Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/NNK26fxhIs1m6u80BJBPNgsuJDg.roa
File: NNK26fxhIs1m6u80BJBPNgsuJDg.roa (raw, json)
Hash identifier: ZscA5QBnOHV+SLoMZLVxAGx5fDpx+xSCS9Vth5gqbOk=
Subject key identifier: 34:D2:B6:E9:FC:61:22:CD:66:EA:EF:34:04:90:4F:36:0B:2E:24:38
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018B2EEE122CCF64303B297746819B2FA4C6
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/NNK26fxhIs1m6u80BJBPNgsuJDg.roa
Signing time: Sat 14 Oct 2023 16:03:55 +0000
ROA not before: Sat 14 Oct 2023 16:03:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 185.169.228.0/22 maxlen: 22
91.132.12.0/22 maxlen: 22
193.37.220.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:ee:12:2c:cf:64:30:3b:29:77:46:81:9b:2f:a4:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 14 16:03:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d2b6e9fc6122cd66eaef3404904f360b2e2438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d1:92:29:2f:4e:70:28:d3:6e:2e:79:27:fb:
e0:6b:08:51:bb:cd:bd:80:be:ee:83:a9:69:65:2b:
08:2a:4b:0c:cf:d6:0c:a6:18:15:d2:39:1c:76:a3:
84:a0:f3:4e:2f:01:38:d4:bc:96:d0:d9:10:d9:65:
7f:25:03:f6:32:b3:9c:90:68:a5:b8:97:61:ab:4e:
df:21:65:12:a6:d9:5c:17:ea:e9:c6:71:0e:a1:9e:
8b:ea:19:65:40:51:bb:12:ab:19:81:45:0b:af:5f:
81:95:df:35:23:9c:69:8f:e4:95:8e:ec:ab:7a:39:
06:a7:00:ae:6a:bc:0a:6c:de:47:36:ef:23:50:cc:
e8:80:0f:63:4f:57:f9:1c:9f:b9:96:96:cf:1e:e0:
e7:9a:fd:ac:95:5f:b2:64:b5:b7:f9:69:60:3f:69:
c2:95:55:b5:d3:26:24:08:9f:62:d1:55:2e:3e:45:
5e:4b:bc:8b:4a:50:45:67:9d:fd:89:ee:71:0f:c0:
a4:54:07:45:86:1c:cd:f2:11:1f:1b:15:7b:70:93:
62:9f:c2:2e:bf:ff:27:ff:82:06:d7:a7:1e:8b:83:
52:e0:57:a1:cc:f9:3f:25:db:44:bc:5c:1c:db:9f:
21:cf:5b:28:f1:12:fd:c5:54:d2:0d:4a:e4:2f:45:
90:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D2:B6:E9:FC:61:22:CD:66:EA:EF:34:04:90:4F:36:0B:2E:24:38
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/NNK26fxhIs1m6u80BJBPNgsuJDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.12.0/22
185.169.228.0/22
193.37.220.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:31:7d:a4:8f:a9:60:57:86:81:e1:d2:7e:ab:07:3e:13:13:
28:53:61:02:1a:b7:48:a9:95:41:ad:c9:52:9c:0e:df:5b:19:
1c:a7:0a:40:e0:80:31:31:68:af:f1:20:b6:71:4a:61:14:d0:
65:c8:ed:0a:38:1c:21:0c:b0:e2:38:91:09:50:74:c1:7f:54:
a1:1f:fe:af:94:a7:34:95:b4:55:2e:cb:e1:e7:1a:8e:d2:8d:
f4:20:9f:53:db:b8:d0:7b:72:57:ff:d3:3a:85:08:20:de:66:
82:82:8d:d4:f3:05:65:e0:8e:ed:60:ff:e4:80:d2:dd:16:83:
fe:0e:58:90:7c:be:d6:0c:68:72:b4:23:20:e9:37:62:9c:e0:
32:b2:4c:d5:51:d2:28:67:49:df:93:70:8a:06:3e:f8:24:81:
03:06:e3:c4:db:ef:19:cd:d7:e6:85:66:f3:90:d6:f1:dc:dc:
54:ce:21:75:96:96:15:b4:aa:35:cb:58:53:07:6f:9e:5a:22:
3f:e7:29:9d:1d:cb:9f:d6:f4:b7:fa:d9:1b:c7:ef:f0:2f:77:
0e:05:6a:a3:7d:bf:06:f0:47:ef:d0:7b:4f:7c:29:d2:4a:03:
05:04:76:02:3a:80:71:e2:10:39:b0:3a:f3:fa:e3:0e:06:0c:
a3:89:52:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsu7hIsz2QwOyl3RoGbL6TGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDE0MTYwMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQyYjZlOWZjNjEyMmNkNjZlYWVmMzQwNDkwNGYzNjBiMmUyNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitGSKS9OcCjTbi55J/vgawhRu829
gL7ug6lpZSsIKksMz9YMphgV0jkcdqOEoPNOLwE41LyW0NkQ2WV/JQP2MrOckGil
uJdhq07fIWUSptlcF+rpxnEOoZ6L6hllQFG7EqsZgUULr1+Bld81I5xpj+SVjuyr
ejkGpwCuarwKbN5HNu8jUMzogA9jT1f5HJ+5lpbPHuDnmv2slV+yZLW3+WlgP2nC
lVW10yYkCJ9i0VUuPkVeS7yLSlBFZ539ie5xD8CkVAdFhhzN8hEfGxV7cJNin8Iu
v/8n/4IG16cei4NS4FehzPk/JdtEvFwc258hz1so8RL9xVTSDUrkL0WQywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDTStun8YSLNZurvNASQTzYLLiQ4MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvTk5LMjZmeGhJczFtNnU4MEJKQlBOZ3N1SkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW4QMAwQC
uankAwQCwSXcMA0GCSqGSIb3DQEBCwUAA4IBAQCMMX2kj6lgV4aB4dJ+qwc+ExMo
U2ECGrdIqZVBrclSnA7fWxkcpwpA4IAxMWiv8SC2cUphFNBlyO0KOBwhDLDiOJEJ
UHTBf1ShH/6vlKc0lbRVLsvh5xqO0o30IJ9T27jQe3JX/9M6hQgg3maCgo3U8wVl
4I7tYP/kgNLdFoP+DliQfL7WDGhytCMg6TdinOAyskzVUdIoZ0nfk3CKBj74JIED
BuPE2+8ZzdfmhWbzkNbx3NxUziF1lpYVtKo1y1hTB2+eWiI/5ymdHcuf1vS3+tkb
x+/wL3cOBWqjfb8G8Efv0HtPfCnSSgMFBHYCOoBx4hA5sDrz+uMOBgyjiVLo
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:37 2024 by rpki-client on console-ams.rpki-client.org