Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/nSiGBqzt_f_Mfp_VxRzb4fQAh7g.roa
File: nSiGBqzt_f_Mfp_VxRzb4fQAh7g.roa (raw, json)
Hash identifier: QGSx4LM/M/5k9+0WeIBc/J6Hfj8te8xD8APxFd/Q1Z8=
Subject key identifier: 9D:28:86:06:AC:ED:FD:FF:CC:7E:9F:D5:C5:1C:DB:E1:F4:00:87:B8
Certificate issuer: /CN=7400d5013c12852242343093cbf5148d4eaeaaf9
Certificate serial: 018835B883A15A4EE00A6DCC25E9CE3032E4
Authority key identifier: 74:00:D5:01:3C:12:85:22:42:34:30:93:CB:F5:14:8D:4E:AE:AA:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dADVATwShSJCNDCTy_UUjU6uqvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/nSiGBqzt_f_Mfp_VxRzb4fQAh7g.roa
Signing time: Fri 19 May 2023 20:34:24 +0000
ROA not before: Fri 19 May 2023 20:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212440
IP address blocks: 185.112.180.0/22 maxlen: 24
2a0e:6f00::/31 maxlen: 31
2a0e:6f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:b8:83:a1:5a:4e:e0:0a:6d:cc:25:e9:ce:30:32:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7400d5013c12852242343093cbf5148d4eaeaaf9
Validity
Not Before: May 19 20:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d288606acedfdffcc7e9fd5c51cdbe1f40087b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:13:9b:7f:f0:ce:bd:6c:49:44:2c:5c:9f:0c:
d7:a9:69:09:03:b0:52:97:43:1c:37:4c:db:30:4d:
82:1a:17:4a:1c:77:fc:c1:56:89:d8:95:36:06:68:
7d:2b:55:4f:a7:c8:f3:00:38:86:98:14:0b:94:d8:
02:80:26:22:57:79:40:75:0e:04:79:d0:ee:5a:d3:
c9:3b:39:00:6b:3c:de:77:f3:e4:2e:ad:d8:d9:2e:
b0:e0:5d:d3:71:56:9b:41:5d:1d:c7:dd:0f:e0:73:
12:8f:7e:f5:c0:92:5f:eb:f6:b1:f6:e4:38:91:83:
e1:38:eb:5a:1d:57:14:cb:36:89:2a:b3:f0:de:30:
8e:f0:24:c5:23:e5:09:db:29:83:95:74:58:ec:6f:
bb:60:10:d6:db:a6:ed:fc:e2:31:dc:e6:54:e0:77:
e9:1a:e2:1b:b8:d8:70:5e:61:a1:cf:e7:fb:21:ed:
b5:1d:f1:87:d0:dc:5d:0d:9b:05:b3:c8:c0:51:e9:
d7:6d:01:7d:a1:42:cb:b8:28:2d:78:a6:c6:83:63:
2e:19:30:05:e6:37:a0:83:70:cf:de:cc:4f:c2:1a:
82:2f:e7:5a:a4:48:db:6c:d5:de:68:88:b3:9a:20:
b1:fa:29:15:20:23:1a:16:cb:cf:8f:b7:51:89:76:
c1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:28:86:06:AC:ED:FD:FF:CC:7E:9F:D5:C5:1C:DB:E1:F4:00:87:B8
X509v3 Authority Key Identifier:
keyid:74:00:D5:01:3C:12:85:22:42:34:30:93:CB:F5:14:8D:4E:AE:AA:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dADVATwShSJCNDCTy_UUjU6uqvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/nSiGBqzt_f_Mfp_VxRzb4fQAh7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/dADVATwShSJCNDCTy_UUjU6uqvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.180.0/22
IPv6:
2a0e:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
8a:68:09:8b:c6:4b:3c:e8:75:aa:9c:c4:5d:40:03:d2:68:93:
1f:da:49:a7:9c:34:c5:c4:b0:94:64:7e:76:02:29:fd:e8:80:
61:13:f0:de:38:b8:a6:5c:c6:29:c2:c7:de:ab:44:5d:c1:bc:
a6:ab:5e:64:74:25:ad:28:0c:c8:a6:b3:5c:76:05:d1:a7:6d:
05:6f:1a:d8:5b:1e:4f:69:a9:3d:d3:93:12:d6:aa:ab:81:77:
23:c4:b7:55:6f:15:73:02:1b:1d:34:f5:6c:75:af:59:74:26:
7e:e8:a4:d8:7d:87:5c:d6:ac:db:6d:11:c8:e1:96:f9:91:c8:
fe:21:a9:f7:fa:61:93:56:9c:59:bd:1e:a3:12:59:67:1a:10:
97:e2:2f:f6:cf:06:22:86:a8:c5:f9:47:37:a8:4a:b7:1f:00:
c2:fd:43:76:41:8a:d6:9a:ba:af:81:95:98:f8:56:52:e6:a0:
6b:cf:b8:f4:21:81:19:ff:2f:11:15:1c:0f:35:c3:ee:b0:c1:
90:46:b1:59:48:6e:55:94:11:89:8d:36:cc:95:bc:8d:e6:b3:
48:fa:e2:c9:08:a6:d2:03:5d:97:11:bf:33:73:d5:c9:f2:96:
8d:72:5e:99:a3:fb:e4:56:6e:a4:04:65:a4:4f:f0:e4:e2:d4:
de:3a:61:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYg1uIOhWk7gCm3MJenOMDLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MDBkNTAxM2MxMjg1MjI0MjM0MzA5M2NiZjUxNDhkNGVh
ZWFhZjkwHhcNMjMwNTE5MjAzNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI4ODYwNmFjZWRmZGZmY2M3ZTlmZDVjNTFjZGJlMWY0MDA4N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRObf/DOvWxJRCxcnwzXqWkJA7BS
l0McN0zbME2CGhdKHHf8wVaJ2JU2Bmh9K1VPp8jzADiGmBQLlNgCgCYiV3lAdQ4E
edDuWtPJOzkAazzed/PkLq3Y2S6w4F3TcVabQV0dx90P4HMSj371wJJf6/ax9uQ4
kYPhOOtaHVcUyzaJKrPw3jCO8CTFI+UJ2ymDlXRY7G+7YBDW26bt/OIx3OZU4Hfp
GuIbuNhwXmGhz+f7Ie21HfGH0NxdDZsFs8jAUenXbQF9oULLuCgteKbGg2MuGTAF
5jegg3DP3sxPwhqCL+dapEjbbNXeaIizmiCx+ikVICMaFsvPj7dRiXbBOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ0ohgas7f3/zH6f1cUc2+H0AIe4MB8GA1UdIwQY
MBaAFHQA1QE8EoUiQjQwk8v1FI1Orqr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEFEVkFUd1NoU0pDTkRDVHlfVVVqVTZ1cXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85NWQ3MWQtZjQxYi00MTcxLTgzNTAt
ZTA4OTJhMjhhYWM5LzEvblNpR0JxenRfZl9NZnBfVnhSemI0ZlFBaDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85NWQ3MWQtZjQxYi00MTcxLTgzNTAtZTA4OTJhMjhhYWM5
LzEvZEFEVkFUd1NoU0pDTkRDVHlfVVVqVTZ1cXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXC0MA0E
AgACMAcDBQMqDm8AMA0GCSqGSIb3DQEBCwUAA4IBAQCKaAmLxks86HWqnMRdQAPS
aJMf2kmnnDTFxLCUZH52Ain96IBhE/DeOLimXMYpwsfeq0Rdwbymq15kdCWtKAzI
prNcdgXRp20FbxrYWx5Paak905MS1qqrgXcjxLdVbxVzAhsdNPVsda9ZdCZ+6KTY
fYdc1qzbbRHI4Zb5kcj+Ian3+mGTVpxZvR6jEllnGhCX4i/2zwYihqjF+Uc3qEq3
HwDC/UN2QYrWmrqvgZWY+FZS5qBrz7j0IYEZ/y8RFRwPNcPusMGQRrFZSG5VlBGJ
jTbMlbyN5rNI+uLJCKbSA12XEb8zc9XJ8paNcl6Zo/vkVm6kBGWkT/Dk4tTeOmFy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:26 2024 by rpki-client on console-fra.rpki-client.org