Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P_nnavr8ByO88d2EXgYG_4gpMZM.roa
File: P_nnavr8ByO88d2EXgYG_4gpMZM.roa (raw, json)
Hash identifier: q0iucvBukWRE3NKkor/BG4YMrPM3gJYfX3yyRzPDHGQ=
Subject key identifier: 3F:F9:E7:6A:FA:FC:07:23:BC:F1:DD:84:5E:06:06:FF:88:29:31:93
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01867A630D3E9947C8D3E21F9B90EF1E2812
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P_nnavr8ByO88d2EXgYG_4gpMZM.roa
Signing time: Wed 22 Feb 2023 18:29:17 +0000
ROA not before: Wed 22 Feb 2023 18:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 185.104.151.0/24 maxlen: 24
185.110.128.0/24 maxlen: 24
185.110.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 13:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:63:0d:3e:99:47:c8:d3:e2:1f:9b:90:ef:1e:28:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 22 18:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ff9e76afafc0723bcf1dd845e0606ff88293193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:79:25:9a:71:dd:2b:3c:10:83:b8:47:47:
ef:dd:ea:d7:95:7d:eb:8e:7e:05:78:dd:6c:1a:5d:
6f:78:f2:6e:5c:26:5a:bd:58:f1:1d:82:4a:a4:78:
20:c7:54:d9:5a:d1:bf:b3:42:e0:51:45:0b:93:4a:
a3:8b:74:9e:4b:2f:0e:ee:a4:ab:c2:6a:51:5d:ae:
44:90:e6:be:eb:d6:15:31:08:55:fd:fe:6e:94:24:
80:a2:48:f2:c5:99:47:fc:c2:1c:2b:12:bd:dc:6e:
04:f4:83:34:5c:21:72:c0:8a:5b:b7:92:26:5e:79:
a0:ef:c5:b8:40:88:77:26:00:91:fd:a0:d3:61:91:
fa:2e:17:36:a7:94:a9:e1:e6:87:9f:ca:f4:7a:43:
d1:f7:49:63:44:ac:03:01:f0:8a:65:1a:53:b6:44:
cc:60:e5:1d:0c:d4:7b:2b:10:ee:a3:ae:b9:b2:2d:
76:86:26:01:ef:44:69:60:26:eb:f5:2d:5a:4c:65:
3b:f3:4b:67:ac:57:b2:45:67:c8:fb:5b:2b:80:a6:
5e:dc:82:a9:39:26:5b:7e:fc:47:94:5c:6b:9c:0d:
93:7f:ad:56:f6:fd:95:aa:5f:b9:06:dc:04:5e:13:
7a:b1:9c:e1:c9:21:6c:f9:e7:0e:ff:ff:a6:17:32:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F9:E7:6A:FA:FC:07:23:BC:F1:DD:84:5E:06:06:FF:88:29:31:93
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P_nnavr8ByO88d2EXgYG_4gpMZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.151.0/24
185.110.128.0/24
185.110.130.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f0:e3:fa:ec:98:89:1c:58:57:bd:f8:48:96:f8:27:7d:08:
33:f9:de:fe:e3:df:64:7b:81:11:58:b2:1c:a0:f4:d6:21:a1:
df:10:03:b4:60:f0:3a:24:0e:d2:8b:5d:ee:c0:c1:a6:a1:8c:
a1:20:a0:31:91:e0:38:9d:e5:0c:59:4b:92:e4:1c:1b:43:06:
28:09:ca:9c:49:77:1b:50:52:dc:81:e5:3b:6a:16:9b:f7:24:
e4:a7:50:56:48:80:dd:d2:75:73:1a:cc:af:c3:62:ab:69:46:
24:6a:25:9f:0f:5c:60:62:6e:a7:4e:8d:6a:22:a3:73:4b:50:
ff:43:11:76:f0:ba:ba:3b:b9:54:63:ed:bb:ed:68:77:a8:29:
48:bf:f0:3b:b7:91:94:80:b3:01:84:e3:9a:05:6c:af:d0:a9:
3d:7d:8d:7c:28:1d:fc:fc:35:51:d4:21:0c:91:d9:b9:4a:3f:
5a:1b:60:43:da:97:f1:08:9b:67:56:75:26:13:0f:0f:66:9f:
7a:96:f3:a7:dc:ea:66:83:24:5f:4c:b8:a4:38:94:8e:98:a4:
4c:52:4e:ee:7e:48:c4:41:d8:11:c3:7f:59:95:69:f9:16:fb:
ec:04:02:a7:9f:c6:50:5f:7e:7c:d4:cd:3e:3f:9a:ad:a3:0b:
ad:56:96:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ6Yw0+mUfI0+Ifm5DvHigSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjIyMTgyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmY5ZTc2YWZhZmMwNzIzYmNmMWRkODQ1ZTA2MDZmZjg4MjkzMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkF5JZpx3Ss8EIO4R0fv3erXlX3r
jn4FeN1sGl1vePJuXCZavVjxHYJKpHggx1TZWtG/s0LgUUULk0qji3SeSy8O7qSr
wmpRXa5EkOa+69YVMQhV/f5ulCSAokjyxZlH/MIcKxK93G4E9IM0XCFywIpbt5Im
Xnmg78W4QIh3JgCR/aDTYZH6Lhc2p5Sp4eaHn8r0ekPR90ljRKwDAfCKZRpTtkTM
YOUdDNR7KxDuo665si12hiYB70RpYCbr9S1aTGU780tnrFeyRWfI+1srgKZe3IKp
OSZbfvxHlFxrnA2Tf61W9v2Vql+5BtwEXhN6sZzhySFs+ecO//+mFzKJvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD/552r6/AcjvPHdhF4GBv+IKTGTMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvUF9ubmF2cjhCeU84OGQyRVhnWUdfNGdwTVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWiXAwQA
uW6AAwQAuW6CMA0GCSqGSIb3DQEBCwUAA4IBAQBb8OP67JiJHFhXvfhIlvgnfQgz
+d7+499ke4ERWLIcoPTWIaHfEAO0YPA6JA7Si13uwMGmoYyhIKAxkeA4neUMWUuS
5BwbQwYoCcqcSXcbUFLcgeU7ahab9yTkp1BWSIDd0nVzGsyvw2KraUYkaiWfD1xg
Ym6nTo1qIqNzS1D/QxF28Lq6O7lUY+277Wh3qClIv/A7t5GUgLMBhOOaBWyv0Kk9
fY18KB38/DVR1CEMkdm5Sj9aG2BD2pfxCJtnVnUmEw8PZp96lvOn3OpmgyRfTLik
OJSOmKRMUk7ufkjEQdgRw39ZlWn5FvvsBAKnn8ZQX3581M0+P5qtowutVpYN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org