Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/2NRhUoOn6VHSo_OaIDeEZITI_ns.roa
File: 2NRhUoOn6VHSo_OaIDeEZITI_ns.roa (raw, json)
Hash identifier: /4vMsrecgNbfVm+EkJqAXDJnq4Fw4OCws6Pw0ZOgq7Q=
Subject key identifier: D8:D4:61:52:83:A7:E9:51:D2:A3:F3:9A:20:37:84:64:84:C8:FE:7B
Certificate issuer: /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial: 018C3F4C9D757BD0CD8583B364D91047AF70
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/2NRhUoOn6VHSo_OaIDeEZITI_ns.roa
Signing time: Wed 06 Dec 2023 13:23:54 +0000
ROA not before: Wed 06 Dec 2023 13:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200081
IP address blocks: 92.246.88.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:4c:9d:75:7b:d0:cd:85:83:b3:64:d9:10:47:af:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Validity
Not Before: Dec 6 13:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8d4615283a7e951d2a3f39a2037846484c8fe7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:a3:cf:de:3a:43:45:4a:b0:0f:f0:ae:78:
f1:8e:a8:3b:a5:43:b2:c0:22:e2:bf:7c:2f:83:a3:
3c:9c:c5:e9:ee:76:b4:a5:75:22:88:66:01:92:dc:
47:84:6d:a0:90:22:ca:02:f7:8b:eb:d5:fa:4d:dc:
49:e1:7a:76:ae:2c:38:87:ef:00:ff:28:16:89:5a:
85:22:cd:9d:d0:9a:57:ba:a8:2d:8b:f1:3d:2c:f4:
b1:57:1e:ca:31:c5:cb:8f:3e:6c:f3:c4:d2:37:93:
35:60:24:40:89:4f:d9:57:fc:57:8b:9d:cb:55:d2:
db:cb:d3:63:00:26:4b:af:51:5d:fa:5e:e3:80:cd:
ad:7b:de:2f:b7:42:6d:26:ec:85:39:d0:3d:a8:f7:
f4:f3:a9:67:8a:73:e7:b0:3c:b9:4a:24:dc:46:74:
e2:2b:be:6a:ce:bd:f4:7d:75:33:c4:ec:5f:a7:92:
40:53:da:72:0c:17:64:48:50:59:43:b4:05:ee:9c:
c1:7d:98:04:98:a8:fd:91:20:8a:d7:5d:52:10:32:
c6:03:6c:7f:2e:1d:df:65:97:d6:6e:80:a1:03:3f:
90:a0:9d:60:eb:36:b2:32:42:1d:79:9f:07:fa:b0:
ca:70:c5:94:18:c9:23:7c:31:fa:0b:86:13:3a:08:
cc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D4:61:52:83:A7:E9:51:D2:A3:F3:9A:20:37:84:64:84:C8:FE:7B
X509v3 Authority Key Identifier:
keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/2NRhUoOn6VHSo_OaIDeEZITI_ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:e6:00:d6:a0:2b:71:9a:47:09:89:66:27:24:4d:98:af:a1:
c3:f6:f1:c5:f7:16:22:0b:7f:a4:71:5a:a1:a6:00:ed:e2:5f:
02:f6:f1:e8:83:a5:5b:79:7d:0d:3e:67:64:02:ea:a7:cb:c6:
8b:da:ef:8d:60:5b:2d:55:c3:96:97:1d:9e:11:ae:68:bc:f5:
7d:af:64:00:42:c5:c1:26:88:ae:0c:2c:66:ef:61:22:e2:ab:
97:84:12:d5:44:95:97:78:14:2e:2e:22:42:6f:05:99:d0:83:
3b:d2:7e:6d:92:12:65:3e:cd:bb:65:bd:78:a8:ab:2f:aa:48:
64:ea:06:03:3c:ab:4e:96:6b:b7:cb:10:da:ee:32:46:67:bb:
4c:bc:95:28:ed:40:77:62:72:26:43:f2:e6:cf:00:54:5e:1c:
fb:0e:f0:21:b6:ce:26:a4:9a:43:aa:4f:1e:14:73:4e:9a:fc:
f5:05:d3:23:62:e0:57:ef:ab:e6:6a:f1:6c:48:5b:07:ca:73:
29:ca:bd:7c:bb:4c:cb:8c:ce:63:fd:43:c0:0e:ef:81:4b:e4:
38:b0:06:93:de:74:cb:58:ef:eb:fb:78:d7:f7:04:47:82:ff:
df:0c:ce:00:32:59:4b:75:18:13:f7:f1:1d:f2:cb:30:31:b8:
11:87:90:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw/TJ11e9DNhYOzZNkQR69wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjMxMjA2MTMyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ0NjE1MjgzYTdlOTUxZDJhM2YzOWEyMDM3ODQ2NDg0YzhmZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRSjz946Q0VKsA/wrnjxjqg7pUOy
wCLiv3wvg6M8nMXp7na0pXUiiGYBktxHhG2gkCLKAveL69X6TdxJ4Xp2riw4h+8A
/ygWiVqFIs2d0JpXuqgti/E9LPSxVx7KMcXLjz5s88TSN5M1YCRAiU/ZV/xXi53L
VdLby9NjACZLr1Fd+l7jgM2te94vt0JtJuyFOdA9qPf086lninPnsDy5SiTcRnTi
K75qzr30fXUzxOxfp5JAU9pyDBdkSFBZQ7QF7pzBfZgEmKj9kSCK111SEDLGA2x/
Lh3fZZfWboChAz+QoJ1g6zayMkIdeZ8H+rDKcMWUGMkjfDH6C4YTOgjM/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjUYVKDp+lR0qPzmiA3hGSEyP57MB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvMk5SaFVvT242VkhTb19PYUlEZUVaSVRJX25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXPZYMA0G
CSqGSIb3DQEBCwUAA4IBAQCs5gDWoCtxmkcJiWYnJE2Yr6HD9vHF9xYiC3+kcVqh
pgDt4l8C9vHog6VbeX0NPmdkAuqny8aL2u+NYFstVcOWlx2eEa5ovPV9r2QAQsXB
JoiuDCxm72Ei4quXhBLVRJWXeBQuLiJCbwWZ0IM70n5tkhJlPs27Zb14qKsvqkhk
6gYDPKtOlmu3yxDa7jJGZ7tMvJUo7UB3YnImQ/LmzwBUXhz7DvAhts4mpJpDqk8e
FHNOmvz1BdMjYuBX76vmavFsSFsHynMpyr18u0zLjM5j/UPADu+BS+Q4sAaT3nTL
WO/r+3jX9wRHgv/fDM4AMllLdRgT9/Ed8sswMbgRh5Ci
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:55 2024 by rpki-client on console-fra.rpki-client.org