Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/239ec7-7d2c-42e5-b49a-2f9e93a65c08/1/NuG-Tuq4sw0OyP-_w8bP2OsxQV0.roa
File: NuG-Tuq4sw0OyP-_w8bP2OsxQV0.roa (raw, json)
Hash identifier: fT+yBXwiQPn08DHqn8hdSPIVbyhMGx+O3RDYd44LfT8=
Subject key identifier: 36:E1:BE:4E:EA:B8:B3:0D:0E:C8:FF:BF:C3:C6:CF:D8:EB:31:41:5D
Certificate issuer: /CN=38180c074fbe598824c7003195b30aa4a366152c
Certificate serial: 01856C135E410254EB15A4C35DFB49347073
Authority key identifier: 38:18:0C:07:4F:BE:59:88:24:C7:00:31:95:B3:0A:A4:A3:66:15:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBgMB0--WYgkxwAxlbMKpKNmFSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/239ec7-7d2c-42e5-b49a-2f9e93a65c08/1/NuG-Tuq4sw0OyP-_w8bP2OsxQV0.roa
Signing time: Sun 01 Jan 2023 06:44:46 +0000
ROA not before: Sun 01 Jan 2023 06:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20682
IP address blocks: 91.235.251.0/24 maxlen: 24
91.235.248.0/24 maxlen: 24
91.235.249.0/24 maxlen: 24
91.235.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:5e:41:02:54:eb:15:a4:c3:5d:fb:49:34:70:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38180c074fbe598824c7003195b30aa4a366152c
Validity
Not Before: Jan 1 06:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36e1be4eeab8b30d0ec8ffbfc3c6cfd8eb31415d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bb:80:42:94:de:e2:ba:41:3e:e5:64:36:54:
ab:ff:2b:de:02:cd:69:79:e3:6a:92:c5:96:5a:86:
21:09:31:17:17:ff:9f:32:8a:b9:bd:11:7b:de:91:
3e:e1:a3:47:56:1b:b5:66:81:5e:85:08:1b:0c:6d:
f6:a1:aa:29:f7:10:ee:9a:d2:17:84:25:d3:fb:db:
38:04:27:ed:0c:48:a2:a7:fc:5e:db:a7:97:8d:33:
16:90:2b:e0:00:75:ea:e4:34:39:22:9a:f3:8c:37:
08:0c:45:33:2d:ca:3e:f5:b0:6c:21:37:48:ee:3d:
31:12:3f:a8:07:93:c5:8e:60:09:a8:fe:db:26:a8:
90:8c:9c:4f:a6:02:8b:3c:5d:06:be:33:79:f1:9d:
eb:f9:27:84:d9:af:0e:83:75:eb:21:4f:5c:e7:0f:
59:7b:c0:f6:d4:3f:a1:16:1b:c4:cf:23:11:9d:1b:
dc:38:a9:1e:df:4e:02:10:01:70:73:81:2f:27:77:
21:ed:d5:16:42:15:93:4c:84:cb:e2:75:3b:db:57:
97:82:32:50:d1:a1:df:bf:c8:fc:c4:e0:97:2b:b0:
9d:fe:ec:fe:02:49:f0:f8:11:37:f3:e8:0d:7e:6b:
50:f5:d5:f0:1d:f6:11:98:05:6a:17:b3:8e:26:09:
b4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E1:BE:4E:EA:B8:B3:0D:0E:C8:FF:BF:C3:C6:CF:D8:EB:31:41:5D
X509v3 Authority Key Identifier:
keyid:38:18:0C:07:4F:BE:59:88:24:C7:00:31:95:B3:0A:A4:A3:66:15:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBgMB0--WYgkxwAxlbMKpKNmFSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/239ec7-7d2c-42e5-b49a-2f9e93a65c08/1/NuG-Tuq4sw0OyP-_w8bP2OsxQV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/239ec7-7d2c-42e5-b49a-2f9e93a65c08/1/OBgMB0--WYgkxwAxlbMKpKNmFSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:be:b9:5b:df:c9:6e:65:c5:28:ea:54:12:69:3a:5b:6a:46:
7d:ff:5e:f3:37:7d:50:d7:ad:ad:23:d7:df:d5:93:3b:16:32:
9f:47:fb:0b:9e:17:54:7f:b1:38:c7:12:59:92:9e:ef:20:7a:
e5:67:7b:d3:9d:de:70:1b:40:90:d6:da:1d:65:97:11:76:34:
93:7a:e0:2c:06:89:a2:a3:2c:b1:9e:6b:25:60:92:c0:9b:46:
3e:78:84:25:e9:af:c5:7a:76:27:43:71:42:5e:0a:4f:80:19:
c1:20:1c:54:5a:da:fa:04:2e:02:58:da:f7:aa:5b:04:0b:95:
d0:c7:8c:58:03:22:c4:09:a4:d0:16:71:ee:89:65:51:f4:59:
a9:f0:ca:9d:08:90:42:cf:d7:60:2e:f4:de:13:d6:d1:ab:76:
95:a7:28:de:33:dd:04:c6:0b:94:3e:ec:0c:ae:c8:b7:44:0f:
a6:f9:69:1e:b0:ed:31:4c:10:77:00:fc:95:d2:85:4e:7c:c3:
54:26:32:34:aa:34:57:5d:6d:30:cf:8b:63:df:ba:6a:20:43:
e2:c2:f4:29:5e:65:c0:c1:a5:34:d2:0b:f4:00:d9:99:cb:cd:
2f:ee:63:63:7a:36:37:80:4b:8a:7a:35:77:bd:fb:f5:07:52:
fd:32:59:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE15BAlTrFaTDXftJNHBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTgwYzA3NGZiZTU5ODgyNGM3MDAzMTk1YjMwYWE0YTM2
NjE1MmMwHhcNMjMwMTAxMDY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUxYmU0ZWVhYjhiMzBkMGVjOGZmYmZjM2M2Y2ZkOGViMzE0MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbuAQpTe4rpBPuVkNlSr/yveAs1p
eeNqksWWWoYhCTEXF/+fMoq5vRF73pE+4aNHVhu1ZoFehQgbDG32oaop9xDumtIX
hCXT+9s4BCftDEiip/xe26eXjTMWkCvgAHXq5DQ5IprzjDcIDEUzLco+9bBsITdI
7j0xEj+oB5PFjmAJqP7bJqiQjJxPpgKLPF0GvjN58Z3r+SeE2a8Og3XrIU9c5w9Z
e8D21D+hFhvEzyMRnRvcOKke304CEAFwc4EvJ3ch7dUWQhWTTITL4nU721eXgjJQ
0aHfv8j8xOCXK7Cd/uz+Aknw+BE38+gNfmtQ9dXwHfYRmAVqF7OOJgm0/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbhvk7quLMNDsj/v8PGz9jrMUFdMB8GA1UdIwQY
MBaAFDgYDAdPvlmIJMcAMZWzCqSjZhUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JnTUIwLS1XWWdreHdBeGxiTUtwS05tRlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yMzllYzctN2QyYy00MmU1LWI0OWEt
MmY5ZTkzYTY1YzA4LzEvTnVHLVR1cTRzdzBPeVAtX3c4YlAyT3N4UVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yMzllYzctN2QyYy00MmU1LWI0OWEtMmY5ZTkzYTY1YzA4
LzEvT0JnTUIwLS1XWWdreHdBeGxiTUtwS05tRlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+v4MA0G
CSqGSIb3DQEBCwUAA4IBAQCLvrlb38luZcUo6lQSaTpbakZ9/17zN31Q162tI9ff
1ZM7FjKfR/sLnhdUf7E4xxJZkp7vIHrlZ3vTnd5wG0CQ1todZZcRdjSTeuAsBomi
oyyxnmslYJLAm0Y+eIQl6a/FenYnQ3FCXgpPgBnBIBxUWtr6BC4CWNr3qlsEC5XQ
x4xYAyLECaTQFnHuiWVR9Fmp8MqdCJBCz9dgLvTeE9bRq3aVpyjeM90ExguUPuwM
rsi3RA+m+WkesO0xTBB3APyV0oVOfMNUJjI0qjRXXW0wz4tj37pqIEPiwvQpXmXA
waU00gv0ANmZy80v7mNjejY3gEuKejV3vfv1B1L9MlkR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:05 2024 by rpki-client on console-fra.rpki-client.org