Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NgRbfQHgW3wrmQtylfUnjxY3eeM.roa
File: NgRbfQHgW3wrmQtylfUnjxY3eeM.roa (raw, json)
Hash identifier: vem5PuPZIOir+EFRU9QSw4ZmTmOjc+G/8A6YRb9RFWc=
Subject key identifier: 36:04:5B:7D:01:E0:5B:7C:2B:99:0B:72:95:F5:27:8F:16:37:79:E3
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018F9D5E7616DF750D9B62BBE0D6F19281E5
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NgRbfQHgW3wrmQtylfUnjxY3eeM.roa
Signing time: Tue 21 May 2024 22:56:04 +0000
ROA not before: Tue 21 May 2024 22:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 85.204.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 20:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9d:5e:76:16:df:75:0d:9b:62:bb:e0:d6:f1:92:81:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 21 22:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36045b7d01e05b7c2b990b7295f5278f163779e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:3c:68:ed:07:66:9e:12:9e:55:6d:9e:99:
70:e4:0a:49:fb:6e:72:a0:e8:11:5f:71:fc:18:09:
48:ea:00:15:20:2d:35:aa:87:c4:90:9f:00:47:d4:
14:88:6b:15:0e:98:97:b4:26:23:10:c5:2e:07:2d:
8e:e4:45:3b:8c:b8:6e:08:d4:a4:80:74:3f:3b:6f:
03:66:d5:2e:8c:40:38:49:d2:58:69:32:b4:3e:4a:
0c:18:b1:b7:50:4b:d2:5e:d2:e6:01:b7:e5:b5:fd:
1a:e8:d9:03:95:43:07:03:bb:c3:82:4a:94:7b:40:
bb:31:d2:7b:11:e6:9f:17:bc:d4:58:60:b1:57:c3:
ed:13:2b:04:1b:5e:40:e8:37:37:19:d0:1e:ac:81:
d1:2f:6c:68:dc:43:0d:6d:ca:7e:2c:0f:0f:2d:34:
3f:9f:69:82:1f:2a:72:3f:87:e4:29:7a:b9:51:f9:
b8:a5:5a:4d:95:3f:09:a0:38:c1:97:df:a3:f1:84:
72:fd:eb:e1:c6:a6:28:18:8b:e6:85:1b:60:39:50:
5c:9c:05:ab:50:10:fc:69:74:72:0e:ef:cb:86:d5:
a3:db:fa:80:dc:f7:2d:80:6d:9b:f1:bd:61:52:2e:
a3:a6:91:ba:79:a5:9c:e8:3a:11:f3:04:bf:15:d3:
35:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:04:5B:7D:01:E0:5B:7C:2B:99:0B:72:95:F5:27:8F:16:37:79:E3
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NgRbfQHgW3wrmQtylfUnjxY3eeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.22.0/24
Signature Algorithm: sha256WithRSAEncryption
66:95:ba:6b:73:b8:53:cb:28:ce:f2:11:88:a8:01:ef:0c:f0:
49:75:d5:09:06:a4:43:51:ad:63:10:c8:02:37:23:1e:1a:30:
37:34:77:c2:2f:65:38:fd:48:fa:35:da:bb:cc:2a:33:07:f2:
42:16:73:76:14:96:ca:ea:cc:b5:36:b5:25:a1:a2:10:11:60:
90:a9:6c:d0:92:30:c9:a0:2e:d3:c7:5c:e8:d8:f2:6e:12:84:
9c:1c:94:a5:06:ca:c1:3e:01:b4:3d:4e:a1:d6:cb:1c:d2:53:
45:9a:aa:b2:88:de:ae:64:6c:47:4d:a7:f5:12:b4:c2:bb:b1:
f1:06:9d:d3:4a:80:f8:b7:26:53:55:b3:78:98:f8:48:a6:4f:
4d:b2:4c:ce:b9:9f:33:a0:eb:a2:1d:26:1f:c7:a2:88:c9:de:
d1:43:76:fc:67:96:79:0d:bf:81:eb:c6:fa:2a:f1:fc:3f:d3:
72:b3:79:18:1c:83:df:25:09:f9:c8:ae:09:ec:0b:87:92:55:
5c:ef:fb:e3:d1:64:61:eb:d0:02:03:8d:75:e4:ce:e9:2f:00:
75:aa:0f:8a:e9:58:05:cc:8f:78:b5:53:95:0e:c3:bd:a8:61:
63:14:2c:fe:7f:25:2d:ad:e4:59:51:40:86:25:3a:40:7f:bc:
50:79:92:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+dXnYW33UNm2K74NbxkoHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNTIxMjI1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA0NWI3ZDAxZTA1YjdjMmI5OTBiNzI5NWY1Mjc4ZjE2Mzc3OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXk8aO0HZp4SnlVtnplw5ApJ+25y
oOgRX3H8GAlI6gAVIC01qofEkJ8AR9QUiGsVDpiXtCYjEMUuBy2O5EU7jLhuCNSk
gHQ/O28DZtUujEA4SdJYaTK0PkoMGLG3UEvSXtLmAbfltf0a6NkDlUMHA7vDgkqU
e0C7MdJ7EeafF7zUWGCxV8PtEysEG15A6Dc3GdAerIHRL2xo3EMNbcp+LA8PLTQ/
n2mCHypyP4fkKXq5Ufm4pVpNlT8JoDjBl9+j8YRy/evhxqYoGIvmhRtgOVBcnAWr
UBD8aXRyDu/LhtWj2/qA3PctgG2b8b1hUi6jppG6eaWc6DoR8wS/FdM1CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYEW30B4Ft8K5kLcpX1J48WN3njMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTmdSYmZRSGdXM3dybVF0eWxmVW5qeFkzZWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcwWMA0G
CSqGSIb3DQEBCwUAA4IBAQBmlbprc7hTyyjO8hGIqAHvDPBJddUJBqRDUa1jEMgC
NyMeGjA3NHfCL2U4/Uj6Ndq7zCozB/JCFnN2FJbK6sy1NrUloaIQEWCQqWzQkjDJ
oC7Tx1zo2PJuEoScHJSlBsrBPgG0PU6h1ssc0lNFmqqyiN6uZGxHTaf1ErTCu7Hx
Bp3TSoD4tyZTVbN4mPhIpk9NskzOuZ8zoOuiHSYfx6KIyd7RQ3b8Z5Z5Db+B68b6
KvH8P9Nys3kYHIPfJQn5yK4J7AuHklVc7/vj0WRh69ACA4115M7pLwB1qg+K6VgF
zI94tVOVDsO9qGFjFCz+fyUtreRZUUCGJTpAf7xQeZJ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org