Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nCBJq846fj5st3xUGRezIqBlenU.roa
File: nCBJq846fj5st3xUGRezIqBlenU.roa (raw, json)
Hash identifier: K87x1NeZkRbSLx0Vxi2ziID4nJ+KXQZGBdKhjW5Sb2k=
Subject key identifier: 9C:20:49:AB:CE:3A:7E:3E:6C:B7:7C:54:19:17:B3:22:A0:65:7A:75
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188711528B69F9DCFB855EC2B7DDF2E2DEF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nCBJq846fj5st3xUGRezIqBlenU.roa
Signing time: Wed 31 May 2023 09:13:12 +0000
ROA not before: Wed 31 May 2023 09:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.34.80.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 10:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:15:28:b6:9f:9d:cf:b8:55:ec:2b:7d:df:2e:2d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 31 09:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c2049abce3a7e3e6cb77c541917b322a0657a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:92:28:f5:53:be:69:00:d0:64:3b:dd:20:e7:
0b:8a:d0:aa:b4:dc:14:fc:44:da:bb:86:1e:d2:48:
3f:12:17:d3:65:75:97:d8:c5:d2:91:59:74:b4:27:
54:10:7a:c0:c9:56:34:e9:20:41:98:9e:95:78:ee:
3b:6f:83:1d:f5:43:8b:a0:eb:7d:71:62:55:dc:4e:
d5:c2:26:e9:a4:e6:75:73:ff:b4:f8:2b:cf:31:15:
7e:d3:f9:bf:52:c7:cf:88:3e:21:ea:ff:02:08:43:
54:e8:94:ec:1d:a1:2a:78:ec:db:1c:3e:d1:b8:cf:
51:da:e0:3b:7a:80:b3:40:11:c3:e1:80:91:65:f2:
c2:a1:75:c5:f4:68:9a:8a:98:ce:4b:97:d8:13:c6:
45:63:1b:7c:17:be:55:5c:2e:25:67:6e:56:5a:06:
c5:55:e0:88:f2:15:b9:38:80:d4:fe:f5:d6:f5:ad:
ba:5c:17:c7:fa:d7:e3:d8:70:6c:03:a1:51:ce:f6:
7c:ea:ee:2b:72:56:27:50:a8:ca:3c:87:9f:59:a6:
37:02:83:c1:4b:5c:89:bb:f0:84:95:00:4f:01:f1:
7c:a3:ff:dc:e8:c6:58:08:1b:1f:aa:7f:d0:a5:ba:
56:c9:8b:a3:b4:35:c0:ab:7a:03:ec:3c:d8:5c:2f:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:20:49:AB:CE:3A:7E:3E:6C:B7:7C:54:19:17:B3:22:A0:65:7A:75
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nCBJq846fj5st3xUGRezIqBlenU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
82.163.224.0/22
92.114.40.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
29:a5:c9:38:ca:8c:ae:5d:04:5c:07:67:8e:4b:a8:c9:ea:08:
01:dc:fe:0b:cc:32:5e:81:e7:b0:9c:9b:2f:53:6a:f0:76:af:
fe:fe:04:ec:74:60:33:dc:13:ae:9f:ad:2e:44:79:5c:d5:ac:
4f:05:79:b5:08:44:2d:8e:1c:77:69:16:ee:fd:58:d0:a8:43:
56:c0:9f:91:20:4a:b3:df:56:25:fe:15:3a:d1:ce:49:8d:e8:
4b:82:6b:35:8e:c5:54:80:22:92:5a:1e:78:9b:c4:c2:09:b8:
db:26:74:2c:30:55:d9:7b:d4:3f:2e:61:f4:3c:3a:73:b1:f8:
9f:a9:89:84:6b:00:a5:83:78:93:bc:fa:70:d6:52:68:84:79:
89:42:00:c8:82:3b:5d:fc:ac:0b:32:26:62:da:ef:24:56:49:
cf:7f:e2:2b:bb:28:c1:e5:37:ea:84:e3:b7:26:50:ae:89:a9:
32:43:b4:71:a4:44:f3:75:2e:df:08:fd:12:b5:22:be:82:8b:
61:09:b4:0d:87:7d:6e:27:39:8f:7e:64:b7:fd:85:6c:ea:71:
50:cc:cb:af:12:45:7f:99:f9:97:1e:81:d0:de:5f:5a:d2:53:
44:30:3a:07:2f:98:c2:83:76:ec:fd:12:ee:a5:c3:42:13:35:
c2:40:a2:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhxFSi2n53PuFXsK33fLi3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNTMxMDkxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzIwNDlhYmNlM2E3ZTNlNmNiNzdjNTQxOTE3YjMyMmEwNjU3YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Io9VO+aQDQZDvdIOcLitCqtNwU
/ETau4Ye0kg/EhfTZXWX2MXSkVl0tCdUEHrAyVY06SBBmJ6VeO47b4Md9UOLoOt9
cWJV3E7VwibppOZ1c/+0+CvPMRV+0/m/UsfPiD4h6v8CCENU6JTsHaEqeOzbHD7R
uM9R2uA7eoCzQBHD4YCRZfLCoXXF9GiaipjOS5fYE8ZFYxt8F75VXC4lZ25WWgbF
VeCI8hW5OIDU/vXW9a26XBfH+tfj2HBsA6FRzvZ86u4rclYnUKjKPIefWaY3AoPB
S1yJu/CElQBPAfF8o//c6MZYCBsfqn/QpbpWyYujtDXAq3oD7DzYXC9R+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJwgSavOOn4+bLd8VBkXsyKgZXp1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbkNCSnE4NDZmajVzdDN4VUdSZXpJcUJsZW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJSJQAwQC
UqPgAwQCXHIoAwQCgv9AMA0GCSqGSIb3DQEBCwUAA4IBAQAppck4yoyuXQRcB2eO
S6jJ6ggB3P4LzDJegeewnJsvU2rwdq/+/gTsdGAz3BOun60uRHlc1axPBXm1CEQt
jhx3aRbu/VjQqENWwJ+RIEqz31Yl/hU60c5JjehLgms1jsVUgCKSWh54m8TCCbjb
JnQsMFXZe9Q/LmH0PDpzsfifqYmEawClg3iTvPpw1lJohHmJQgDIgjtd/KwLMiZi
2u8kVknPf+IruyjB5TfqhOO3JlCuiakyQ7RxpETzdS7fCP0StSK+gothCbQNh31u
JzmPfmS3/YVs6nFQzMuvEkV/mfmXHoHQ3l9a0lNEMDoHL5jCg3bs/RLupcNCEzXC
QKLp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org