Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/NFBZPwU7lGfcDFNtGI8PDIDO_nU.roa
File: NFBZPwU7lGfcDFNtGI8PDIDO_nU.roa (raw, json)
Hash identifier: W31lrhaJO4HjD/gZzsHecwFG6VTCO92F0h72wmgDfek=
Subject key identifier: 34:50:59:3F:05:3B:94:67:DC:0C:53:6D:18:8F:0F:0C:80:CE:FE:75
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018E1503E7ABD8ACC6FDC5B9B57611765F48
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/NFBZPwU7lGfcDFNtGI8PDIDO_nU.roa
Signing time: Wed 06 Mar 2024 18:26:01 +0000
ROA not before: Wed 06 Mar 2024 18:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.243.152.0/24 maxlen: 24
185.243.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 19:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:03:e7:ab:d8:ac:c6:fd:c5:b9:b5:76:11:76:5f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Mar 6 18:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3450593f053b9467dc0c536d188f0f0c80cefe75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:1b:55:1e:3b:1f:58:15:b9:de:9d:5e:5a:
8c:91:aa:73:42:67:c3:7e:ce:e6:30:1e:b0:c2:80:
c0:3b:30:75:ea:60:a9:2e:48:08:67:6e:a5:30:f1:
b6:43:79:cc:c0:d0:17:e9:5c:27:5e:77:7f:a3:9b:
7a:44:d6:a1:c9:40:ff:a3:1c:e6:f6:6c:86:2c:c3:
c3:87:b7:8a:4c:e4:6b:72:fa:d5:c5:bc:60:92:88:
41:84:97:21:b0:ac:a8:bf:16:0e:b7:89:e8:7a:19:
a0:37:e7:9e:c6:66:22:a9:bf:b8:cc:7e:34:14:df:
8b:7e:e1:15:8a:1f:44:f7:61:fe:a5:17:83:9d:77:
ed:b9:f8:d0:97:0d:a9:cf:60:cd:ad:50:37:54:d1:
dc:ff:82:ee:7d:47:ea:06:32:0c:a3:20:4d:ad:69:
e3:ec:57:9f:0f:b6:c1:a4:15:ee:8d:eb:7d:c8:c5:
6c:93:a5:d5:dc:7a:dc:f9:d1:e0:d2:bd:f3:99:64:
9e:58:59:79:23:77:6c:4e:61:e4:d1:d4:0a:14:e0:
d5:40:12:ca:2c:12:3c:50:4e:f1:ed:95:9f:c9:c1:
e6:70:a4:da:17:1d:88:5d:56:e8:85:07:bc:52:92:
ad:84:a6:2d:e6:9e:01:df:6c:ad:fd:57:4f:6d:6f:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:50:59:3F:05:3B:94:67:DC:0C:53:6D:18:8F:0F:0C:80:CE:FE:75
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/NFBZPwU7lGfcDFNtGI8PDIDO_nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.152.0/23
Signature Algorithm: sha256WithRSAEncryption
62:ac:3c:2e:36:23:2b:5b:8d:bb:e5:2d:40:7b:52:aa:69:03:
ab:92:10:2b:01:e7:dc:50:4e:0b:ca:ab:b2:cd:a6:1f:18:23:
d3:df:e6:68:85:fb:6b:0c:16:ce:9a:7f:95:64:02:9c:78:59:
ee:28:20:6d:f1:84:e2:9b:1d:c8:14:71:4e:32:5f:79:ea:e6:
0b:8b:83:7e:b4:83:89:4b:e5:59:e4:e5:59:f2:80:37:a3:81:
63:f1:94:b0:c5:96:51:65:f0:43:a0:06:29:b9:76:12:ce:59:
ab:8d:48:67:4f:dc:b7:cd:4f:38:6b:8c:3c:22:6f:81:a5:2a:
8a:c6:cc:41:97:70:75:65:64:7c:bf:71:45:66:92:54:b9:5e:
9e:1a:d3:17:9f:54:ee:92:88:81:63:49:0a:7a:96:a9:3b:2d:
7d:98:88:7f:62:60:c2:76:22:94:d8:6f:a5:b9:5a:78:05:b8:
d7:ab:5f:fa:7f:74:a4:91:0c:84:00:3c:f6:ca:37:90:86:eb:
e3:3e:b3:fa:e6:47:45:95:1f:fc:b0:5a:fb:16:26:41:e6:b1:
34:79:b8:f2:3c:2d:2c:e9:0f:69:ef:8b:87:5f:77:28:56:af:
69:f2:f9:aa:88:c1:2b:c9:db:98:ca:e8:4e:68:ac:02:42:bc:
31:2d:0b:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4VA+er2KzG/cW5tXYRdl9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwMzA2MTgyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDUwNTkzZjA1M2I5NDY3ZGMwYzUzNmQxODhmMGYwYzgwY2VmZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYcbVR47H1gVud6dXlqMkapzQmfD
fs7mMB6wwoDAOzB16mCpLkgIZ26lMPG2Q3nMwNAX6VwnXnd/o5t6RNahyUD/oxzm
9myGLMPDh7eKTORrcvrVxbxgkohBhJchsKyovxYOt4noehmgN+eexmYiqb+4zH40
FN+LfuEVih9E92H+pReDnXftufjQlw2pz2DNrVA3VNHc/4LufUfqBjIMoyBNrWnj
7FefD7bBpBXujet9yMVsk6XV3Hrc+dHg0r3zmWSeWFl5I3dsTmHk0dQKFODVQBLK
LBI8UE7x7ZWfycHmcKTaFx2IXVbohQe8UpKthKYt5p4B32yt/VdPbW/4OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRQWT8FO5Rn3AxTbRiPDwyAzv51MB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvTkZCWlB3VTdsR2ZjREZOdEdJOFBESURPX25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBirDwuNiMrW4275S1Ae1KqaQOrkhArAefcUE4Lyquy
zaYfGCPT3+ZohftrDBbOmn+VZAKceFnuKCBt8YTimx3IFHFOMl956uYLi4N+tIOJ
S+VZ5OVZ8oA3o4Fj8ZSwxZZRZfBDoAYpuXYSzlmrjUhnT9y3zU84a4w8Im+BpSqK
xsxBl3B1ZWR8v3FFZpJUuV6eGtMXn1TukoiBY0kKepapOy19mIh/YmDCdiKU2G+l
uVp4BbjXq1/6f3SkkQyEADz2yjeQhuvjPrP65kdFlR/8sFr7FiZB5rE0ebjyPC0s
6Q9p74uHX3coVq9p8vmqiMEryduYyuhOaKwCQrwxLQuz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org