Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/NTMNhdGr3x1YXegY6IGzyGqjalE.roa
File: NTMNhdGr3x1YXegY6IGzyGqjalE.roa (raw, json)
Hash identifier: Bb5k2PuXpDIrqdY+9lPism3ihPprMDmujr9re6Af4fc=
Subject key identifier: 35:33:0D:85:D1:AB:DF:1D:58:5D:E8:18:E8:81:B3:C8:6A:A3:6A:51
Certificate issuer: /CN=10b43613535ffaa73d9acc503c71a28fa17b3839
Certificate serial: 01856DDD1B72590B8A97CA31F2A31F57840F
Authority key identifier: 10:B4:36:13:53:5F:FA:A7:3D:9A:CC:50:3C:71:A2:8F:A1:7B:38:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ELQ2E1Nf-qc9msxQPHGij6F7ODk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/NTMNhdGr3x1YXegY6IGzyGqjalE.roa
Signing time: Sun 01 Jan 2023 15:04:44 +0000
ROA not before: Sun 01 Jan 2023 15:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49772
IP address blocks: 91.213.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:1b:72:59:0b:8a:97:ca:31:f2:a3:1f:57:84:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10b43613535ffaa73d9acc503c71a28fa17b3839
Validity
Not Before: Jan 1 15:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35330d85d1abdf1d585de818e881b3c86aa36a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:11:1a:37:0b:86:8a:5e:93:bb:26:c5:58:
36:e0:f1:5d:f1:f3:cb:b3:a1:4f:73:58:3a:13:08:
83:e2:c8:16:bb:e6:6a:e3:ae:ba:87:b2:ff:e6:f9:
ed:3b:87:4b:ca:07:59:73:80:d8:73:d8:05:fb:ab:
9d:2d:d5:69:0f:21:6f:40:dc:7f:a2:dc:16:91:7e:
27:d5:26:12:7b:c5:26:b9:88:a4:7e:b9:1b:30:5a:
13:10:dc:3b:c6:0f:85:4e:f3:db:ae:f5:e7:94:c2:
d2:bc:09:48:73:1a:d7:56:69:da:e4:95:a4:e9:c9:
3d:f3:a3:ce:81:26:64:d2:24:26:12:b4:b2:bc:c3:
a8:da:db:c8:15:87:bf:f6:ff:71:cf:34:c5:5e:c5:
a8:0b:52:1a:58:46:1b:ff:7e:a4:2a:d4:f3:77:33:
02:71:74:ca:e6:36:30:ef:2c:22:43:4f:1a:db:d3:
c2:07:ff:8f:98:dc:b4:68:67:9d:43:89:be:30:a5:
81:9c:7a:4d:7e:fc:36:67:ce:7b:53:65:ba:cc:da:
ea:67:f6:72:c7:94:0f:d2:09:54:80:04:2c:ac:ca:
26:9a:ed:c3:d7:36:9b:bd:2d:6f:1b:c4:64:4d:f2:
6e:98:83:2c:f5:d8:3c:44:d0:45:e9:55:e6:1d:39:
ca:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:33:0D:85:D1:AB:DF:1D:58:5D:E8:18:E8:81:B3:C8:6A:A3:6A:51
X509v3 Authority Key Identifier:
keyid:10:B4:36:13:53:5F:FA:A7:3D:9A:CC:50:3C:71:A2:8F:A1:7B:38:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELQ2E1Nf-qc9msxQPHGij6F7ODk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/NTMNhdGr3x1YXegY6IGzyGqjalE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/ELQ2E1Nf-qc9msxQPHGij6F7ODk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.210.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f7:17:06:50:9f:f1:01:fa:c4:0b:72:da:0e:6b:92:a7:d1:
ff:c0:a3:47:50:df:25:24:4a:e9:f5:ba:7b:35:84:55:5a:71:
8b:29:27:0e:18:91:f9:2a:f5:96:46:ea:a8:08:e7:60:b9:99:
36:6e:78:61:e7:f5:74:2f:a9:d1:ec:75:56:e0:96:c6:24:05:
bf:03:14:17:7c:bf:8a:0a:52:31:3c:69:cb:43:c1:1d:c1:6e:
13:f9:66:28:31:ab:14:ac:89:79:3c:fd:de:17:6c:c1:b5:6c:
71:db:4a:bf:a5:1c:0b:5a:94:d3:41:3c:ca:ab:12:fe:8c:fb:
a4:09:2b:d0:56:2b:2d:93:93:2d:50:d7:62:ed:64:91:f4:fb:
12:08:27:09:81:29:43:2f:79:8d:04:d7:af:4e:d5:3b:85:be:
ea:f1:14:f0:44:c4:dd:6a:1a:16:0d:40:79:6f:be:6c:91:5a:
e4:97:45:54:d9:17:de:40:0c:94:d9:b6:4f:c4:40:17:ab:68:
e3:57:09:ea:ac:3d:c1:36:b5:7e:85:bc:41:e8:fb:be:56:a6:
5c:16:a4:2c:ec:29:10:ff:37:23:b1:e2:a8:bd:09:ee:0f:42:
c0:c5:ce:3d:0b:50:86:e8:09:15:06:b0:f0:22:a4:ac:6e:c6:
cf:f7:8d:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3RtyWQuKl8ox8qMfV4QPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjQzNjEzNTM1ZmZhYTczZDlhY2M1MDNjNzFhMjhmYTE3
YjM4MzkwHhcNMjMwMTAxMTUwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTMzMGQ4NWQxYWJkZjFkNTg1ZGU4MThlODgxYjNjODZhYTM2YTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI0RGjcLhopek7smxVg24PFd8fPL
s6FPc1g6EwiD4sgWu+Zq4666h7L/5vntO4dLygdZc4DYc9gF+6udLdVpDyFvQNx/
otwWkX4n1SYSe8UmuYikfrkbMFoTENw7xg+FTvPbrvXnlMLSvAlIcxrXVmna5JWk
6ck986POgSZk0iQmErSyvMOo2tvIFYe/9v9xzzTFXsWoC1IaWEYb/36kKtTzdzMC
cXTK5jYw7ywiQ08a29PCB/+PmNy0aGedQ4m+MKWBnHpNfvw2Z857U2W6zNrqZ/Zy
x5QP0glUgAQsrMommu3D1zabvS1vG8RkTfJumIMs9dg8RNBF6VXmHTnKGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUzDYXRq98dWF3oGOiBs8hqo2pRMB8GA1UdIwQY
MBaAFBC0NhNTX/qnPZrMUDxxoo+hezg5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxRMkUxTmYtcWM5bXN4UVBIR2lqNkY3T0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yZWU3MWItOGZmZS00ZWI2LTk0MzQt
Y2YzYzFhNzllNjM0LzEvTlRNTmhkR3IzeDFZWGVnWTZJR3p5R3FqYWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yZWU3MWItOGZmZS00ZWI2LTk0MzQtY2YzYzFhNzllNjM0
LzEvRUxRMkUxTmYtcWM5bXN4UVBIR2lqNkY3T0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XSMA0G
CSqGSIb3DQEBCwUAA4IBAQBr9xcGUJ/xAfrEC3LaDmuSp9H/wKNHUN8lJErp9bp7
NYRVWnGLKScOGJH5KvWWRuqoCOdguZk2bnhh5/V0L6nR7HVW4JbGJAW/AxQXfL+K
ClIxPGnLQ8EdwW4T+WYoMasUrIl5PP3eF2zBtWxx20q/pRwLWpTTQTzKqxL+jPuk
CSvQVistk5MtUNdi7WSR9PsSCCcJgSlDL3mNBNevTtU7hb7q8RTwRMTdahoWDUB5
b75skVrkl0VU2RfeQAyU2bZPxEAXq2jjVwnqrD3BNrV+hbxB6Pu+VqZcFqQs7CkQ
/zcjseKovQnuD0LAxc49C1CG6AkVBrDwIqSsbsbP941W
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:53 2024 by rpki-client on console-fra.rpki-client.org