Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa
File: NkGNcy-mltqHKSpFyuG9D84hfmA.roa (raw, json)
Hash identifier: yzEiYRyRDj0zfHh0kejRS1sKCVC+Bd4oZmzuiBp0m00=
Subject key identifier: 36:41:8D:73:2F:A6:96:DA:87:29:2A:45:CA:E1:BD:0F:CE:21:7E:60
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0187FFC58C5F4287E806473DCE2FE4D0F396
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa
Signing time: Tue 09 May 2023 09:09:09 +0000
ROA not before: Tue 09 May 2023 09:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.243.48.0/22 maxlen: 22
185.215.231.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:c5:8c:5f:42:87:e8:06:47:3d:ce:2f:e4:d0:f3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 9 09:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36418d732fa696da87292a45cae1bd0fce217e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:85:e2:94:cd:1f:7e:57:5d:0b:1a:c4:46:
ad:c4:f5:2b:d5:eb:d0:9d:af:06:62:34:4c:e3:49:
0d:38:2b:87:e7:c7:70:a9:a0:b7:26:f8:bf:03:ba:
2c:de:22:de:ce:71:b7:9f:db:6d:51:a0:40:47:21:
ca:30:53:43:82:18:65:9d:3a:b1:4d:85:43:5c:c1:
b6:1c:54:6d:26:e8:d1:c8:d0:fc:8a:86:ff:5b:1d:
6d:df:98:43:45:34:40:0e:48:d3:83:5b:16:4c:94:
bf:2c:11:d9:a2:11:16:0e:f5:86:87:58:a7:4d:8a:
a9:f7:40:33:c0:a0:2e:c8:39:d5:a4:a6:e5:c4:9b:
07:e4:56:3b:99:aa:b0:18:e9:49:7a:e6:21:cf:67:
8f:94:9a:b7:a7:d8:37:5c:4e:fc:78:b0:e0:e3:3a:
64:3a:f5:d3:f5:57:70:1d:26:26:e6:9b:ba:2b:b5:
58:1c:aa:b1:cb:ff:d8:e8:34:52:c2:1e:c6:c8:13:
88:ff:26:24:01:30:bb:a3:6f:d0:a6:fb:b8:9e:38:
b8:28:18:19:b2:36:11:02:e4:45:36:d3:21:99:7d:
5a:f3:01:d5:ed:42:0b:11:f2:23:81:ae:07:4e:45:
9b:55:3a:28:23:df:bb:19:49:7c:af:9c:1e:48:0b:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:41:8D:73:2F:A6:96:DA:87:29:2A:45:CA:E1:BD:0F:CE:21:7E:60
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.154.0/24
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.215.231.0/24
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:8b:7a:8c:3b:5c:4d:c1:83:c5:6e:20:c0:c2:ff:22:41:7f:
84:8f:92:2e:5e:ac:05:2c:ae:cf:29:21:ac:62:22:9d:fe:c3:
47:51:b6:24:ec:81:4b:42:e8:7f:ee:49:08:d8:47:1f:da:24:
35:0d:c2:03:d0:05:11:f3:bd:99:bd:3e:ee:20:20:44:49:29:
84:84:96:c2:3a:9a:41:16:08:fd:f6:8a:5a:f5:6a:62:39:6b:
ba:89:43:43:c1:15:51:82:38:aa:97:01:14:d1:d7:51:0e:6a:
24:d6:91:d4:8e:c0:c6:25:e8:d5:87:a2:5b:0c:db:38:8c:05:
78:1b:46:9b:0b:70:61:32:ba:e8:5e:fc:c6:8b:ff:4a:35:74:
0c:2b:8c:3b:f8:cf:ba:ba:68:0f:95:4a:1e:57:ce:a3:03:bf:
29:58:b0:e1:8c:fd:97:20:26:59:49:2a:ad:ab:a4:9e:5b:28:
ca:3f:83:c0:10:bc:2b:eb:c3:ba:25:63:eb:84:5d:e1:52:ee:
e1:1a:c8:5d:a2:94:2a:ef:18:5d:ab:c5:db:7e:5a:f1:44:e8:
3b:b2:50:ba:61:11:21:17:11:a9:09:59:61:71:6c:e3:73:04:
91:d4:52:bb:1f:81:26:a3:ba:22:bc:d8:7b:d0:99:36:48:5d:
aa:8b:7f:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYf/xYxfQofoBkc9zi/k0POWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNTA5MDkwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQxOGQ3MzJmYTY5NmRhODcyOTJhNDVjYWUxYmQwZmNlMjE3ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPyF4pTNH35XXQsaxEatxPUr1evQ
na8GYjRM40kNOCuH58dwqaC3Jvi/A7os3iLeznG3n9ttUaBARyHKMFNDghhlnTqx
TYVDXMG2HFRtJujRyND8iob/Wx1t35hDRTRADkjTg1sWTJS/LBHZohEWDvWGh1in
TYqp90AzwKAuyDnVpKblxJsH5FY7maqwGOlJeuYhz2ePlJq3p9g3XE78eLDg4zpk
OvXT9VdwHSYm5pu6K7VYHKqxy//Y6DRSwh7GyBOI/yYkATC7o2/Qpvu4nji4KBgZ
sjYRAuRFNtMhmX1a8wHV7UILEfIjga4HTkWbVTooI9+7GUl8r5weSAvESQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDZBjXMvppbahykqRcrhvQ/OIX5gMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTmtHTmN5LW1sdHFIS1NwRnl1RzlEODRoZm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsu+aAwQA
su+fAwQBuRoiAwQCuXysAwQAudfnAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQAL
i3qMO1xNwYPFbiDAwv8iQX+Ej5IuXqwFLK7PKSGsYiKd/sNHUbYk7IFLQuh/7kkI
2Ecf2iQ1DcID0AUR872ZvT7uICBESSmEhJbCOppBFgj99opa9WpiOWu6iUNDwRVR
gjiqlwEU0ddRDmok1pHUjsDGJejVh6JbDNs4jAV4G0abC3BhMrroXvzGi/9KNXQM
K4w7+M+6umgPlUoeV86jA78pWLDhjP2XICZZSSqtq6SeWyjKP4PAELwr68O6JWPr
hF3hUu7hGshdopQq7xhdq8XbflrxROg7slC6YREhFxGpCVlhcWzjcwSR1FK7H4Em
o7oivNh70Jk2SF2qi3+a
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org