Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NWJt2McLE519yfXfMTZd_whuMMU.roa
File: NWJt2McLE519yfXfMTZd_whuMMU.roa (raw, json)
Hash identifier: 7kzRXOcCPUdU/CW0aC2ihntifsegGP8cSD6phvm0Kew=
Subject key identifier: 35:62:6D:D8:C7:0B:13:9D:7D:C9:F5:DF:31:36:5D:FF:08:6E:30:C5
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0186B2DBE600A476A33628F9FD999EFDEE26
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NWJt2McLE519yfXfMTZd_whuMMU.roa
Signing time: Sun 05 Mar 2023 17:40:01 +0000
ROA not before: Sun 05 Mar 2023 17:40:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210001
IP address blocks: 185.124.151.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b2:db:e6:00:a4:76:a3:36:28:f9:fd:99:9e:fd:ee:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Mar 5 17:40:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35626dd8c70b139d7dc9f5df31365dff086e30c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f5:9a:5d:0f:62:d8:a9:7f:dd:67:8a:b4:f7:
aa:85:67:7c:04:e7:13:2f:73:9c:0c:22:0d:fb:ac:
8e:32:e2:54:9c:09:f2:6f:11:fb:68:f7:ee:48:c8:
84:ec:7f:18:db:ef:e4:a8:26:79:00:bb:84:ed:88:
04:38:bc:73:9b:2e:88:1e:4a:3f:f1:f5:dd:01:1b:
1a:78:45:70:c4:43:88:c1:a9:6e:ab:f0:b5:ae:fc:
c3:cb:44:be:3a:f9:16:51:9a:aa:04:2a:be:2d:bf:
a6:51:06:b6:43:02:be:5d:ce:22:67:47:69:b4:0d:
47:ed:e6:c5:29:70:5a:df:6a:62:38:21:6e:c0:fe:
ef:f5:5c:26:41:fa:e3:b2:6b:cb:fd:57:6b:ce:2f:
b9:ea:0f:39:e8:99:b7:e3:ea:bb:9d:b8:61:78:f1:
6d:ac:b4:f6:30:ae:c2:82:77:b5:97:cc:9b:b0:18:
e0:c5:66:5f:c7:d5:e2:b6:ff:95:af:32:02:7d:7a:
c4:48:1a:0f:9b:46:40:3f:89:7a:2a:6b:c1:2a:85:
b9:80:8e:b8:13:65:0d:71:33:87:37:2e:ed:c8:99:
26:6a:fa:9a:0d:a9:03:c5:4a:f9:07:40:a4:11:df:
75:ca:55:ae:9f:aa:5b:82:7a:36:a0:34:7b:55:ff:
4a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:62:6D:D8:C7:0B:13:9D:7D:C9:F5:DF:31:36:5D:FF:08:6E:30:C5
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/NWJt2McLE519yfXfMTZd_whuMMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.151.0/24
185.235.141.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ca:e4:6b:43:a2:66:98:29:0e:a2:34:59:66:be:22:55:83:
59:6a:e0:a7:38:bf:ce:1e:d3:eb:36:98:23:7a:e1:82:81:53:
36:d8:29:6c:c3:a2:aa:71:96:4b:f3:e0:56:f1:45:91:76:c4:
43:bd:1b:5d:21:99:6c:b6:ff:1c:f8:d0:68:ce:96:1e:b1:53:
57:f9:09:49:a7:cd:66:e6:3a:69:3a:83:2e:ee:d4:43:6d:c8:
a9:6a:ab:e0:f2:00:ef:36:93:09:f9:f5:97:6b:6b:d1:bb:b8:
18:ff:6e:55:2c:98:92:b3:cb:20:2a:d2:1d:41:05:ba:0f:1c:
df:b2:6b:8f:6d:da:8a:19:36:5c:56:2e:e3:04:ff:df:79:c2:
fb:24:58:02:c4:ea:9a:bb:50:9e:4e:ed:a2:d3:9c:2a:2a:e4:
53:db:01:4f:a7:bd:7a:d1:58:ae:49:01:a9:50:69:d9:3e:b4:
0c:65:39:b4:ac:71:94:b5:13:61:2f:0d:68:eb:f2:c1:82:e5:
73:6f:07:b8:f1:87:e4:6d:eb:a5:55:ab:d3:c4:a0:d0:4c:36:
8e:e2:fc:1a:f6:f4:58:15:7b:f5:9c:cf:8a:6b:88:e1:a2:cb:
13:e5:74:bb:5d:a5:33:37:39:9d:6f:36:70:62:7c:e8:a8:34:
8f:36:24:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYay2+YApHajNij5/Zme/e4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMwMzA1MTc0MDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTYyNmRkOGM3MGIxMzlkN2RjOWY1ZGYzMTM2NWRmZjA4NmUzMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPWaXQ9i2Kl/3WeKtPeqhWd8BOcT
L3OcDCIN+6yOMuJUnAnybxH7aPfuSMiE7H8Y2+/kqCZ5ALuE7YgEOLxzmy6IHko/
8fXdARsaeEVwxEOIwaluq/C1rvzDy0S+OvkWUZqqBCq+Lb+mUQa2QwK+Xc4iZ0dp
tA1H7ebFKXBa32piOCFuwP7v9VwmQfrjsmvL/Vdrzi+56g856Jm34+q7nbhhePFt
rLT2MK7Cgne1l8ybsBjgxWZfx9Xitv+VrzICfXrESBoPm0ZAP4l6KmvBKoW5gI64
E2UNcTOHNy7tyJkmavqaDakDxUr5B0CkEd91ylWun6pbgno2oDR7Vf9KzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDVibdjHCxOdfcn13zE2Xf8IbjDFMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvTldKdDJNY0xFNTE5eWZYZk1UWmRfd2h1TU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXyXAwQA
ueuNMA0GCSqGSIb3DQEBCwUAA4IBAQBHyuRrQ6JmmCkOojRZZr4iVYNZauCnOL/O
HtPrNpgjeuGCgVM22Clsw6KqcZZL8+BW8UWRdsRDvRtdIZlstv8c+NBozpYesVNX
+QlJp81m5jppOoMu7tRDbcipaqvg8gDvNpMJ+fWXa2vRu7gY/25VLJiSs8sgKtId
QQW6DxzfsmuPbdqKGTZcVi7jBP/fecL7JFgCxOqau1CeTu2i05wqKuRT2wFPp716
0ViuSQGpUGnZPrQMZTm0rHGUtRNhLw1o6/LBguVzbwe48YfkbeulVavTxKDQTDaO
4vwa9vRYFXv1nM+Ka4jhossT5XS7XaUzNzmdbzZwYnzoqDSPNiTr
-----END CERTIFICATE-----
Generated at Sun Dec 10 11:45:35 2023 by rpki-client on console-fra.rpki-client.org