Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NraujrcC4kuI9auFzv1pwhSx26k.roa
File: NraujrcC4kuI9auFzv1pwhSx26k.roa (raw, json)
Hash identifier: saPJKLJp5nfbjLbeF0nkDJmha7FTYP8Z8OxOhmHw6K0=
Subject key identifier: 36:B6:AE:8E:B7:02:E2:4B:88:F5:AB:85:CE:FD:69:C2:14:B1:DB:A9
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0186A2FE23A826E13486F08C29565D19D68E
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NraujrcC4kuI9auFzv1pwhSx26k.roa
Signing time: Thu 02 Mar 2023 15:43:29 +0000
ROA not before: Thu 02 Mar 2023 15:43:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 81.29.151.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
81.29.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:fe:23:a8:26:e1:34:86:f0:8c:29:56:5d:19:d6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 2 15:43:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36b6ae8eb702e24b88f5ab85cefd69c214b1dba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f5:c2:e4:7c:c0:50:5d:73:1e:b3:c6:66:60:
15:14:51:fd:20:d0:98:90:35:c4:62:6b:c3:0b:00:
5c:a4:8b:c4:d0:7f:0a:ae:06:6d:b7:20:13:70:aa:
82:89:26:6e:83:18:9b:37:0e:2b:ee:27:32:60:1c:
b9:82:38:16:61:92:3f:4d:23:ef:c8:1b:28:5d:23:
a7:8a:92:f5:6a:85:21:78:6c:26:6c:a2:85:cd:f2:
a8:fe:46:07:66:98:3a:76:b6:61:d7:7d:4e:99:97:
26:19:ce:34:7d:05:46:51:77:10:eb:e8:86:54:07:
15:6c:2c:d7:08:f3:a3:54:9e:e9:88:1d:f7:80:b1:
eb:23:50:62:b9:8c:37:36:6a:31:ea:43:2e:e2:98:
93:ef:f0:95:b2:2b:01:43:da:bc:45:c9:0e:4d:da:
ed:57:68:0f:ba:82:dd:5f:2f:b7:e6:09:12:b4:93:
21:aa:b4:35:e9:ba:21:d3:78:50:75:ed:c1:90:8e:
ac:f6:c0:4f:45:a8:f3:9f:f4:25:2a:7d:5f:f9:f7:
37:56:a4:4c:42:30:83:00:d5:88:ef:90:10:15:9c:
03:d7:99:b9:79:67:ff:67:4b:52:5e:9a:59:37:a5:
c6:c0:f4:23:a5:f5:79:98:4a:7b:6a:80:26:63:ce:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B6:AE:8E:B7:02:E2:4B:88:F5:AB:85:CE:FD:69:C2:14:B1:DB:A9
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/NraujrcC4kuI9auFzv1pwhSx26k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.149.0/24
81.29.151.0/24
81.29.155.0/24
81.29.159.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:df:b3:a9:ce:21:e1:b7:81:df:9e:7b:9e:de:ee:68:77:57:
84:cf:8a:63:7d:cd:4b:37:25:c3:33:27:12:1b:35:b8:f2:cf:
2d:57:77:d0:53:98:a0:9e:2e:fb:e7:c8:59:2f:fe:05:e5:89:
79:39:a7:cb:64:2b:80:65:e9:63:48:19:15:5a:c4:00:47:ef:
a7:6e:5d:a3:de:ee:a1:3f:4c:d2:b1:e2:ff:78:b1:eb:01:ea:
73:ee:90:6b:dc:3f:7a:1c:23:07:07:64:d0:1f:4d:94:32:06:
9f:6c:0e:93:1a:62:84:76:5a:22:28:37:c1:f9:a0:fb:26:22:
4f:f6:9c:4e:25:16:b3:7e:60:f4:38:a8:dd:2e:5d:7b:0f:b7:
72:89:cd:1b:27:da:b2:88:e6:7a:25:6b:ac:87:d7:45:ef:0d:
53:80:4d:81:cf:69:04:ea:c3:84:e6:36:a0:d9:4c:5b:f5:cb:
db:5c:6a:19:f1:9a:b4:24:0d:e9:be:02:dc:13:aa:3e:01:2c:
7f:67:9e:d4:96:ed:2c:e4:a0:1a:4b:c1:44:8e:cb:be:f5:7d:
79:83:42:43:80:0f:a2:df:ab:e0:9b:32:ee:bb:43:12:59:45:
ab:53:68:16:3f:6d:bc:9e:d7:8c:0e:34:a0:64:0b:dd:8e:12:
e7:15:3e:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYai/iOoJuE0hvCMKVZdGdaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzAyMTU0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI2YWU4ZWI3MDJlMjRiODhmNWFiODVjZWZkNjljMjE0YjFkYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfXC5HzAUF1zHrPGZmAVFFH9INCY
kDXEYmvDCwBcpIvE0H8KrgZttyATcKqCiSZugxibNw4r7icyYBy5gjgWYZI/TSPv
yBsoXSOnipL1aoUheGwmbKKFzfKo/kYHZpg6drZh131OmZcmGc40fQVGUXcQ6+iG
VAcVbCzXCPOjVJ7piB33gLHrI1BiuYw3Nmox6kMu4piT7/CVsisBQ9q8RckOTdrt
V2gPuoLdXy+35gkStJMhqrQ16boh03hQde3BkI6s9sBPRajzn/QlKn1f+fc3VqRM
QjCDANWI75AQFZwD15m5eWf/Z0tSXppZN6XGwPQjpfV5mEp7aoAmY87rCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDa2ro63AuJLiPWrhc79acIUsdupMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTnJhdWpyY0M0a3VJOWF1Rnp2MXB3aFN4MjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUR2VAwQA
UR2XAwQAUR2bAwQAUR2fMA0GCSqGSIb3DQEBCwUAA4IBAQBd37OpziHht4Hfnnue
3u5od1eEz4pjfc1LNyXDMycSGzW48s8tV3fQU5igni7758hZL/4F5Yl5OafLZCuA
ZeljSBkVWsQAR++nbl2j3u6hP0zSseL/eLHrAepz7pBr3D96HCMHB2TQH02UMgaf
bA6TGmKEdloiKDfB+aD7JiJP9pxOJRazfmD0OKjdLl17D7dyic0bJ9qyiOZ6JWus
h9dF7w1TgE2Bz2kE6sOE5jag2Uxb9cvbXGoZ8Zq0JA3pvgLcE6o+ASx/Z57Ulu0s
5KAaS8FEjsu+9X15g0JDgA+i36vgmzLuu0MSWUWrU2gWP228nteMDjSgZAvdjhLn
FT7u
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org