Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/NKZbxdhvJR-8f70bo0igi2pbCGA.roa
File: NKZbxdhvJR-8f70bo0igi2pbCGA.roa (raw, json)
Hash identifier: LeFYuc33aE21JGBkKUhOLmEIJ+7PRTnY0uzZryJ5RQo=
Subject key identifier: 34:A6:5B:C5:D8:6F:25:1F:BC:7F:BD:1B:A3:48:A0:8B:6A:5B:08:60
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 0187BDABC0FB15CAF21E966FD99BEA748C1F
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/NKZbxdhvJR-8f70bo0igi2pbCGA.roa
Signing time: Wed 26 Apr 2023 13:06:02 +0000
ROA not before: Wed 26 Apr 2023 13:06:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29037
IP address blocks: 185.39.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Apr 2023 10:38:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:ab:c0:fb:15:ca:f2:1e:96:6f:d9:9b:ea:74:8c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Apr 26 13:06:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a65bc5d86f251fbc7fbd1ba348a08b6a5b0860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:af:4b:b2:38:2c:87:88:93:97:25:95:55:e7:
19:cc:6b:0a:77:15:f0:e3:1c:98:e7:0e:4c:86:dd:
d9:86:24:8c:12:d4:d3:3a:0a:04:85:ce:a3:89:31:
be:95:4f:07:7e:95:be:58:ab:27:4b:82:b4:73:40:
a9:17:7b:f1:40:8f:de:cb:90:1a:59:c7:2e:77:83:
99:a5:78:39:0c:45:ed:7d:b8:75:5f:bc:ec:78:b3:
a7:bd:6d:a1:99:71:15:72:96:51:ed:80:ab:e2:d4:
d1:03:0e:03:09:7c:a4:95:83:b0:6e:e7:fa:7e:2d:
e5:60:00:50:7c:09:f1:e0:46:c3:b4:63:bf:85:c4:
91:ce:ed:25:7f:bc:ec:c9:01:d4:dd:4f:75:b9:b7:
5d:5c:7d:e6:df:29:a4:4c:a6:83:a3:7b:e6:48:a0:
18:d2:1e:8e:10:ce:e2:8c:98:79:94:87:7b:21:f5:
91:14:7e:1f:79:d3:dd:fb:77:a2:d2:51:fd:3a:51:
57:0a:f8:52:34:09:db:78:d7:9c:16:9d:87:af:22:
b5:50:3a:f7:f0:dd:8b:4f:c2:54:a5:03:93:79:61:
1c:42:48:9b:17:e7:a1:f8:86:7e:60:73:42:8f:2b:
ff:37:cc:c8:01:2b:9c:11:bb:43:6b:5f:0d:49:21:
4d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A6:5B:C5:D8:6F:25:1F:BC:7F:BD:1B:A3:48:A0:8B:6A:5B:08:60
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/NKZbxdhvJR-8f70bo0igi2pbCGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.108.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:8d:e1:f7:88:f4:df:19:63:66:5f:8c:cd:ba:bf:ce:65:d8:
3f:99:15:1e:c7:55:a7:cd:99:0a:37:ef:dd:9a:93:c3:13:dd:
43:53:ad:48:7c:66:2d:81:10:1f:d7:96:68:79:de:1e:96:1d:
dd:2e:c0:cc:4b:94:03:9b:fa:8b:d6:3a:54:32:81:06:c8:83:
90:01:83:3e:18:d4:06:4a:5e:c4:e2:24:e2:9c:ae:f5:1e:5a:
ee:17:cd:a0:8d:42:c6:8f:86:b0:fa:ab:92:62:84:2d:c6:56:
ac:7b:46:78:82:9f:40:c1:66:5c:3d:d5:e7:b7:cf:9e:ca:a8:
64:27:f3:48:6c:dc:46:1b:0b:49:cf:46:8f:c3:11:0b:10:f4:
24:dd:37:61:a5:86:3f:f0:4a:8d:18:3b:b2:5a:cf:ea:36:23:
9d:14:db:71:10:0e:b9:32:58:a2:b2:49:ca:e5:db:35:53:d1:
5f:55:25:6a:17:57:e1:5f:32:23:79:b6:5e:75:49:f4:87:f4:
11:ff:3b:4a:d6:78:1d:8b:9b:e3:59:9a:ed:95:ae:16:15:e2:
e5:9b:55:bf:f3:3b:2f:7c:47:6a:e8:d4:ac:25:99:dd:65:54:
fa:fb:76:57:62:4a:cc:d6:3f:a1:d0:ce:9c:ae:43:f5:40:1c:
89:58:5c:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9q8D7FcryHpZv2ZvqdIwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjMwNDI2MTMwNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE2NWJjNWQ4NmYyNTFmYmM3ZmJkMWJhMzQ4YTA4YjZhNWIwODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK9Lsjgsh4iTlyWVVecZzGsKdxXw
4xyY5w5Mht3ZhiSMEtTTOgoEhc6jiTG+lU8HfpW+WKsnS4K0c0CpF3vxQI/ey5Aa
Wccud4OZpXg5DEXtfbh1X7zseLOnvW2hmXEVcpZR7YCr4tTRAw4DCXyklYOwbuf6
fi3lYABQfAnx4EbDtGO/hcSRzu0lf7zsyQHU3U91ubddXH3m3ymkTKaDo3vmSKAY
0h6OEM7ijJh5lId7IfWRFH4fedPd+3ei0lH9OlFXCvhSNAnbeNecFp2HryK1UDr3
8N2LT8JUpQOTeWEcQkibF+eh+IZ+YHNCjyv/N8zIASucEbtDa18NSSFNSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSmW8XYbyUfvH+9G6NIoItqWwhgMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvTktaYnhkaHZKUi04ZjcwYm8waWdpMnBiQ0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSdsMA0G
CSqGSIb3DQEBCwUAA4IBAQBejeH3iPTfGWNmX4zNur/OZdg/mRUex1WnzZkKN+/d
mpPDE91DU61IfGYtgRAf15Zoed4elh3dLsDMS5QDm/qL1jpUMoEGyIOQAYM+GNQG
Sl7E4iTinK71HlruF82gjULGj4aw+quSYoQtxlase0Z4gp9AwWZcPdXnt8+eyqhk
J/NIbNxGGwtJz0aPwxELEPQk3TdhpYY/8EqNGDuyWs/qNiOdFNtxEA65MliisknK
5ds1U9FfVSVqF1fhXzIjebZedUn0h/QR/ztK1ngdi5vjWZrtla4WFeLlm1W/8zsv
fEdq6NSsJZndZVT6+3ZXYkrM1j+h0M6crkP1QByJWFwp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:28 2024 by rpki-client on console-fra.rpki-client.org