Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/ncB3iHzL7P0qvkP6kvC8Mshifxw.roa
File: ncB3iHzL7P0qvkP6kvC8Mshifxw.roa (raw, json)
Hash identifier: wJcjRVt4Md3WPu+U5G3PqVMGYD1hn/TDyrVeaQhkJeI=
Subject key identifier: 9D:C0:77:88:7C:CB:EC:FD:2A:BE:43:FA:92:F0:BC:32:C8:62:7F:1C
Certificate issuer: /CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Certificate serial: 018572E7FDF20B335945FC9886172A78804B
Authority key identifier: B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/ncB3iHzL7P0qvkP6kvC8Mshifxw.roa
Signing time: Mon 02 Jan 2023 14:34:44 +0000
ROA not before: Mon 02 Jan 2023 14:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12998
IP address blocks: 5.183.200.0/22 maxlen: 24
195.3.156.0/22 maxlen: 24
193.227.206.0/23 maxlen: 24
91.196.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e7:fd:f2:0b:33:59:45:fc:98:86:17:2a:78:80:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Validity
Not Before: Jan 2 14:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dc077887ccbecfd2abe43fa92f0bc32c8627f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:c1:45:d0:1a:16:24:84:b8:77:e9:ab:a8:30:
99:57:2e:71:d2:06:e4:79:20:db:0b:90:c8:7b:ad:
0f:d7:91:df:17:ec:12:c7:c3:a7:37:ee:74:92:a1:
d3:91:63:40:d5:e8:e5:31:5f:38:d7:9c:83:b1:71:
ed:d5:a5:8a:28:d7:ec:c6:9f:d3:ba:03:e8:c5:5f:
ca:94:c8:b5:e8:9b:8d:d5:41:b1:eb:28:f8:14:14:
f6:10:7d:78:8f:71:6e:9b:46:df:c5:aa:cc:06:c9:
df:ba:2a:ee:ec:ea:f2:2c:de:96:18:b9:44:45:54:
14:14:7d:1d:6f:a7:3e:e7:fa:95:3c:17:14:9c:84:
57:11:e9:14:b1:b8:ac:22:f4:29:b9:a2:ff:b5:86:
a4:5b:57:b4:0f:db:ab:8a:4c:f5:47:e8:e0:80:62:
9c:0b:1a:c3:76:52:80:af:99:72:f1:2e:a1:cc:30:
00:83:4e:1c:73:6f:6c:3c:92:eb:a9:28:79:9c:10:
83:b9:89:58:07:53:6b:35:ad:2f:8f:c5:68:66:d0:
70:fa:0f:5b:a0:20:e6:10:71:02:f2:66:a7:8f:3f:
8a:5f:93:c2:a4:8e:04:2f:17:40:e6:e8:62:e7:4f:
3d:90:ba:60:86:bf:9f:59:ff:46:e8:2f:86:be:f7:
6a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C0:77:88:7C:CB:EC:FD:2A:BE:43:FA:92:F0:BC:32:C8:62:7F:1C
X509v3 Authority Key Identifier:
keyid:B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/ncB3iHzL7P0qvkP6kvC8Mshifxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.200.0/22
91.196.100.0/22
193.227.206.0/23
195.3.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:97:f2:3b:8e:dc:c9:35:a7:08:6a:75:d3:31:b0:47:ef:e1:
e6:49:98:1c:e1:bb:cb:ce:93:e2:f0:7a:06:13:b5:b1:30:e2:
1c:8c:86:6c:dd:d5:e1:91:42:11:ee:a0:1f:98:2e:a3:3e:ed:
41:6c:34:0a:3b:8f:bf:37:ec:80:09:2a:72:9a:e0:79:b6:b8:
b5:59:0c:54:eb:18:d1:d6:a5:8b:79:ce:9c:0e:48:d3:c7:30:
10:a5:11:f6:a3:a3:6c:29:e4:6b:0b:0b:fd:6e:6c:7d:8c:0b:
7c:80:26:a6:43:cc:fa:a0:b9:4e:fa:b5:7d:4f:25:e5:1e:94:
d5:de:f4:1e:d2:99:af:a7:47:ac:70:2b:38:d3:21:89:82:25:
6e:f7:39:a7:3d:15:19:6f:05:0d:33:40:5d:34:c7:8e:b2:9a:
ad:8f:db:32:cc:be:7a:05:1e:49:2d:41:d6:39:6c:24:f2:c1:
bc:b3:42:05:0d:dc:3d:6d:a6:11:48:57:8e:b9:d9:10:d7:e2:
88:89:c0:06:db:75:ab:5d:b6:b9:c6:2a:a7:6b:47:5e:ba:cd:
77:9e:cf:01:9a:fc:c6:31:50:fa:55:e1:4c:2e:4a:5c:31:8a:
95:d1:f8:a3:90:84:38:62:2f:19:49:78:01:4c:ea:05:4b:34:
d8:ec:54:8d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVy5/3yCzNZRfyYhhcqeIBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDAwYjgxZTllZDRiMmE3MDJhMWVmNWY4NTJlMGU3Njll
ZTEwZTIwHhcNMjMwMTAyMTQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMwNzc4ODdjY2JlY2ZkMmFiZTQzZmE5MmYwYmMzMmM4NjI3ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cFF0BoWJIS4d+mrqDCZVy5x0gbk
eSDbC5DIe60P15HfF+wSx8OnN+50kqHTkWNA1ejlMV8415yDsXHt1aWKKNfsxp/T
ugPoxV/KlMi16JuN1UGx6yj4FBT2EH14j3Fum0bfxarMBsnfuiru7OryLN6WGLlE
RVQUFH0db6c+5/qVPBcUnIRXEekUsbisIvQpuaL/tYakW1e0D9urikz1R+jggGKc
CxrDdlKAr5ly8S6hzDAAg04cc29sPJLrqSh5nBCDuYlYB1NrNa0vj8VoZtBw+g9b
oCDmEHEC8manjz+KX5PCpI4ELxdA5uhi5089kLpghr+fWf9G6C+GvvdqawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ3Ad4h8y+z9Kr5D+pLwvDLIYn8cMB8GA1UdIwQY
MBaAFLUAC4Hp7UsqcCoe9fhS4Odp7hDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYt
ZDQxZTAzNTkyMzM1LzEvbmNCM2lIekw3UDBxdmtQNmt2QzhNc2hpZnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYtZDQxZTAzNTkyMzM1
LzEvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbfIAwQC
W8RkAwQBwePOAwQCwwOcMA0GCSqGSIb3DQEBCwUAA4IBAQBNl/I7jtzJNacIanXT
MbBH7+HmSZgc4bvLzpPi8HoGE7WxMOIcjIZs3dXhkUIR7qAfmC6jPu1BbDQKO4+/
N+yACSpymuB5tri1WQxU6xjR1qWLec6cDkjTxzAQpRH2o6NsKeRrCwv9bmx9jAt8
gCamQ8z6oLlO+rV9TyXlHpTV3vQe0pmvp0escCs40yGJgiVu9zmnPRUZbwUNM0Bd
NMeOspqtj9syzL56BR5JLUHWOWwk8sG8s0IFDdw9baYRSFeOudkQ1+KIicAG23Wr
Xba5xiqna0deus13ns8BmvzGMVD6VeFMLkpcMYqV0fijkIQ4Yi8ZSXgBTOoFSzTY
7FSN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:56 2024 by rpki-client on console-ams.rpki-client.org