Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1ns-q_b_8HWOgG6H92TbYgCw_3w.roa
File: 1ns-q_b_8HWOgG6H92TbYgCw_3w.roa (raw, json)
Hash identifier: C+FOQDWEvogo7uZ3RTQuT5MKja8NWetzrJX2kTxaZ3M=
Subject key identifier: D6:7B:3E:AB:F6:FF:F0:75:8E:80:6E:87:F7:64:DB:62:00:B0:FF:7C
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01856DC1CE59C81BA25EC1CDDB642F4AF9BC
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1ns-q_b_8HWOgG6H92TbYgCw_3w.roa
Signing time: Sun 01 Jan 2023 14:34:55 +0000
ROA not before: Sun 01 Jan 2023 14:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51248
IP address blocks: 212.22.70.0/24 maxlen: 24
212.22.81.0/24 maxlen: 24
212.22.87.0/24 maxlen: 24
185.65.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 05:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ce:59:c8:1b:a2:5e:c1:cd:db:64:2f:4a:f9:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 14:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d67b3eabf6fff0758e806e87f764db6200b0ff7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:d6:c3:6a:8f:17:e5:3a:92:a3:bd:f9:90:
e2:84:08:35:ce:fb:43:38:3d:23:64:a9:d7:99:68:
b9:35:c0:a7:e2:87:3d:ce:ec:71:3f:44:c9:90:a1:
08:1a:3c:9f:e5:25:99:a5:58:20:d5:f8:d9:e2:b4:
41:77:73:e4:46:4e:d5:59:97:f9:55:7a:11:77:a7:
b8:b2:3c:37:e4:c4:da:df:29:d3:8d:16:14:e0:92:
ab:a0:47:28:ff:8c:cd:99:a1:23:be:69:7f:38:79:
b1:17:0b:6b:de:56:22:a3:f6:1b:db:0b:72:41:38:
b2:49:62:4a:ff:de:0a:66:55:51:67:67:cf:46:4c:
5e:fd:d3:5d:db:34:7d:7d:7d:71:e8:7f:8d:95:ea:
d1:a2:1e:c1:a5:bf:21:f5:e8:63:70:74:62:a0:0a:
8c:2a:e0:89:95:96:01:4c:3a:dd:dc:25:80:21:98:
0f:05:68:34:5d:df:d7:0c:86:25:ec:aa:d1:c3:b7:
f9:19:cd:f8:bb:04:5e:81:e2:be:ac:f4:40:83:52:
89:d7:39:9d:4b:06:a8:20:fc:f5:2a:95:6b:dd:e4:
42:8e:ff:67:a5:8a:37:78:d8:b3:08:f0:7c:3a:d4:
ce:0f:a2:02:c9:01:9d:99:d0:12:b9:07:d8:5d:57:
e5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7B:3E:AB:F6:FF:F0:75:8E:80:6E:87:F7:64:DB:62:00:B0:FF:7C
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1ns-q_b_8HWOgG6H92TbYgCw_3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
212.22.70.0/24
212.22.81.0/24
212.22.87.0/24
Signature Algorithm: sha256WithRSAEncryption
08:5f:80:32:19:90:71:25:5b:da:5c:41:60:33:89:df:9a:30:
8b:15:ef:c5:f0:a6:29:80:eb:dc:f2:85:6e:9b:2e:c0:d7:f5:
e3:59:f2:d1:29:c7:93:f6:cc:37:ec:a7:ee:35:02:b1:35:cc:
08:b7:56:79:0b:17:fe:9f:a2:57:6a:f1:37:af:4c:26:20:ef:
59:b7:a6:51:b8:c1:cc:f1:30:c4:69:91:c2:b0:f3:0a:7d:76:
f8:d9:01:d6:8d:3e:6d:23:82:6d:ae:76:c1:02:18:85:8f:eb:
f5:6d:b9:a9:9c:d6:18:e4:be:42:a1:f5:21:6e:0d:f4:bc:1d:
c5:e6:e5:0a:80:fd:03:f2:b5:86:4f:b1:f7:07:20:47:df:89:
8e:53:59:cb:21:ce:6f:ed:46:d4:36:47:b3:ed:e9:1c:89:c2:
5b:45:f9:b4:04:27:86:28:1e:fa:df:5e:40:fe:94:b1:ee:a4:
99:c6:e6:69:53:6a:fd:16:e2:80:02:0a:33:7f:cf:ef:02:ff:
45:f9:a3:4b:f0:85:39:d0:23:41:e4:7d:81:db:9f:ef:ce:e1:
ec:1a:b6:8d:6e:bc:5a:4c:91:3b:96:38:8e:e4:25:6f:a3:b7:
79:3e:07:7c:c1:bc:fe:16:c6:f5:dc:32:aa:76:7a:2f:85:7d:
a3:d5:8d:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtwc5ZyBuiXsHN22QvSvm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMTAxMTQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdiM2VhYmY2ZmZmMDc1OGU4MDZlODdmNzY0ZGI2MjAwYjBmZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbXWw2qPF+U6kqO9+ZDihAg1zvtD
OD0jZKnXmWi5NcCn4oc9zuxxP0TJkKEIGjyf5SWZpVgg1fjZ4rRBd3PkRk7VWZf5
VXoRd6e4sjw35MTa3ynTjRYU4JKroEco/4zNmaEjvml/OHmxFwtr3lYio/Yb2wty
QTiySWJK/94KZlVRZ2fPRkxe/dNd2zR9fX1x6H+NlerRoh7Bpb8h9ehjcHRioAqM
KuCJlZYBTDrd3CWAIZgPBWg0Xd/XDIYl7KrRw7f5Gc34uwRegeK+rPRAg1KJ1zmd
SwaoIPz1KpVr3eRCjv9npYo3eNizCPB8OtTOD6ICyQGdmdASuQfYXVflFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNZ7Pqv2//B1joBuh/dk22IAsP98MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvMW5zLXFfYl84SFdPZ0c2SDkyVGJZZ0N3XzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUHKAwQA
1BZGAwQA1BZRAwQA1BZXMA0GCSqGSIb3DQEBCwUAA4IBAQAIX4AyGZBxJVvaXEFg
M4nfmjCLFe/F8KYpgOvc8oVumy7A1/XjWfLRKceT9sw37KfuNQKxNcwIt1Z5Cxf+
n6JXavE3r0wmIO9Zt6ZRuMHM8TDEaZHCsPMKfXb42QHWjT5tI4JtrnbBAhiFj+v1
bbmpnNYY5L5CofUhbg30vB3F5uUKgP0D8rWGT7H3ByBH34mOU1nLIc5v7UbUNkez
7ekcicJbRfm0BCeGKB76315A/pSx7qSZxuZpU2r9FuKAAgozf8/vAv9F+aNL8IU5
0CNB5H2B25/vzuHsGraNbrxaTJE7ljiO5CVvo7d5Pgd8wbz+Fsb13DKqdnovhX2j
1Y1p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org