Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/NbwKArbT4S63UM5r39iNxNVt4-s.roa
File: NbwKArbT4S63UM5r39iNxNVt4-s.roa (raw, json)
Hash identifier: Z2ZjsU93IudzBbymvEN8grdOYHbnnF48yVyB3MzxzN4=
Subject key identifier: 35:BC:0A:02:B6:D3:E1:2E:B7:50:CE:6B:DF:D8:8D:C4:D5:6D:E3:EB
Certificate issuer: /CN=e684b451793f62418617bc934f5e82513fc36a89
Certificate serial: 018570B09C07AA1FD6E1F3E95B0DE276E723
Authority key identifier: E6:84:B4:51:79:3F:62:41:86:17:BC:93:4F:5E:82:51:3F:C3:6A:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oS0UXk_YkGGF7yTT16CUT_Daok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/NbwKArbT4S63UM5r39iNxNVt4-s.roa
Signing time: Mon 02 Jan 2023 04:15:00 +0000
ROA not before: Mon 02 Jan 2023 04:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204734
IP address blocks: 185.205.20.0/22 maxlen: 22
2a0c:1400::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:9c:07:aa:1f:d6:e1:f3:e9:5b:0d:e2:76:e7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e684b451793f62418617bc934f5e82513fc36a89
Validity
Not Before: Jan 2 04:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35bc0a02b6d3e12eb750ce6bdfd88dc4d56de3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:14:a8:8d:86:a0:0b:8b:13:f2:35:9d:3b:0c:
4c:43:90:36:30:7a:f7:1c:2b:61:a4:42:ed:f4:2d:
35:96:34:19:7b:71:31:0a:71:b8:69:37:97:79:c3:
1f:1c:f7:f7:09:fb:8f:df:9b:e4:56:bb:d3:01:4f:
aa:a7:82:8c:19:d2:98:a0:a4:f4:58:26:79:c4:8a:
0e:67:f0:76:f3:99:c3:9f:de:eb:ce:17:10:bd:9d:
e0:4d:92:a5:ae:67:a5:9e:fa:50:b9:d9:a0:e4:0e:
d5:3b:c4:09:8e:49:c0:eb:d3:94:cd:9a:6d:2b:ef:
11:71:a0:a0:a4:78:8a:10:11:62:c8:cc:67:56:a1:
1e:70:f1:24:36:24:6e:a3:d8:6f:35:e1:b4:6b:6e:
d7:41:aa:68:9a:f0:fb:c0:b6:1e:59:ef:9a:83:5b:
9c:8a:70:d5:f7:08:a6:1b:b4:ca:b3:56:66:d3:ac:
2b:97:db:5d:26:e7:7f:0b:22:1a:2d:b7:ee:19:8e:
a0:13:96:b1:ec:f4:54:a3:f0:15:0d:9b:f0:8d:53:
47:d5:2e:1b:99:db:da:ec:10:60:d9:96:94:da:3c:
f7:29:b4:06:e8:0b:8d:03:24:f3:53:ab:70:8a:bb:
5c:7c:33:a4:9b:06:6f:96:f8:b5:6c:83:a4:b6:ca:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BC:0A:02:B6:D3:E1:2E:B7:50:CE:6B:DF:D8:8D:C4:D5:6D:E3:EB
X509v3 Authority Key Identifier:
keyid:E6:84:B4:51:79:3F:62:41:86:17:BC:93:4F:5E:82:51:3F:C3:6A:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oS0UXk_YkGGF7yTT16CUT_Daok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/NbwKArbT4S63UM5r39iNxNVt4-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/5oS0UXk_YkGGF7yTT16CUT_Daok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.20.0/22
IPv6:
2a0c:1400::/29
Signature Algorithm: sha256WithRSAEncryption
5e:7c:46:3e:20:2e:e8:92:e6:41:7d:df:17:3f:5e:91:fb:cc:
a3:17:fd:7d:b0:05:22:05:bc:ac:81:f8:fe:73:56:22:22:b2:
d3:0a:db:37:85:a0:08:69:21:77:18:e1:42:50:8e:8a:9d:83:
39:d8:15:71:55:e1:13:1f:f8:77:85:e6:37:dc:c1:40:8a:f4:
32:e8:b5:ad:b1:9c:f0:04:2e:59:5e:12:71:48:db:c2:5d:68:
2f:a1:21:2f:0f:34:59:78:01:dd:ff:b7:45:b0:34:70:e1:c5:
a8:4f:c5:29:84:6b:70:e6:4f:5c:0e:a1:d6:c0:14:7e:4b:d5:
1b:83:72:a1:66:77:9d:93:57:f9:8d:8e:2a:fd:1f:7b:41:9b:
a9:f1:31:af:52:63:53:b6:66:71:8a:17:5e:1e:ed:47:45:e5:
ed:ca:4e:3f:d3:e9:9f:91:19:f6:f8:22:f0:5b:f1:35:e5:0a:
ac:cb:0a:92:9d:67:88:b4:ad:7a:d4:32:a4:93:3e:62:73:ec:
5c:aa:c9:eb:be:78:63:fa:a5:69:93:ce:0c:05:79:67:d2:6a:
e9:84:5c:6b:4c:95:8b:15:6d:1c:8c:df:d6:ca:5a:7c:2e:d1:
ab:ba:24:35:24:85:d9:27:42:75:54:ef:f6:3e:f3:ca:ef:db:
67:00:ab:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsJwHqh/W4fPpWw3iducjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ODRiNDUxNzkzZjYyNDE4NjE3YmM5MzRmNWU4MjUxM2Zj
MzZhODkwHhcNMjMwMTAyMDQxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJjMGEwMmI2ZDNlMTJlYjc1MGNlNmJkZmQ4OGRjNGQ1NmRlM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBSojYagC4sT8jWdOwxMQ5A2MHr3
HCthpELt9C01ljQZe3ExCnG4aTeXecMfHPf3CfuP35vkVrvTAU+qp4KMGdKYoKT0
WCZ5xIoOZ/B285nDn97rzhcQvZ3gTZKlrmelnvpQudmg5A7VO8QJjknA69OUzZpt
K+8RcaCgpHiKEBFiyMxnVqEecPEkNiRuo9hvNeG0a27XQapomvD7wLYeWe+ag1uc
inDV9wimG7TKs1Zm06wrl9tdJud/CyIaLbfuGY6gE5ax7PRUo/AVDZvwjVNH1S4b
mdva7BBg2ZaU2jz3KbQG6AuNAyTzU6twirtcfDOkmwZvlvi1bIOktsobawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDW8CgK20+Eut1DOa9/YjcTVbePrMB8GA1UdIwQY
MBaAFOaEtFF5P2JBhhe8k09eglE/w2qJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW9TMFVYa19Za0dHRjd5VFQxNkNVVF9EYW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jNTRmMzItMjU4ZS00YmIzLWI4ZDUt
NzFiNzA5ZWY1ZjViLzEvTmJ3S0FyYlQ0UzYzVU01cjM5aU54TlZ0NC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jNTRmMzItMjU4ZS00YmIzLWI4ZDUtNzFiNzA5ZWY1ZjVi
LzEvNW9TMFVYa19Za0dHRjd5VFQxNkNVVF9EYW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc0UMA0E
AgACMAcDBQMqDBQAMA0GCSqGSIb3DQEBCwUAA4IBAQBefEY+IC7okuZBfd8XP16R
+8yjF/19sAUiBbysgfj+c1YiIrLTCts3haAIaSF3GOFCUI6KnYM52BVxVeETH/h3
heY33MFAivQy6LWtsZzwBC5ZXhJxSNvCXWgvoSEvDzRZeAHd/7dFsDRw4cWoT8Up
hGtw5k9cDqHWwBR+S9Ubg3KhZnedk1f5jY4q/R97QZup8TGvUmNTtmZxihdeHu1H
ReXtyk4/0+mfkRn2+CLwW/E15QqsywqSnWeItK161DKkkz5ic+xcqsnrvnhj+qVp
k84MBXln0mrphFxrTJWLFW0cjN/Wylp8LtGruiQ1JIXZJ0J1VO/2PvPK79tnAKsY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:58 2024 by rpki-client on console-fra.rpki-client.org