Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NHMvez6f8ZI8umJZG0NNOF2mx2I.roa
File: NHMvez6f8ZI8umJZG0NNOF2mx2I.roa (raw, json)
Hash identifier: TFyCatkX2rzJZlv6XFzCba/7n+/qDsHdGSyOBPn5QvI=
Subject key identifier: 34:73:2F:7B:3E:9F:F1:92:3C:BA:62:59:1B:43:4D:38:5D:A6:C7:62
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CA4CD2A22E34D4EA2F0705828429D130E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NHMvez6f8ZI8umJZG0NNOF2mx2I.roa
Signing time: Tue 26 Dec 2023 06:25:58 +0000
ROA not before: Tue 26 Dec 2023 06:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147287
IP address blocks: 86.107.51.0/24 maxlen: 24
91.132.49.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a4:cd:2a:22:e3:4d:4e:a2:f0:70:58:28:42:9d:13:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 26 06:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34732f7b3e9ff1923cba62591b434d385da6c762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:21:ec:2b:f2:1a:9a:b0:34:ae:0f:69:81:4d:
a2:13:5a:79:2c:d2:cc:42:2e:b0:8c:51:1f:ba:35:
47:ff:7c:48:36:66:3e:f7:16:86:16:ef:90:1e:e5:
69:9e:b6:78:5f:42:50:7f:33:e7:c0:a9:2c:2f:42:
98:ba:fe:28:da:7c:fa:8d:53:dd:9f:77:13:ef:60:
01:cf:e4:3a:27:56:9f:2e:63:fa:4e:00:5e:46:f9:
81:e3:98:6f:ae:91:99:42:21:0b:96:7b:50:36:e1:
45:36:af:b3:55:84:c3:45:7b:27:86:ae:8d:6c:ec:
51:c5:58:8b:6a:59:74:ce:d4:f1:ef:a2:c7:c1:35:
dd:67:72:0e:06:58:cd:e2:ac:88:1c:a3:8e:c3:cf:
9c:ed:0c:48:e1:8f:d2:91:ff:3f:c2:b9:c1:cb:ae:
e6:80:ad:f0:82:28:99:ab:f2:87:a1:0f:5d:b1:c5:
ca:a2:b4:5d:c9:2b:71:be:3d:75:ae:2f:b1:14:19:
16:c7:31:37:99:e9:f3:85:3e:fe:96:4a:96:b5:6d:
5e:b3:d4:76:5f:8f:25:36:4a:e6:8a:b6:e3:d9:b7:
ef:b6:67:66:27:04:5d:ab:01:22:dd:91:ef:61:10:
e2:9e:20:b9:7f:d0:c1:17:fd:5a:ce:35:bb:72:0b:
f3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:2F:7B:3E:9F:F1:92:3C:BA:62:59:1B:43:4D:38:5D:A6:C7:62
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NHMvez6f8ZI8umJZG0NNOF2mx2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.182.0/24
86.107.51.0/24
91.132.49.0-91.132.50.255
Signature Algorithm: sha256WithRSAEncryption
4a:88:8e:57:79:98:63:a4:13:8b:40:04:5e:62:4a:87:b0:e7:
5b:38:dd:1e:7d:78:ea:b6:79:c9:81:6b:d0:f7:24:6c:18:49:
ca:a7:9e:54:18:42:6e:15:f2:f6:65:58:fd:cf:e4:73:1f:0c:
34:2d:83:4d:e0:56:aa:fb:08:ce:fd:4d:7e:79:02:d1:9e:c7:
9d:3a:19:85:0f:b4:24:b4:1b:ac:2f:93:f1:d1:74:01:40:47:
15:e9:52:fc:c1:ee:44:e1:54:48:7d:56:91:fd:df:62:68:68:
17:45:72:8a:d2:b7:fa:c7:dd:bf:eb:ea:3d:48:e3:9b:e6:92:
2f:08:39:91:1f:f0:33:d8:39:03:43:f7:43:47:fd:c6:7f:c9:
c1:b3:d4:12:d7:41:a8:6a:3e:9c:8f:8d:3e:b7:a6:1e:fd:4f:
b3:a5:b4:ec:7f:fc:31:45:fa:52:c0:bb:99:ba:5f:8e:4f:f1:
3c:27:56:9f:ff:0f:d2:99:55:4b:37:3e:85:fa:65:d2:12:62:
0a:87:82:bb:43:ce:01:74:31:f8:8e:ef:b1:91:f9:23:d1:20:
4d:7f:14:27:c5:3c:1a:03:05:3a:59:59:e8:5a:a7:0b:59:f4:
22:3c:48:1d:a8:3b:3e:8f:74:a7:1b:60:6c:b4:98:ab:94:5c:
7b:76:38:e3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYykzSoi401OovBwWChCnRMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMjI2MDYyNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDczMmY3YjNlOWZmMTkyM2NiYTYyNTkxYjQzNGQzODVkYTZjNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCHsK/IamrA0rg9pgU2iE1p5LNLM
Qi6wjFEfujVH/3xINmY+9xaGFu+QHuVpnrZ4X0JQfzPnwKksL0KYuv4o2nz6jVPd
n3cT72ABz+Q6J1afLmP6TgBeRvmB45hvrpGZQiELlntQNuFFNq+zVYTDRXsnhq6N
bOxRxViLall0ztTx76LHwTXdZ3IOBljN4qyIHKOOw8+c7QxI4Y/Skf8/wrnBy67m
gK3wgiiZq/KHoQ9dscXKorRdyStxvj11ri+xFBkWxzE3menzhT7+lkqWtW1es9R2
X48lNkrmirbj2bfvtmdmJwRdqwEi3ZHvYRDiniC5f9DBF/1azjW7cgvzvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDRzL3s+n/GSPLpiWRtDTThdpsdiMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTkhNdmV6NmY4Wkk4dW1KWkcwTk5PRjJteDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATVG2AwQA
VmszMAwDBABbhDEDBABbhDIwDQYJKoZIhvcNAQELBQADggEBAEqIjld5mGOkE4tA
BF5iSoew51s43R59eOq2ecmBa9D3JGwYScqnnlQYQm4V8vZlWP3P5HMfDDQtg03g
Vqr7CM79TX55AtGex506GYUPtCS0G6wvk/HRdAFARxXpUvzB7kThVEh9VpH932Jo
aBdFcorSt/rH3b/r6j1I45vmki8IOZEf8DPYOQND90NH/cZ/ycGz1BLXQahqPpyP
jT63ph79T7OltOx//DFF+lLAu5m6X45P8TwnVp//D9KZVUs3PoX6ZdISYgqHgrtD
zgF0MfiO77GR+SPRIE1/FCfFPBoDBTpZWehapwtZ9CI8SB2oOz6PdKcbYGy0mKuU
XHt2OOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org