Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nNAGKPcQRpTQqwWbYkf4iY35ZgI.roa
File: nNAGKPcQRpTQqwWbYkf4iY35ZgI.roa (raw, json)
Hash identifier: /nxJwsileE97GA/osIcRtQbzKR1wvTRH3cfcjqvXOwQ=
Subject key identifier: 9C:D0:06:28:F7:10:46:94:D0:AB:05:9B:62:47:F8:89:8D:F9:66:02
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01899680BFAC041FF311E75EACD1AC0517D9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nNAGKPcQRpTQqwWbYkf4iY35ZgI.roa
Signing time: Thu 27 Jul 2023 08:39:27 +0000
ROA not before: Thu 27 Jul 2023 08:39:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 37.34.88.0/21 maxlen: 24
82.163.104.0/21 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 14:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:80:bf:ac:04:1f:f3:11:e7:5e:ac:d1:ac:05:17:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 27 08:39:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd00628f7104694d0ab059b6247f8898df96602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:62:10:db:10:ae:76:43:aa:83:7a:02:cf:cd:
fb:68:21:0d:69:81:1a:0d:8e:bc:fc:84:d2:4f:b3:
9a:0b:60:7c:cb:c0:f5:f0:d2:89:f4:4d:80:f6:e1:
95:ae:58:9c:e1:8e:09:3b:21:1a:cf:6b:54:70:b6:
e9:00:94:a7:33:a9:e3:f3:d4:8b:fd:da:b1:40:e8:
b5:91:d2:3d:3c:fe:58:06:dd:12:68:5c:15:45:f1:
3c:54:20:95:78:6b:a6:16:2e:9e:16:4c:9d:e0:eb:
54:3f:70:2e:4d:70:57:3d:d9:ad:18:8e:5d:93:4f:
42:33:1a:fc:49:bc:40:99:36:1b:6c:d2:a6:ac:ed:
39:c2:a7:0f:0d:fa:49:2c:d6:03:71:f9:6b:79:02:
d8:38:af:a3:13:e5:da:f4:04:12:71:04:85:dc:63:
08:87:82:87:d5:c1:9f:51:85:39:16:77:05:2a:a7:
6e:e5:ed:8b:4f:35:70:9e:88:4f:58:2e:b1:25:23:
08:60:8f:ea:f8:64:05:ab:9d:ff:e6:f7:af:9b:9d:
33:52:36:95:5d:d9:55:b2:6d:27:9c:af:2c:21:ea:
0c:21:d8:e4:ea:91:12:0a:ab:ea:39:43:ae:dd:38:
70:1d:a7:cc:d1:e0:2f:28:d4:4a:ee:34:7f:15:b4:
0e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D0:06:28:F7:10:46:94:D0:AB:05:9B:62:47:F8:89:8D:F9:66:02
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nNAGKPcQRpTQqwWbYkf4iY35ZgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.88.0/21
46.20.210.0/23
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
29:9f:9e:69:ca:cf:b3:ba:5c:23:f8:0e:03:9e:a2:cf:d5:9e:
7b:24:1c:95:5f:b3:89:d9:4c:7b:b3:ed:8f:7b:c7:82:91:5e:
25:24:00:b8:64:3e:8f:59:ea:4b:fc:86:2e:83:80:7b:b3:c8:
d8:c3:ca:49:d0:fa:da:44:11:f6:e2:d9:10:9d:00:83:28:7e:
f1:e5:df:5c:cc:3e:85:88:1d:67:1a:21:03:74:7a:7d:eb:f4:
5c:36:6c:a7:c9:73:62:bc:3f:0b:66:61:05:d1:3e:be:20:17:
73:25:18:20:c1:28:7c:88:1d:17:ab:d6:56:dd:f6:0b:38:2a:
2b:72:4f:24:cb:e6:83:d7:34:54:04:97:fe:02:70:4d:4a:1d:
73:7e:38:e1:5c:38:08:f5:fc:89:21:d2:6f:75:4c:12:de:54:
cc:b3:2e:2a:ef:01:2f:14:5a:98:74:56:fd:e3:4c:f9:c2:bc:
1b:94:7f:88:9f:ae:d2:52:78:2d:9b:3c:8b:87:3d:1b:a4:d8:
b6:c1:8d:43:42:bf:65:fb:24:4b:f8:c3:82:1f:14:e7:18:fd:
aa:bf:07:69:a8:4e:08:14:ef:36:3f:11:cb:e3:ae:0c:8a:a7:
fe:62:c9:6c:80:a6:de:29:21:34:2c:ef:ab:e7:17:4d:94:0d:
f5:f6:3b:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmWgL+sBB/zEederNGsBRfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzI3MDgzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QwMDYyOGY3MTA0Njk0ZDBhYjA1OWI2MjQ3Zjg4OThkZjk2NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmIQ2xCudkOqg3oCz837aCENaYEa
DY68/ITST7OaC2B8y8D18NKJ9E2A9uGVrlic4Y4JOyEaz2tUcLbpAJSnM6nj89SL
/dqxQOi1kdI9PP5YBt0SaFwVRfE8VCCVeGumFi6eFkyd4OtUP3AuTXBXPdmtGI5d
k09CMxr8SbxAmTYbbNKmrO05wqcPDfpJLNYDcflreQLYOK+jE+Xa9AQScQSF3GMI
h4KH1cGfUYU5FncFKqdu5e2LTzVwnohPWC6xJSMIYI/q+GQFq53/5vevm50zUjaV
XdlVsm0nnK8sIeoMIdjk6pESCqvqOUOu3ThwHafM0eAvKNRK7jR/FbQORQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJzQBij3EEaU0KsFm2JH+ImN+WYCMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbk5BR0tQY1FScFRRcXdXYllrZjRpWTM1WmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJSJYAwQB
LhTSAwQDUqNoMA0GCSqGSIb3DQEBCwUAA4IBAQApn55pys+zulwj+A4DnqLP1Z57
JByVX7OJ2Ux7s+2Pe8eCkV4lJAC4ZD6PWepL/IYug4B7s8jYw8pJ0PraRBH24tkQ
nQCDKH7x5d9czD6FiB1nGiEDdHp96/RcNmynyXNivD8LZmEF0T6+IBdzJRggwSh8
iB0Xq9ZW3fYLOCorck8ky+aD1zRUBJf+AnBNSh1zfjjhXDgI9fyJIdJvdUwS3lTM
sy4q7wEvFFqYdFb940z5wrwblH+In67SUngtmzyLhz0bpNi2wY1DQr9l+yRL+MOC
HxTnGP2qvwdpqE4IFO82PxHL464Miqf+YslsgKbeKSE0LO+r5xdNlA319jsu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org