Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/NNQhKEK6s7utWzkskzDkTJ156sE.roa
File: NNQhKEK6s7utWzkskzDkTJ156sE.roa (raw, json)
Hash identifier: ak+kUAG1VDVoZZWnDojLxNGiKsVYbGuSRVcB6J/E9oI=
Subject key identifier: 34:D4:21:28:42:BA:B3:BB:AD:5B:39:2C:93:30:E4:4C:9D:79:EA:C1
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01869BBC7906CADBE73D321EE327857B7F3C
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/NNQhKEK6s7utWzkskzDkTJ156sE.roa
Signing time: Wed 01 Mar 2023 05:54:25 +0000
ROA not before: Wed 01 Mar 2023 05:54:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51248
IP address blocks: 212.22.70.0/24 maxlen: 24
212.22.81.0/24 maxlen: 24
212.22.87.0/24 maxlen: 24
185.65.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 06:52:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:bc:79:06:ca:db:e7:3d:32:1e:e3:27:85:7b:7f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 1 05:54:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d4212842bab3bbad5b392c9330e44c9d79eac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f3:a8:62:3a:52:49:e5:29:37:be:19:bf:c4:
f6:b4:56:1e:75:7e:27:43:bb:da:4b:40:df:24:81:
b8:c4:17:4f:29:ce:4a:5a:db:17:a9:25:41:08:2e:
20:39:5b:b1:e2:6c:42:70:78:e0:e0:7d:32:74:36:
0c:eb:26:a9:73:84:0b:7e:56:a7:71:ed:f1:4b:27:
00:3c:cb:83:9d:0f:7c:a6:6c:f3:a0:e7:31:8c:de:
5c:ed:1d:36:d0:19:f2:2e:d8:ec:7a:3f:0d:9e:55:
95:92:7f:b1:2f:ba:f0:fd:76:8a:61:17:6c:72:cb:
9f:c5:4c:93:99:ac:60:0b:30:e6:17:89:62:c9:0b:
c9:5d:dd:b5:c3:a8:bc:1c:a3:08:d3:ff:35:69:17:
33:9a:07:a2:a5:44:3c:40:5a:73:b3:fe:3a:bc:87:
3c:2c:47:58:09:37:93:eb:a6:91:9e:23:32:4d:fd:
5b:47:42:b8:2c:ea:c9:e1:b3:fb:07:1c:41:48:ec:
8c:ce:28:ef:b1:ec:34:46:91:3a:5b:e4:af:27:04:
dc:ee:20:b1:46:75:86:fb:5d:cf:b0:09:79:9e:05:
10:6d:7e:b5:af:be:16:56:79:23:56:ce:bd:b8:ab:
88:88:77:d6:5a:b9:68:5c:21:1d:4f:1e:2a:72:ca:
41:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D4:21:28:42:BA:B3:BB:AD:5B:39:2C:93:30:E4:4C:9D:79:EA:C1
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/NNQhKEK6s7utWzkskzDkTJ156sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
212.22.70.0/24
212.22.81.0/24
212.22.87.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:f6:2a:15:4f:43:9d:62:34:0d:bf:8c:b3:21:e2:d4:4b:9f:
f1:6e:79:a6:30:de:17:1f:e7:08:a7:30:48:32:68:28:83:8c:
c8:0a:e8:ab:f4:19:3a:b5:eb:fc:39:2f:b3:5d:06:1f:c1:47:
38:58:a9:d2:96:64:15:5e:ba:1e:b4:d6:0d:a2:d2:92:bb:af:
27:99:1b:63:9a:6d:84:51:f1:63:d4:10:a1:26:27:9e:b4:a4:
23:74:dc:e8:ad:a0:9d:79:e9:70:10:c1:3a:58:d2:2f:bb:7c:
af:14:fd:ba:ba:5a:2e:b9:bd:e3:63:dc:7c:44:e9:5f:df:6f:
25:05:ed:50:e9:87:38:5a:94:b1:ed:73:e8:e0:ca:c5:ac:40:
87:81:8a:f2:da:27:6b:b3:88:4a:be:5f:8d:7d:c7:c0:57:14:
49:51:a3:40:5c:5a:9d:d9:7f:4e:15:60:37:6e:79:3e:c6:7f:
74:6b:17:5c:02:19:dd:3f:2e:68:97:a0:e7:4c:c1:39:e7:a0:
af:e9:b2:c6:ed:36:be:35:47:16:7a:eb:3d:64:23:1d:66:44:
0b:88:56:c2:fc:bb:3d:75:73:41:3c:0d:65:e5:65:66:a3:5e:
ff:a7:38:2d:82:9d:05:ac:21:c0:7e:b8:53:80:9e:52:af:78:
2c:ad:08:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYabvHkGytvnPTIe4yeFe388MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMzAxMDU1NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ0MjEyODQyYmFiM2JiYWQ1YjM5MmM5MzMwZTQ0YzlkNzllYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvOoYjpSSeUpN74Zv8T2tFYedX4n
Q7vaS0DfJIG4xBdPKc5KWtsXqSVBCC4gOVux4mxCcHjg4H0ydDYM6yapc4QLflan
ce3xSycAPMuDnQ98pmzzoOcxjN5c7R020BnyLtjsej8NnlWVkn+xL7rw/XaKYRds
csufxUyTmaxgCzDmF4liyQvJXd21w6i8HKMI0/81aRczmgeipUQ8QFpzs/46vIc8
LEdYCTeT66aRniMyTf1bR0K4LOrJ4bP7BxxBSOyMzijvsew0RpE6W+SvJwTc7iCx
RnWG+13PsAl5ngUQbX61r74WVnkjVs69uKuIiHfWWrloXCEdTx4qcspBGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDTUIShCurO7rVs5LJMw5EydeerBMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvTk5RaEtFSzZzN3V0V3prc2t6RGtUSjE1NnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUHKAwQA
1BZGAwQA1BZRAwQA1BZXMA0GCSqGSIb3DQEBCwUAA4IBAQC69ioVT0OdYjQNv4yz
IeLUS5/xbnmmMN4XH+cIpzBIMmgog4zICuir9Bk6tev8OS+zXQYfwUc4WKnSlmQV
XroetNYNotKSu68nmRtjmm2EUfFj1BChJieetKQjdNzoraCdeelwEME6WNIvu3yv
FP26ulouub3jY9x8ROlf328lBe1Q6Yc4WpSx7XPo4MrFrECHgYry2idrs4hKvl+N
fcfAVxRJUaNAXFqd2X9OFWA3bnk+xn90axdcAhndPy5ol6DnTME556Cv6bLG7Ta+
NUcWeus9ZCMdZkQLiFbC/Ls9dXNBPA1l5WVmo17/pzgtgp0FrCHAfrhTgJ5Sr3gs
rQj2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:30 2024 by rpki-client on console-ams.rpki-client.org