Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/NFvmHJW9mpz1smnj-6HlLtLqPqs.roa
File: NFvmHJW9mpz1smnj-6HlLtLqPqs.roa (raw, json)
Hash identifier: da6xWToB5kVZlrY5o6oAl8cptninQqsmI4L/tsWVqYU=
Subject key identifier: 34:5B:E6:1C:95:BD:9A:9C:F5:B2:69:E3:FB:A1:E5:2E:D2:EA:3E:AB
Certificate issuer: /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial: 0192527BA88AFD7BC3D4FEEA223A507B3917
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/NFvmHJW9mpz1smnj-6HlLtLqPqs.roa
Signing time: Thu 03 Oct 2024 13:04:48 +0000
ROA not before: Thu 03 Oct 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 185.167.232.0/24 maxlen: 24
185.167.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 10:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:7b:a8:8a:fd:7b:c3:d4:fe:ea:22:3a:50:7b:39:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Validity
Not Before: Oct 3 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=345be61c95bd9a9cf5b269e3fba1e52ed2ea3eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3d:d4:b6:f0:42:ff:e0:89:72:af:19:76:f6:
7d:55:2b:10:31:27:08:7e:6a:d5:b9:2f:66:22:d5:
c1:e9:bd:aa:bb:5d:e1:66:bc:ed:84:e3:9b:b3:65:
ce:79:81:9a:98:27:d3:70:02:40:e3:c5:89:e8:7d:
44:82:91:8a:8f:b7:8e:03:c6:0a:36:d4:db:83:d4:
5f:8c:5e:47:55:64:7a:f6:6e:36:37:8e:c0:85:60:
0e:b7:4b:44:7d:9f:72:fc:72:82:63:a2:a7:c2:b1:
12:67:a1:fb:69:23:c6:55:36:cd:a6:21:e0:f5:c0:
c3:87:97:dc:13:22:55:d0:33:23:de:96:93:6b:fb:
92:44:b7:5f:f3:57:75:bd:12:36:e0:db:d1:22:6b:
29:70:9f:a4:fd:b5:8e:d7:89:3c:16:ce:a5:e9:02:
ae:c7:55:36:15:ca:df:21:c8:10:9f:f8:a0:1c:51:
de:23:e5:1f:b1:b7:ba:6d:df:ec:cf:62:bf:c1:de:
b2:90:83:1a:43:04:50:6a:be:0b:ae:f0:f6:2e:68:
4f:19:e5:76:cd:bd:b1:f5:01:66:e0:18:66:0c:3d:
77:60:76:4f:97:96:96:a9:36:fe:28:1d:de:e6:bf:
1c:f4:16:cd:48:3a:ea:c9:3c:c2:fb:47:bd:ee:04:
6d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5B:E6:1C:95:BD:9A:9C:F5:B2:69:E3:FB:A1:E5:2E:D2:EA:3E:AB
X509v3 Authority Key Identifier:
keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/NFvmHJW9mpz1smnj-6HlLtLqPqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.232.0/24
185.167.234.0/24
Signature Algorithm: sha256WithRSAEncryption
67:61:99:6d:d7:eb:89:b2:6a:dd:7f:8b:3b:99:02:1e:f9:c4:
9f:2a:cf:2f:0f:cf:f5:eb:a2:54:35:2b:4e:1d:d8:a9:40:86:
7b:de:63:2c:ab:89:4e:a9:94:d4:aa:dd:3b:65:bf:bf:dc:08:
29:79:68:f2:ca:7b:ca:8e:45:51:ee:bc:09:c8:1e:ad:ed:81:
21:2d:02:56:2d:b5:df:3f:90:d3:44:4b:bd:78:e0:84:32:e5:
11:5d:93:4d:0a:d7:67:0c:42:40:70:da:8e:89:f0:20:aa:82:
c5:61:a6:f2:ae:ba:ff:0f:72:f7:f5:a9:05:a8:0a:ae:9e:93:
ef:f5:4b:08:78:0c:2e:de:50:da:16:95:a8:21:86:15:0e:9e:
13:e8:67:50:5e:7a:ea:ab:c2:e4:0e:4a:2d:7e:ba:9b:2d:42:
3e:ce:2e:ae:e9:6a:b3:d1:12:1d:62:3f:c2:c2:fc:37:d3:f5:
38:4d:6e:1b:de:bc:d5:64:66:49:9f:4c:d9:d9:bd:9b:a9:90:
14:4f:09:52:2d:26:57:a1:33:77:50:d6:da:8d:23:89:01:f3:
8d:f4:a7:28:e1:8d:7b:a2:bf:dc:05:a7:f0:e7:56:af:1f:03:
b8:54:1b:ba:fd:7a:42:32:0c:16:e8:fb:01:44:48:33:9f:fc:
31:96:7f:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJSe6iK/XvD1P7qIjpQezkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGIxNTE5MzgxNmZkMTVkY2ZkMDQ3ZGI0ZWVjYTY3Mjkx
MmJiNjAwHhcNMjQxMDAzMTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDViZTYxYzk1YmQ5YTljZjViMjY5ZTNmYmExZTUyZWQyZWEzZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj3UtvBC/+CJcq8ZdvZ9VSsQMScI
fmrVuS9mItXB6b2qu13hZrzthOObs2XOeYGamCfTcAJA48WJ6H1EgpGKj7eOA8YK
NtTbg9RfjF5HVWR69m42N47AhWAOt0tEfZ9y/HKCY6KnwrESZ6H7aSPGVTbNpiHg
9cDDh5fcEyJV0DMj3paTa/uSRLdf81d1vRI24NvRImspcJ+k/bWO14k8Fs6l6QKu
x1U2FcrfIcgQn/igHFHeI+Ufsbe6bd/sz2K/wd6ykIMaQwRQar4LrvD2LmhPGeV2
zb2x9QFm4BhmDD13YHZPl5aWqTb+KB3e5r8c9BbNSDrqyTzC+0e97gRtuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDRb5hyVvZqc9bJp4/uh5S7S6j6rMB8GA1UdIwQY
MBaAFG8LFRk4Fv0V3P0EfbTuymcpErtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYt
OWNmODQzZjA1NjcwLzEvTkZ2bUhKVzltcHoxc21uai02SGxMdExxUHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYtOWNmODQzZjA1Njcw
LzEvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuafoAwQA
uafqMA0GCSqGSIb3DQEBCwUAA4IBAQBnYZlt1+uJsmrdf4s7mQIe+cSfKs8vD8/1
66JUNStOHdipQIZ73mMsq4lOqZTUqt07Zb+/3AgpeWjyynvKjkVR7rwJyB6t7YEh
LQJWLbXfP5DTREu9eOCEMuURXZNNCtdnDEJAcNqOifAgqoLFYabyrrr/D3L39akF
qAqunpPv9UsIeAwu3lDaFpWoIYYVDp4T6GdQXnrqq8LkDkotfrqbLUI+zi6u6Wqz
0RIdYj/Cwvw30/U4TW4b3rzVZGZJn0zZ2b2bqZAUTwlSLSZXoTN3UNbajSOJAfON
9Kco4Y17or/cBafw51avHwO4VBu6/XpCMgwW6PsBREgzn/wxln/z
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:14:13 2024 by rpki-client on console-fra.rpki-client.org