Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NSK3PPE-vHaU2BiJM6bn-oV2d1k.roa
File: NSK3PPE-vHaU2BiJM6bn-oV2d1k.roa (raw, json)
Hash identifier: dwbC0yw0nhD99Im/neW/c/+0QRbv0hard1VLGVvSjQw=
Subject key identifier: 35:22:B7:3C:F1:3E:BC:76:94:D8:18:89:33:A6:E7:FA:85:76:77:59
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018D56A6F916AE3F64F472192FB69808B9F9
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NSK3PPE-vHaU2BiJM6bn-oV2d1k.roa
Signing time: Mon 29 Jan 2024 19:16:39 +0000
ROA not before: Mon 29 Jan 2024 19:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34358
IP address blocks: 89.34.107.0/24 maxlen: 24
89.35.204.0/24 maxlen: 24
176.223.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 11:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:a6:f9:16:ae:3f:64:f4:72:19:2f:b6:98:08:b9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 29 19:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3522b73cf13ebc7694d8188933a6e7fa85767759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:63:ca:de:1c:41:93:f5:d4:c0:05:68:0e:
49:96:0f:d4:ea:c1:c2:db:0d:b6:e9:48:c8:50:f0:
ed:32:0b:aa:57:62:7b:2f:53:95:b0:5f:e1:c8:d8:
f8:6e:29:51:47:e2:a8:78:a4:d6:c6:aa:d8:b2:fa:
ae:3c:53:da:17:11:0f:2a:9d:18:a7:b7:07:9e:c9:
57:d1:a0:da:41:28:18:2a:ff:cf:89:27:b5:02:59:
07:5a:a6:f7:4c:b2:04:b2:f9:3e:0f:01:a8:34:06:
ce:eb:17:a6:17:dd:27:93:d4:6c:4a:cc:7b:16:f6:
2b:aa:91:28:52:5d:7b:b7:a2:87:50:ad:60:0f:79:
0c:84:08:57:42:14:84:1b:d3:99:ff:8b:79:f8:0f:
fe:e6:cb:9b:14:0a:86:3c:41:60:f7:3b:0c:eb:59:
33:68:98:4c:98:f8:9c:63:2f:63:16:a7:47:40:5b:
ae:bb:4b:cb:da:e7:ec:6d:80:64:8b:03:26:27:2f:
40:7f:0b:07:aa:e9:b6:95:9f:53:40:1c:62:d4:0b:
e5:d2:78:24:51:e6:53:6f:5d:c0:f9:28:f1:1d:89:
7a:38:6d:c6:ca:9e:b2:97:5b:84:65:52:b3:91:da:
4e:c8:97:22:21:7b:14:08:23:15:c3:9f:2f:50:8a:
27:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:22:B7:3C:F1:3E:BC:76:94:D8:18:89:33:A6:E7:FA:85:76:77:59
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NSK3PPE-vHaU2BiJM6bn-oV2d1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.107.0/24
89.35.204.0/24
176.223.166.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:46:d7:4c:aa:9a:9d:63:d2:7e:57:d9:df:a4:6b:51:5d:5e:
e6:62:ba:90:ca:e9:1a:48:58:89:63:3c:26:46:c4:65:da:db:
60:7a:69:38:b3:4b:32:ad:42:87:fa:34:86:98:56:ad:a5:57:
c7:b8:eb:25:54:c4:c3:c6:de:81:e2:25:96:3a:c3:34:45:45:
be:59:77:80:23:7d:a7:07:8d:0b:d2:70:3c:c2:5a:e1:85:e8:
d6:da:de:e3:a4:60:db:21:20:e1:c7:bd:99:94:ee:e7:f7:d4:
fd:8f:da:c3:ff:91:7f:c0:ad:83:cd:bb:59:39:f8:a2:31:68:
e0:f6:24:c4:49:0c:ed:76:30:dd:8f:e8:c7:92:98:6d:63:d6:
c7:e8:06:b0:48:31:46:67:8b:ca:cb:a0:4f:fd:d7:3a:da:48:
31:aa:5f:d3:4d:7b:2c:46:3d:5e:45:0a:de:f0:45:2e:37:f3:
d5:05:1b:1f:5f:fa:37:9d:ce:9b:74:42:86:28:11:1b:86:a7:
5a:a1:56:f2:9b:88:53:ab:a7:88:12:08:78:79:00:1f:5d:f7:
3a:7e:37:aa:d9:04:47:b7:89:8e:9a:6b:48:19:a6:f5:bf:26:
00:8f:b8:0b:60:8d:66:9c:65:80:25:0f:1d:a3:a5:6b:f4:7c:
7f:da:f6:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1WpvkWrj9k9HIZL7aYCLn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTI5MTkxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIyYjczY2YxM2ViYzc2OTRkODE4ODkzM2E2ZTdmYTg1NzY3NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDBjyt4cQZP11MAFaA5Jlg/U6sHC
2w226UjIUPDtMguqV2J7L1OVsF/hyNj4bilRR+KoeKTWxqrYsvquPFPaFxEPKp0Y
p7cHnslX0aDaQSgYKv/PiSe1AlkHWqb3TLIEsvk+DwGoNAbO6xemF90nk9RsSsx7
FvYrqpEoUl17t6KHUK1gD3kMhAhXQhSEG9OZ/4t5+A/+5subFAqGPEFg9zsM61kz
aJhMmPicYy9jFqdHQFuuu0vL2ufsbYBkiwMmJy9AfwsHqum2lZ9TQBxi1Avl0ngk
UeZTb13A+SjxHYl6OG3Gyp6yl1uEZVKzkdpOyJciIXsUCCMVw58vUIon0wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDUitzzxPrx2lNgYiTOm5/qFdndZMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL05TSzNQUEUtdkhhVTJCaUpNNmJuLW9WMmQxay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABZImsD
BABZI8wDBACw36YwDQYJKoZIhvcNAQELBQADggEBAEpG10yqmp1j0n5X2d+ka1Fd
XuZiupDK6RpIWIljPCZGxGXa22B6aTizSzKtQof6NIaYVq2lV8e46yVUxMPG3oHi
JZY6wzRFRb5Zd4AjfacHjQvScDzCWuGF6Nba3uOkYNshIOHHvZmU7uf31P2P2sP/
kX/ArYPNu1k5+KIxaOD2JMRJDO12MN2P6MeSmG1j1sfoBrBIMUZni8rLoE/91zra
SDGqX9NNeyxGPV5FCt7wRS4389UFGx9f+jedzpt0QoYoERuGp1qhVvKbiFOrp4gS
CHh5AB9d9zp+N6rZBEe3iY6aa0gZpvW/JgCPuAtgjWacZYAlDx2jpWv0fH/a9ro=
-----END CERTIFICATE-----
Generated at Fri Apr 19 15:26:31 2024 by rpki-client on console-ams.rpki-client.org