Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nHZXT0AAJBFAHin9YJdeplCM-AA.roa
File: nHZXT0AAJBFAHin9YJdeplCM-AA.roa (raw, json)
Hash identifier: yN+UoJxJpV28QXVJQuLyHdY6u1hQMYpvSA3vsMiE8s8=
Subject key identifier: 9C:76:57:4F:40:00:24:11:40:1E:29:FD:60:97:5E:A6:50:8C:F8:00
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01856DC1C9FE37BEE2CD6419222FED0437A1
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nHZXT0AAJBFAHin9YJdeplCM-AA.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.69.220.0/22 maxlen: 24
80.90.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Mar 2023 16:37:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c9:fe:37:be:e2:cd:64:19:22:2f:ed:04:37:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c76574f40002411401e29fd60975ea6508cf800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:3c:18:b4:59:bb:71:f2:8e:0b:d9:08:5a:
49:45:74:dd:80:43:73:f0:9d:20:cb:16:cc:d2:48:
11:d2:00:75:73:b3:60:2f:a5:6b:4f:3b:81:9c:72:
41:42:c8:e3:06:62:8e:14:d3:08:57:b8:c4:c9:87:
03:bc:ad:72:c6:24:b2:dd:57:1c:c4:69:be:b6:ba:
b1:89:fd:db:ca:23:1a:87:a6:b6:09:c6:e3:26:86:
7e:9e:07:89:ca:8b:7a:4e:43:de:0b:64:48:4a:9b:
e8:aa:b3:96:aa:60:12:10:86:80:55:bd:7a:6f:79:
47:b6:5a:e3:74:85:81:b1:51:e0:f4:22:85:22:a0:
b3:83:dd:ea:d8:92:81:7e:c6:dd:eb:8d:72:96:ac:
6e:68:88:28:e9:90:41:00:7c:2c:97:26:36:35:17:
df:1e:8b:a6:1f:14:bd:cd:b5:7e:5f:2c:ee:ac:8e:
ea:91:2c:ec:d0:dd:19:6b:69:d0:1b:42:71:3b:eb:
49:73:13:e8:ed:20:9d:98:18:4c:d2:c5:54:a8:79:
c5:e6:76:c2:d1:9a:87:dd:16:76:77:81:75:54:4d:
c5:a4:87:58:39:fc:04:c8:01:cb:4d:c7:62:a8:5e:
82:b5:45:c0:fe:e7:6f:b2:e8:03:80:49:ac:23:38:
88:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:76:57:4F:40:00:24:11:40:1E:29:FD:60:97:5E:A6:50:8C:F8:00
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nHZXT0AAJBFAHin9YJdeplCM-AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.184.0/22
185.69.220.0/22
Signature Algorithm: sha256WithRSAEncryption
30:cc:65:b2:47:80:43:e3:11:f7:48:f2:46:da:3b:d5:28:3b:
bb:bc:3e:8b:80:3e:51:3a:93:36:ed:30:5f:02:bc:ea:4f:b8:
34:75:66:65:e7:b9:97:e6:87:53:3e:94:bf:2f:73:0b:70:22:
95:9a:15:8e:45:19:a3:a2:e1:6c:e0:11:bd:64:d1:96:ec:83:
ce:ee:4d:5c:7e:eb:54:55:2c:b0:ae:a0:e6:c5:1f:51:44:14:
88:b3:ef:c9:13:d5:a5:52:1c:db:62:44:14:0f:63:4c:25:69:
d6:bc:af:77:e7:a7:da:42:fb:46:98:5d:0e:19:ec:af:8a:10:
02:a9:48:25:ef:d3:17:66:0b:57:25:00:c5:20:3b:15:90:39:
10:8e:4b:fa:86:52:b3:32:7a:b4:bb:79:52:3a:2d:c3:e1:85:
90:a1:e4:7d:42:ac:3a:e1:2d:a7:42:88:94:08:07:d3:97:34:
88:02:4a:39:b6:4f:58:2b:4e:25:08:b3:7c:7b:ef:d0:ca:71:
8e:3e:bf:9e:f4:a4:77:2a:be:15:a2:06:52:fe:9d:45:3f:e2:
db:57:0d:ea:d5:9b:06:80:5e:dd:64:76:22:cd:eb:89:8d:13:
74:13:40:4a:7e:09:b2:fe:18:81:71:73:4b:84:21:9b:84:81:
9e:6c:9e:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtwcn+N77izWQZIi/tBDehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzc2NTc0ZjQwMDAyNDExNDAxZTI5ZmQ2MDk3NWVhNjUwOGNmODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw08GLRZu3HyjgvZCFpJRXTdgENz
8J0gyxbM0kgR0gB1c7NgL6VrTzuBnHJBQsjjBmKOFNMIV7jEyYcDvK1yxiSy3Vcc
xGm+trqxif3byiMah6a2CcbjJoZ+ngeJyot6TkPeC2RISpvoqrOWqmASEIaAVb16
b3lHtlrjdIWBsVHg9CKFIqCzg93q2JKBfsbd641ylqxuaIgo6ZBBAHwslyY2NRff
HoumHxS9zbV+XyzurI7qkSzs0N0Za2nQG0JxO+tJcxPo7SCdmBhM0sVUqHnF5nbC
0ZqH3RZ2d4F1VE3FpIdYOfwEyAHLTcdiqF6CtUXA/udvsugDgEmsIziIKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJx2V09AACQRQB4p/WCXXqZQjPgAMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvbkhaWFQwQUFKQkZBSGluOVlKZGVwbENNLUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUFq4AwQC
uUXcMA0GCSqGSIb3DQEBCwUAA4IBAQAwzGWyR4BD4xH3SPJG2jvVKDu7vD6LgD5R
OpM27TBfArzqT7g0dWZl57mX5odTPpS/L3MLcCKVmhWORRmjouFs4BG9ZNGW7IPO
7k1cfutUVSywrqDmxR9RRBSIs+/JE9WlUhzbYkQUD2NMJWnWvK9356faQvtGmF0O
GeyvihACqUgl79MXZgtXJQDFIDsVkDkQjkv6hlKzMnq0u3lSOi3D4YWQoeR9Qqw6
4S2nQoiUCAfTlzSIAko5tk9YK04lCLN8e+/QynGOPr+e9KR3Kr4VogZS/p1FP+Lb
Vw3q1ZsGgF7dZHYizeuJjRN0E0BKfgmy/hiBcXNLhCGbhIGebJ4k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org