Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/NvZH3SJ62uZ7gIAeRcczYFVcVDM.roa
File: NvZH3SJ62uZ7gIAeRcczYFVcVDM.roa (raw, json)
Hash identifier: +Dx3Xm3Ai+Z8aQEUWWtFPpbIFFoU99aL9JpAJBNCR84=
Subject key identifier: 36:F6:47:DD:22:7A:DA:E6:7B:80:80:1E:45:C7:33:60:55:5C:54:33
Certificate issuer: /CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Certificate serial: 01856FA71FAE10527241DDC34FCEEC6FE407
Authority key identifier: 3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/NvZH3SJ62uZ7gIAeRcczYFVcVDM.roa
Signing time: Sun 01 Jan 2023 23:25:01 +0000
ROA not before: Sun 01 Jan 2023 23:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41865
IP address blocks: 94.158.136.0/21 maxlen: 21
193.34.0.0/23 maxlen: 23
193.34.0.0/22 maxlen: 22
193.34.2.0/23 maxlen: 23
94.158.128.0/20 maxlen: 20
94.158.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:1f:ae:10:52:72:41:dd:c3:4f:ce:ec:6f:e4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Validity
Not Before: Jan 1 23:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36f647dd227adae67b80801e45c73360555c5433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:00:ba:09:3a:d7:19:a3:a1:b5:94:99:af:b3:
3c:a4:71:3e:8d:83:2c:07:41:ee:e2:b4:4e:f3:5e:
e6:fb:f8:1f:d6:91:8f:0a:04:7e:aa:6b:77:ac:b9:
8f:5b:8d:61:65:37:2d:ad:2d:de:d0:1f:94:89:87:
dc:8e:45:c8:f1:9c:a0:47:b2:8d:e5:8c:46:af:44:
c4:06:54:cc:7b:fd:01:54:57:75:6a:d4:08:98:b0:
c6:d1:91:ba:0e:0b:d2:8e:40:99:11:45:5a:04:32:
c8:06:83:79:94:b8:43:80:a6:36:1c:ec:0c:54:a6:
c5:de:50:e2:86:74:8e:cc:4d:73:4c:40:58:a6:b5:
a4:d5:36:50:02:89:10:af:f6:31:30:8b:b9:cb:5e:
97:f3:c3:a9:a5:75:7d:93:61:05:cb:dd:1d:b1:b3:
e5:31:67:f4:39:bd:ce:05:5b:3f:19:e9:08:bb:92:
a4:08:e6:d0:42:a0:06:c0:2b:d8:0d:1b:15:f4:47:
a7:ad:1d:2e:a0:a1:fe:96:78:9d:09:75:ad:63:23:
0f:6a:3d:e2:04:c7:03:ec:21:5b:43:96:ef:fc:96:
5c:33:80:97:84:df:10:70:a0:47:3a:4e:ac:5a:f1:
54:86:98:3f:f8:ce:a7:f5:16:00:dd:d9:51:18:f2:
65:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F6:47:DD:22:7A:DA:E6:7B:80:80:1E:45:C7:33:60:55:5C:54:33
X509v3 Authority Key Identifier:
keyid:3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/NvZH3SJ62uZ7gIAeRcczYFVcVDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.128.0/20
193.34.0.0/22
Signature Algorithm: sha256WithRSAEncryption
86:b8:4a:c5:d9:a3:d8:7f:d8:28:ea:eb:95:a8:75:4f:7d:27:
26:a6:f6:1b:38:f2:10:ec:b8:84:af:fc:00:f0:a9:f8:92:82:
40:c2:43:8b:b2:18:37:23:61:88:2f:70:07:30:d8:d3:8e:4a:
7b:7d:25:1f:51:0c:15:62:b8:ef:50:53:42:3e:d5:4b:5e:38:
72:37:68:bb:c2:dd:c6:0e:02:02:5a:2d:48:eb:47:93:5c:1d:
22:8c:8d:bb:ae:e1:d8:4e:6a:bd:9d:7e:dd:15:0c:97:8a:87:
f6:d5:19:52:a9:96:61:f1:67:f2:eb:f0:db:04:a7:ee:9c:d0:
58:61:ca:56:29:e6:fd:42:a0:24:e9:a0:fc:65:d6:e0:56:2e:
40:39:1a:89:06:b1:01:ea:ff:d1:62:84:9f:ef:7c:6d:3c:76:
d6:bc:3c:7a:1f:7b:15:b1:d0:5c:f2:fc:29:dd:08:5e:e7:7d:
a8:28:41:2e:ed:d6:0b:8d:7a:91:6d:f3:24:bb:81:f5:b4:58:
57:f9:e9:5c:67:08:9a:3b:cd:0a:50:39:19:55:7b:c1:98:f3:
c7:2a:73:f0:c1:48:de:14:9b:3b:bd:ea:1a:82:eb:94:ef:05:
b3:a0:79:51:d4:a6:44:73:21:fe:0d:b9:b9:29:8a:a1:36:25:
84:a5:dd:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvpx+uEFJyQd3DT87sb+QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOTMxZjI2NWE4NDcxZDMyY2U4NDQ5ZDllMTg2ZjBkYzcx
MTRhN2EwHhcNMjMwMTAxMjMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmY2NDdkZDIyN2FkYWU2N2I4MDgwMWU0NWM3MzM2MDU1NWM1NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wC6CTrXGaOhtZSZr7M8pHE+jYMs
B0Hu4rRO817m+/gf1pGPCgR+qmt3rLmPW41hZTctrS3e0B+UiYfcjkXI8ZygR7KN
5YxGr0TEBlTMe/0BVFd1atQImLDG0ZG6DgvSjkCZEUVaBDLIBoN5lLhDgKY2HOwM
VKbF3lDihnSOzE1zTEBYprWk1TZQAokQr/YxMIu5y16X88OppXV9k2EFy90dsbPl
MWf0Ob3OBVs/GekIu5KkCObQQqAGwCvYDRsV9EenrR0uoKH+lnidCXWtYyMPaj3i
BMcD7CFbQ5bv/JZcM4CXhN8QcKBHOk6sWvFUhpg/+M6n9RYA3dlRGPJlhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDb2R90ietrme4CAHkXHM2BVXFQzMB8GA1UdIwQY
MBaAFDyTHyZahHHTLOhEnZ4Ybw3HEUp6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEt
NWUwMDI2MzAzNjI5LzEvTnZaSDNTSjYydVo3Z0lBZVJjY3pZRlZjVkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEtNWUwMDI2MzAzNjI5
LzEvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXp6AAwQC
wSIAMA0GCSqGSIb3DQEBCwUAA4IBAQCGuErF2aPYf9go6uuVqHVPfScmpvYbOPIQ
7LiEr/wA8Kn4koJAwkOLshg3I2GIL3AHMNjTjkp7fSUfUQwVYrjvUFNCPtVLXjhy
N2i7wt3GDgICWi1I60eTXB0ijI27ruHYTmq9nX7dFQyXiof21RlSqZZh8Wfy6/Db
BKfunNBYYcpWKeb9QqAk6aD8ZdbgVi5AORqJBrEB6v/RYoSf73xtPHbWvDx6H3sV
sdBc8vwp3Qhe532oKEEu7dYLjXqRbfMku4H1tFhX+elcZwiaO80KUDkZVXvBmPPH
KnPwwUjeFJs7veoaguuU7wWzoHlR1KZEcyH+Dbm5KYqhNiWEpd2f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:30 2024 by rpki-client on console-ams.rpki-client.org