Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/NPdTvWkyBWCbqdFQLSC2HuxJ9ug.roa
File: NPdTvWkyBWCbqdFQLSC2HuxJ9ug.roa (raw, json)
Hash identifier: Auzqje4dK9nC8dK4x/ijXBfCeEV/OsUT1axBjdCiJp8=
Subject key identifier: 34:F7:53:BD:69:32:05:60:9B:A9:D1:50:2D:20:B6:1E:EC:49:F6:E8
Certificate issuer: /CN=0cdc07fda6f4d55b7c8182c929a3c4ac3c0a82fd
Certificate serial: 018572CCB2F227BEC222A6C8EE9E6B321E92
Authority key identifier: 0C:DC:07:FD:A6:F4:D5:5B:7C:81:82:C9:29:A3:C4:AC:3C:0A:82:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNwH_ab01Vt8gYLJKaPErDwKgv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/NPdTvWkyBWCbqdFQLSC2HuxJ9ug.roa
Signing time: Mon 02 Jan 2023 14:04:55 +0000
ROA not before: Mon 02 Jan 2023 14:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199666
IP address blocks: 185.127.220.0/23 maxlen: 23
185.127.222.0/23 maxlen: 23
146.247.64.0/22 maxlen: 22
146.247.64.0/24 maxlen: 24
146.247.66.0/24 maxlen: 24
146.247.67.0/24 maxlen: 24
146.247.68.0/23 maxlen: 23
146.247.68.0/24 maxlen: 24
146.247.69.0/24 maxlen: 24
146.247.70.0/24 maxlen: 24
146.247.70.0/23 maxlen: 23
146.247.65.0/24 maxlen: 24
2a05:9dc0:ffff::/48 maxlen: 48
2a05:9dc0::/48 maxlen: 48
2a05:9dc0:420::/48 maxlen: 48
2a05:9dc0:410::/48 maxlen: 48
2a05:9dc0:400::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b2:f2:27:be:c2:22:a6:c8:ee:9e:6b:32:1e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cdc07fda6f4d55b7c8182c929a3c4ac3c0a82fd
Validity
Not Before: Jan 2 14:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f753bd693205609ba9d1502d20b61eec49f6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f1:7e:b8:54:0f:6d:bc:43:f5:85:cb:78:a8:
8d:e3:9d:df:4b:ae:af:97:7f:73:6c:13:c2:03:d0:
0c:26:c2:c8:8d:6a:f5:64:5a:9f:90:f4:e4:0e:89:
1b:ba:f4:4b:e3:e6:e3:9d:8a:f0:bd:ec:6a:6f:17:
be:ac:9e:e1:67:76:09:4e:25:fb:a0:53:77:9d:ff:
78:82:30:f8:f7:0e:07:1f:41:8c:10:28:c0:52:98:
3f:06:ca:9c:a8:16:80:c3:f1:7b:80:96:62:c4:62:
99:08:42:75:69:bc:30:d8:7f:3f:93:a4:44:77:33:
31:43:5f:1e:a5:eb:8a:c6:fb:1f:ab:db:27:7c:d6:
f9:c7:bc:76:0d:0e:b6:a3:59:de:7b:4c:5f:c8:e9:
3a:b1:95:16:f4:4d:64:42:53:2e:eb:fc:df:65:11:
b8:2c:d4:dc:0e:83:9c:37:3d:72:01:db:97:42:f0:
5c:d4:50:6a:ad:88:3b:68:84:72:69:c1:d5:58:e1:
93:aa:26:d9:10:73:9c:3c:ec:23:df:83:1c:53:86:
67:3b:39:ba:8e:36:45:d8:39:15:e3:eb:23:2f:90:
46:76:28:f0:1b:c5:77:55:3e:14:81:76:91:d1:2a:
cc:f1:8b:b6:90:61:3f:75:a6:86:a3:02:a1:aa:39:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F7:53:BD:69:32:05:60:9B:A9:D1:50:2D:20:B6:1E:EC:49:F6:E8
X509v3 Authority Key Identifier:
keyid:0C:DC:07:FD:A6:F4:D5:5B:7C:81:82:C9:29:A3:C4:AC:3C:0A:82:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNwH_ab01Vt8gYLJKaPErDwKgv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/NPdTvWkyBWCbqdFQLSC2HuxJ9ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ff1078-d196-46a5-a741-ed31e43f1e08/1/DNwH_ab01Vt8gYLJKaPErDwKgv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.64.0/21
185.127.220.0/22
IPv6:
2a05:9dc0::/48
2a05:9dc0:400::/48
2a05:9dc0:410::/48
2a05:9dc0:420::/48
2a05:9dc0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
62:6f:72:e1:5a:a3:28:28:40:fa:71:0e:84:df:95:17:b0:e3:
ed:e7:86:8f:62:ec:0d:af:41:4c:f4:cb:3e:8f:25:08:5f:25:
44:0d:fb:53:26:ca:a6:be:79:42:bd:fb:f0:8e:2c:fc:0e:be:
66:5d:8f:df:24:97:46:52:4b:85:0c:2b:f4:a2:16:b9:04:6d:
e1:94:73:0e:6e:6d:09:65:df:0c:0a:57:c7:80:29:f3:d9:58:
aa:ac:13:6b:0e:f9:61:ed:b4:2b:9c:cd:01:dd:38:3f:6b:ee:
41:dd:0b:e5:df:22:b5:da:36:f8:cc:93:55:62:d6:69:2f:5c:
e2:b0:19:18:36:46:2c:96:4a:d0:4f:30:bf:7f:5a:04:fd:1c:
cf:be:3c:ee:a9:88:dc:35:f0:a9:1b:d5:bc:2a:83:af:c4:82:
84:65:54:b4:bf:51:5a:9a:8a:75:54:7e:b9:4c:5c:42:3b:37:
0e:53:6f:69:ee:38:dc:36:57:f1:d1:5e:49:0e:99:db:85:c0:
a0:3e:70:a4:49:4f:9f:ba:b7:44:93:98:9a:c0:49:b1:f8:5b:
5a:34:f8:43:7f:4f:26:5f:3c:e1:6f:16:47:d2:10:47:6f:41:
7e:84:bf:a6:f8:af:91:13:c8:4f:49:c0:3b:b1:5a:44:90:bc:
4e:de:ed:90
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVyzLLyJ77CIqbI7p5rMh6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZGMwN2ZkYTZmNGQ1NWI3YzgxODJjOTI5YTNjNGFjM2Mw
YTgyZmQwHhcNMjMwMTAyMTQwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY3NTNiZDY5MzIwNTYwOWJhOWQxNTAyZDIwYjYxZWVjNDlmNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovF+uFQPbbxD9YXLeKiN453fS66v
l39zbBPCA9AMJsLIjWr1ZFqfkPTkDokbuvRL4+bjnYrwvexqbxe+rJ7hZ3YJTiX7
oFN3nf94gjD49w4HH0GMECjAUpg/BsqcqBaAw/F7gJZixGKZCEJ1abww2H8/k6RE
dzMxQ18epeuKxvsfq9snfNb5x7x2DQ62o1nee0xfyOk6sZUW9E1kQlMu6/zfZRG4
LNTcDoOcNz1yAduXQvBc1FBqrYg7aIRyacHVWOGTqibZEHOcPOwj34McU4ZnOzm6
jjZF2DkV4+sjL5BGdijwG8V3VT4UgXaR0SrM8Yu2kGE/daaGowKhqjk6GwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFDT3U71pMgVgm6nRUC0gth7sSfboMB8GA1UdIwQY
MBaAFAzcB/2m9NVbfIGCySmjxKw8CoL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE53SF9hYjAxVnQ4Z1lMSkthUEVyRHdLZ3YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9mZjEwNzgtZDE5Ni00NmE1LWE3NDEt
ZWQzMWU0M2YxZTA4LzEvTlBkVHZXa3lCV0NicWRGUUxTQzJIdXhKOXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9mZjEwNzgtZDE5Ni00NmE1LWE3NDEtZWQzMWU0M2YxZTA4
LzEvRE53SF9hYjAxVnQ4Z1lMSkthUEVyRHdLZ3YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQDkvdAAwQC
uX/cMDMEAgACMC0DBwAqBZ3AAAADBwAqBZ3ABAADBwAqBZ3ABBADBwAqBZ3ABCAD
BwAqBZ3A//8wDQYJKoZIhvcNAQELBQADggEBAGJvcuFaoygoQPpxDoTflRew4+3n
ho9i7A2vQUz0yz6PJQhfJUQN+1Mmyqa+eUK9+/COLPwOvmZdj98kl0ZSS4UMK/Si
FrkEbeGUcw5ubQll3wwKV8eAKfPZWKqsE2sO+WHttCuczQHdOD9r7kHdC+XfIrXa
NvjMk1Vi1mkvXOKwGRg2RiyWStBPML9/WgT9HM++PO6piNw18Kkb1bwqg6/EgoRl
VLS/UVqainVUfrlMXEI7Nw5Tb2nuONw2V/HRXkkOmduFwKA+cKRJT5+6t0STmJrA
SbH4W1o0+EN/TyZfPOFvFkfSEEdvQX6Ev6b4r5ETyE9JwDuxWkSQvE7e7ZA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:17 2024 by rpki-client on console-fra.rpki-client.org