Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/Nd-1eIg9OphbnJA1NCojk8tbOlQ.roa
File: Nd-1eIg9OphbnJA1NCojk8tbOlQ.roa (raw, json)
Hash identifier: sH+ex0QXGkoLrWr9C5w0uwVMPvjfCwmlwHplqKnHS2E=
Subject key identifier: 35:DF:B5:78:88:3D:3A:98:5B:9C:90:35:34:2A:23:93:CB:5B:3A:54
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 01856FF04488D28FEFB9A71DC23620522D6B
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/Nd-1eIg9OphbnJA1NCojk8tbOlQ.roa
Signing time: Mon 02 Jan 2023 00:44:55 +0000
ROA not before: Mon 02 Jan 2023 00:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48659
IP address blocks: 185.146.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:44:88:d2:8f:ef:b9:a7:1d:c2:36:20:52:2d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Jan 2 00:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35dfb578883d3a985b9c9035342a2393cb5b3a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cf:91:e4:f5:2e:87:f8:53:d1:7e:00:be:4d:
b7:57:56:91:a6:21:2d:65:22:e8:aa:34:e7:f7:4b:
bb:58:c9:a7:9e:36:c3:48:a8:e6:08:42:79:a6:23:
59:81:f1:a1:03:cd:31:3b:f7:21:92:7c:41:3d:f8:
ce:ee:03:a3:8a:cc:35:e2:48:61:ad:16:a8:c3:cf:
db:99:de:b1:d3:be:15:5c:13:56:13:a8:db:90:77:
d9:57:83:43:bc:62:fd:aa:fc:3b:f3:47:06:a4:40:
22:78:f8:07:99:96:57:96:c2:5e:e0:4a:d4:17:10:
ee:13:ca:34:9e:ca:d2:8b:3f:1b:ca:d2:91:d0:59:
03:02:27:69:fa:b9:77:60:60:5c:25:a4:12:dd:14:
c6:d0:ef:5e:a5:77:98:4c:44:50:72:30:15:2a:7e:
2d:5f:ea:38:71:64:5c:9f:ee:c3:14:0b:21:29:3b:
60:aa:a3:12:02:12:d7:ad:1e:b5:86:d2:00:25:13:
f3:15:43:0c:f6:2c:af:db:b8:ad:83:2c:1c:47:8f:
8d:65:f8:3b:1e:fe:7d:8f:fa:81:10:bf:0f:75:de:
ee:d3:8e:8f:11:4e:3c:53:99:62:0e:2b:c9:ef:b4:
6d:5f:5b:45:75:d0:89:49:92:c9:9b:a9:a4:0d:07:
9b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DF:B5:78:88:3D:3A:98:5B:9C:90:35:34:2A:23:93:CB:5B:3A:54
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/Nd-1eIg9OphbnJA1NCojk8tbOlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.226.0/24
Signature Algorithm: sha256WithRSAEncryption
55:bc:61:f4:75:b3:fe:52:b7:77:1a:b2:cb:8c:0f:5b:1a:ce:
82:30:6d:9a:d9:67:23:4c:52:bc:4b:6e:9b:ec:b4:4e:bd:e7:
9b:1f:14:8d:85:73:fd:f2:5a:da:60:ca:59:4e:48:d8:48:af:
6f:3b:d8:5b:6c:0a:30:00:ae:b4:08:9f:c2:8d:71:c1:02:be:
2e:00:90:33:27:f4:b7:2a:3b:38:eb:e2:19:19:43:4f:e4:f6:
64:ee:82:80:07:74:5c:ab:16:d8:0e:48:71:cf:08:92:66:ae:
0f:be:95:66:7d:9d:03:29:44:67:26:7e:7f:5f:30:23:83:92:
57:6e:86:fe:f2:c8:06:05:2e:9a:bc:33:76:8f:e9:26:89:4d:
c9:fb:7a:6c:aa:24:b8:8a:5b:de:d3:83:58:d0:db:6d:9e:26:
71:d2:d9:b6:f1:34:2a:7a:70:f6:ee:82:b4:64:c4:1e:2d:7e:
d0:c1:c2:b6:a6:12:ab:2e:a3:4a:51:18:09:8f:a8:71:d8:63:
da:13:ae:71:fd:01:4a:ec:87:ef:72:5b:44:d6:c0:4b:84:6e:
16:e9:aa:d4:c9:a7:ef:cd:74:f4:b7:09:3c:22:6f:ca:a3:97:
5a:b8:27:f7:d0:b0:f8:86:5c:b5:67:42:e6:77:cf:7c:97:3a:
4e:ad:cb:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8ESI0o/vuacdwjYgUi1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjMwMTAyMDA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRmYjU3ODg4M2QzYTk4NWI5YzkwMzUzNDJhMjM5M2NiNWIzYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc+R5PUuh/hT0X4Avk23V1aRpiEt
ZSLoqjTn90u7WMmnnjbDSKjmCEJ5piNZgfGhA80xO/chknxBPfjO7gOjisw14khh
rRaow8/bmd6x074VXBNWE6jbkHfZV4NDvGL9qvw780cGpEAiePgHmZZXlsJe4ErU
FxDuE8o0nsrSiz8bytKR0FkDAidp+rl3YGBcJaQS3RTG0O9epXeYTERQcjAVKn4t
X+o4cWRcn+7DFAshKTtgqqMSAhLXrR61htIAJRPzFUMM9iyv27itgywcR4+NZfg7
Hv59j/qBEL8Pdd7u046PEU48U5liDivJ77RtX1tFddCJSZLJm6mkDQebRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXftXiIPTqYW5yQNTQqI5PLWzpUMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvTmQtMWVJZzlPcGhibkpBMU5Db2prOHRiT2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZLiMA0G
CSqGSIb3DQEBCwUAA4IBAQBVvGH0dbP+Urd3GrLLjA9bGs6CMG2a2WcjTFK8S26b
7LROveebHxSNhXP98lraYMpZTkjYSK9vO9hbbAowAK60CJ/CjXHBAr4uAJAzJ/S3
Kjs46+IZGUNP5PZk7oKAB3RcqxbYDkhxzwiSZq4PvpVmfZ0DKURnJn5/XzAjg5JX
bob+8sgGBS6avDN2j+kmiU3J+3psqiS4ilve04NY0NttniZx0tm28TQqenD27oK0
ZMQeLX7QwcK2phKrLqNKURgJj6hx2GPaE65x/QFK7IfvcltE1sBLhG4W6arUyafv
zXT0twk8Im/Ko5dauCf30LD4hly1Z0Lmd898lzpOrcvg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org