Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NvDtDPWHG-hRKVA_fJEsk9c7O9k.roa
File: NvDtDPWHG-hRKVA_fJEsk9c7O9k.roa (raw, json)
Hash identifier: LdWcEeedybe2DqNDG1nMTEWT4iyofnN0eiRglZ9D+x8=
Subject key identifier: 36:F0:ED:0C:F5:87:1B:E8:51:29:50:3F:7C:91:2C:93:D7:3B:3B:D9
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 01856F5DDD8A82926BB41E72843EFAA40E96
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NvDtDPWHG-hRKVA_fJEsk9c7O9k.roa
Signing time: Sun 01 Jan 2023 22:05:00 +0000
ROA not before: Sun 01 Jan 2023 22:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207582
IP address blocks: 185.28.63.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 19:56:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:dd:8a:82:92:6b:b4:1e:72:84:3e:fa:a4:0e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 1 22:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36f0ed0cf5871be85129503f7c912c93d73b3bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:c1:62:6e:fd:03:01:b9:ee:d1:1c:7e:0c:
d6:27:60:0e:85:6c:e1:bb:59:43:9c:8c:94:6c:ad:
46:33:9c:c4:ad:08:95:cd:0b:c9:5f:79:e8:44:50:
c3:56:93:31:8d:ec:cc:20:af:82:11:0d:47:3a:94:
71:37:33:8f:22:e6:b6:63:2d:3e:96:5a:44:10:e8:
b7:45:9a:51:7c:15:a3:6e:b9:35:3c:53:38:be:f0:
b0:5c:48:62:c5:e9:ea:e9:26:ad:1f:0d:2e:c5:89:
05:83:5b:82:8e:2a:c0:da:cc:3a:38:f9:3a:dd:4b:
5c:14:27:e4:ac:15:ef:c7:d1:ea:06:89:c5:39:1b:
c7:84:d2:ea:c7:69:d6:d4:19:90:1f:0c:92:bb:bd:
8e:51:1d:e7:b9:ce:5f:79:04:8a:12:a6:bc:e1:a1:
1c:1c:34:dd:d4:15:4d:0d:c9:44:e6:78:d9:d4:d6:
e8:20:70:4a:1f:0e:1a:3f:e8:30:bc:f5:ae:5a:8d:
9a:08:63:3c:bd:07:e0:76:57:8b:e0:21:00:a8:8e:
cc:b5:54:ad:0e:be:c4:11:1d:29:34:76:46:47:c6:
90:9b:7e:8c:60:fe:a6:54:79:cc:7a:28:2a:87:e0:
8e:ac:10:e9:38:c1:91:3f:f3:81:7e:e3:23:ec:d0:
85:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F0:ED:0C:F5:87:1B:E8:51:29:50:3F:7C:91:2C:93:D7:3B:3B:D9
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/NvDtDPWHG-hRKVA_fJEsk9c7O9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.62.0/23
Signature Algorithm: sha256WithRSAEncryption
49:d0:2d:64:ff:9f:09:4e:0b:e3:33:75:d0:b0:40:8e:c3:3c:
ed:e6:ea:45:d7:8a:bf:1e:e3:c2:32:d9:34:ff:3d:4a:8e:f5:
61:5c:15:ff:2f:6c:4b:84:ee:2b:7c:92:25:76:13:01:97:8b:
1d:f4:a4:1a:8f:60:8d:f4:59:bb:c8:99:2b:cc:59:d8:5c:6b:
ca:02:9a:e4:d8:c3:75:ae:10:9d:39:f6:ac:c0:21:cc:b9:7d:
7d:f4:d5:8a:d2:03:a2:a1:c3:eb:b9:6f:24:c2:67:41:64:ef:
dc:83:82:7f:81:26:48:69:46:bb:c4:05:1b:49:ab:68:d9:67:
1a:57:b2:c6:9b:62:b6:56:2f:09:bc:8d:6e:c4:e9:91:72:5c:
f7:3f:eb:b4:1c:e8:dd:e6:d7:ec:0f:70:1c:31:24:c2:70:f6:
4c:1d:77:0b:c2:ce:50:3c:57:72:04:69:14:e1:fd:38:50:7c:
3d:eb:ae:f3:97:09:bf:dd:da:e4:6c:41:b5:a7:f4:ae:d5:73:
b8:80:ae:6b:43:79:7a:e7:53:3f:02:15:af:2d:82:20:54:51:
0d:69:a2:b9:e3:92:ec:c2:a6:71:5e:f7:84:5e:f7:2f:fa:ba:
5e:0e:e8:d2:76:51:84:74:4e:ce:18:19:54:d3:2d:f4:dc:7d:
e3:2c:4c:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXd2KgpJrtB5yhD76pA6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMTAxMjIwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYwZWQwY2Y1ODcxYmU4NTEyOTUwM2Y3YzkxMmM5M2Q3M2IzYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP3BYm79AwG57tEcfgzWJ2AOhWzh
u1lDnIyUbK1GM5zErQiVzQvJX3noRFDDVpMxjezMIK+CEQ1HOpRxNzOPIua2Yy0+
llpEEOi3RZpRfBWjbrk1PFM4vvCwXEhixenq6SatHw0uxYkFg1uCjirA2sw6OPk6
3UtcFCfkrBXvx9HqBonFORvHhNLqx2nW1BmQHwySu72OUR3nuc5feQSKEqa84aEc
HDTd1BVNDclE5njZ1NboIHBKHw4aP+gwvPWuWo2aCGM8vQfgdleL4CEAqI7MtVSt
Dr7EER0pNHZGR8aQm36MYP6mVHnMeigqh+COrBDpOMGRP/OBfuMj7NCFzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbw7Qz1hxvoUSlQP3yRLJPXOzvZMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvTnZEdERQV0hHLWhSS1ZBX2ZKRXNrOWM3TzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRw+MA0G
CSqGSIb3DQEBCwUAA4IBAQBJ0C1k/58JTgvjM3XQsECOwzzt5upF14q/HuPCMtk0
/z1KjvVhXBX/L2xLhO4rfJIldhMBl4sd9KQaj2CN9Fm7yJkrzFnYXGvKAprk2MN1
rhCdOfaswCHMuX199NWK0gOiocPruW8kwmdBZO/cg4J/gSZIaUa7xAUbSato2Wca
V7LGm2K2Vi8JvI1uxOmRclz3P+u0HOjd5tfsD3AcMSTCcPZMHXcLws5QPFdyBGkU
4f04UHw9667zlwm/3drkbEG1p/Su1XO4gK5rQ3l651M/AhWvLYIgVFENaaK545Ls
wqZxXveEXvcv+rpeDujSdlGEdE7OGBlU0y303H3jLEyc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:49 2024 by rpki-client on console-ams.rpki-client.org