6fc3ce9485c77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:d2:11:48:9c:4d:5e:02:9b:92:b8:25:2c:
b6:59:cb:8f:13:11:d1:1f:bd:fa:64:1e:8e:d7:02:
1b:01:57:40:78:7e:4d:9a:28:e9:3a:c6:b2:47:7b:
4f:bf:4c:eb:91:8a:d0:0f:ca:7a:bb:07:35:86:c9:
25:69:02:d9:e7:42:f0:42:b6:f7:5d:29:3a:52:5d:
89:ed:41:d3:df:4d:af:96:0e:4d:d8:86:10:8b:20:
ac:49:38:89:30:5d:36:34:20:26:2e:94:4c:16:2a:
73:5d:5f:1a:a2:79:59:52:3b:b2:90:05:67:69:6d:
3c:06:16:7f:47:f0:08:85:3e:09:09:33:5e:ad:ac:
b7:c1:d7:0e:43:4e:d2:0a:0d:74:76:06:7c:06:f2:
9a:01:85:8f:5f:a9:58:22:4d:31:30:ad:7b:91:19:
13:56:cf:25:61:47:40:bc:4d:22:f3:d7:c4:a7:cc:
c0:99:75:97:b4:15:a9:0b:3a:ab:d2:92:a1:4c:03:
ae:76:90:f9:42:cf:4b:63:81:18:2f:a7:17:0b:bb:
ea:46:87:42:c6:c5:83:3e:fe:8f:23:2b:28:76:ae:
3f:4c:c8:66:db:5a:91:90:32:65:4d:99:77:7e:42:
d7:1c:af:2c:6f:de:2a:69:d8:0c:86:8b:33:3d:b0:
23:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2B:AE:DE:3B:47:33:10:92:5E:1D:BE:1E:6F:C3:CE:94:85:C7:7F
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/NCuu3jtHMxCSXh2-Hm_DzpSFx38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.132.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:cc:3c:4a:b2:5c:55:9a:be:96:3b:19:e6:37:a4:cb:5a:81:
bb:49:17:f3:b7:82:35:cb:18:ed:4e:59:29:3c:c5:e2:26:c2:
98:77:ae:f5:30:0c:01:a8:ed:7b:82:0a:7b:b3:b0:c8:a8:b0:
45:31:95:34:e1:51:0f:45:39:3a:b1:10:57:53:d6:68:74:1c:
c9:42:9d:f0:49:35:a7:94:18:3c:9f:4e:1e:8d:eb:03:89:23:
bc:6a:58:c6:61:77:85:31:2c:c5:1f:12:84:a6:04:c5:34:9f:
1a:d6:18:ce:b8:ca:b5:7e:a0:d8:1c:04:e7:25:61:d9:a5:cd:
7b:be:39:a4:dd:5e:31:1a:67:8c:93:5d:e8:e9:45:28:2c:4b:
99:89:94:1a:7a:22:05:f4:49:11:ad:dd:28:4f:e3:c9:9c:21:
ab:e8:1d:2a:47:2d:5b:af:76:80:8a:03:8f:43:4f:06:53:98:
55:fe:db:c5:49:60:d3:0a:c8:12:36:93:da:b3:bb:d1:2e:c4:
cd:cd:29:f7:15:f4:ce:d4:6a:32:fa:88:c4:bb:3d:85:41:27:
5c:81:0d:fc:48:d1:3f:b9:15:1f:6b:2f:33:76:0e:49:5c:b8:
83:90:cc:41:c0:b0:86:be:5b:81:2e:59:c7:fa:15:e5:0a:0d:
2a:d1:76:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrWhtwHXCsmotKuDlz+jerrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjMwOTI3MTIwNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJiYWVkZTNiNDczMzEwOTI1ZTFkYmUxZTZmYzNjZTk0ODVjNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7/SEUicTV4Cm5K4JSy2WcuPExHR
H736ZB6O1wIbAVdAeH5NmijpOsayR3tPv0zrkYrQD8p6uwc1hsklaQLZ50LwQrb3
XSk6Ul2J7UHT302vlg5N2IYQiyCsSTiJMF02NCAmLpRMFipzXV8aonlZUjuykAVn
aW08BhZ/R/AIhT4JCTNeray3wdcOQ07SCg10dgZ8BvKaAYWPX6lYIk0xMK17kRkT
Vs8lYUdAvE0i89fEp8zAmXWXtBWpCzqr0pKhTAOudpD5Qs9LY4EYL6cXC7vqRodC
xsWDPv6PIysodq4/TMhm21qRkDJlTZl3fkLXHK8sb94qadgMhoszPbAjvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQrrt47RzMQkl4dvh5vw86Uhcd/MB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvTkN1dTNqdEhNeENTWGgyLUhtX0R6cFNGeDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYyEMA0G
CSqGSIb3DQEBCwUAA4IBAQCszDxKslxVmr6WOxnmN6TLWoG7SRfzt4I1yxjtTlkp
PMXiJsKYd671MAwBqO17ggp7s7DIqLBFMZU04VEPRTk6sRBXU9ZodBzJQp3wSTWn
lBg8n04ejesDiSO8aljGYXeFMSzFHxKEpgTFNJ8a1hjOuMq1fqDYHATnJWHZpc17
vjmk3V4xGmeMk13o6UUoLEuZiZQaeiIF9EkRrd0oT+PJnCGr6B0qRy1br3aAigOP
Q08GU5hV/tvFSWDTCsgSNpPas7vRLsTNzSn3FfTO1Goy+ojEuz2FQSdcgQ38SNE/
uRUfay8zdg5JXLiDkMxBwLCGvluBLlnH+hXlCg0q0Xbo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:16 2024 by rpki-client on console-ams.rpki-client.org