Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/nthY-GN2UX1egRnrxFDWCJCrmQg.roa
File: nthY-GN2UX1egRnrxFDWCJCrmQg.roa (raw, json)
Hash identifier: IfWMJTcoccI8OPVTOuoe/1m88SsGwXfTF4/bsq5FxvU=
Subject key identifier: 9E:D8:58:F8:63:76:51:7D:5E:81:19:EB:C4:50:D6:08:90:AB:99:08
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 01856FDDC662CA35484A3BC5BE753F0F62B2
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/nthY-GN2UX1egRnrxFDWCJCrmQg.roa
Signing time: Mon 02 Jan 2023 00:24:43 +0000
ROA not before: Mon 02 Jan 2023 00:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62212
IP address blocks: 87.236.146.0/24 maxlen: 24
91.199.137.0/24 maxlen: 24
188.127.247.0/24 maxlen: 24
91.199.147.0/24 maxlen: 24
91.199.154.0/24 maxlen: 24
91.199.160.0/24 maxlen: 24
2a11:3b80::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:c6:62:ca:35:48:4a:3b:c5:be:75:3f:0f:62:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Jan 2 00:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ed858f86376517d5e8119ebc450d60890ab9908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:79:3c:0e:0d:84:17:dd:87:a7:11:4c:75:
83:d0:01:ad:57:d2:13:70:d5:5c:ab:27:08:3c:9e:
6f:2c:8f:25:b3:9e:29:28:d2:df:22:77:91:29:f8:
38:b8:3b:ac:7c:62:6b:c4:c9:7c:d8:d7:00:a3:00:
41:d2:f0:83:47:3f:30:0c:72:11:53:64:a4:3b:e1:
de:52:97:ec:53:b2:34:2b:5d:5b:9a:45:8d:d3:60:
63:65:fd:e2:ba:72:08:ef:36:19:a0:5d:5d:a9:c3:
8a:61:ef:5e:b6:de:b0:75:a7:c1:8b:60:13:32:79:
e0:9a:a9:0f:11:1c:ef:24:cf:13:49:b1:85:1d:fb:
38:19:3e:c5:42:94:bd:4c:79:b3:0e:6c:c3:2b:25:
27:57:fc:36:db:32:31:a1:98:db:68:f2:9b:3e:b4:
56:3d:9e:38:e5:28:07:48:b9:e4:54:05:1b:53:a8:
44:c4:c9:c5:a7:2c:88:86:58:c9:bc:05:96:3c:6e:
5c:cc:6a:b7:48:dd:7a:14:f7:40:15:d8:b8:64:33:
35:90:04:61:13:f7:8a:f5:59:7e:bc:77:ca:09:bb:
bf:a7:9a:46:0d:c6:91:bd:ff:fe:aa:8c:8d:4d:1a:
32:f5:af:1e:40:89:02:d0:d9:36:5c:a2:b6:04:1c:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D8:58:F8:63:76:51:7D:5E:81:19:EB:C4:50:D6:08:90:AB:99:08
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/nthY-GN2UX1egRnrxFDWCJCrmQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.146.0/24
91.199.137.0/24
91.199.147.0/24
91.199.154.0/24
91.199.160.0/24
188.127.247.0/24
IPv6:
2a11:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
18:e2:3c:8e:0b:bd:53:bc:af:c0:48:20:be:be:cf:fd:e5:bb:
e2:fa:79:40:6f:c9:5f:32:11:ef:03:b5:52:92:c7:b6:89:77:
5d:be:12:b8:f0:65:6d:c5:95:65:e3:b5:c1:ce:00:fa:8e:60:
3f:dd:d8:df:67:da:d8:e6:7a:0a:b0:00:70:da:58:a8:82:ed:
50:78:a4:8a:19:7d:54:80:90:e1:3c:65:a0:f4:74:d5:3c:bd:
92:4a:07:5e:a7:32:a2:15:64:07:b2:10:5c:12:1b:df:77:52:
cb:e3:d2:e0:5c:47:05:88:c9:84:cf:c0:b5:f9:d8:3b:8e:73:
b4:67:4b:49:b7:fd:c0:74:d6:fd:ba:f3:8b:f5:06:35:a4:bb:
d7:60:16:f6:a3:85:ad:4a:aa:45:d1:d9:c4:b3:f2:2e:50:3d:
6d:b0:31:67:b5:5f:8a:bb:07:5f:9b:42:90:65:5e:b3:b8:fd:
4b:c0:63:b5:a4:0c:15:d1:88:3b:03:e8:df:26:d0:bf:b9:19:
43:d9:26:48:0c:dc:f3:bb:6f:87:af:c0:c4:17:d4:83:7f:af:
88:0c:6a:aa:45:e3:5f:85:7d:f5:f5:82:d2:fe:80:d8:00:aa:
9c:13:24:29:03:aa:73:5d:b8:7c:a8:d4:d3:00:0c:d3:e8:ed:
0d:56:ab:60
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVv3cZiyjVISjvFvnU/D2KyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi
MzJjZjIwHhcNMjMwMTAyMDAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ4NThmODYzNzY1MTdkNWU4MTE5ZWJjNDUwZDYwODkwYWI5OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobZ5PA4NhBfdh6cRTHWD0AGtV9IT
cNVcqycIPJ5vLI8ls54pKNLfIneRKfg4uDusfGJrxMl82NcAowBB0vCDRz8wDHIR
U2SkO+HeUpfsU7I0K11bmkWN02BjZf3iunII7zYZoF1dqcOKYe9ett6wdafBi2AT
MnngmqkPERzvJM8TSbGFHfs4GT7FQpS9THmzDmzDKyUnV/w22zIxoZjbaPKbPrRW
PZ445SgHSLnkVAUbU6hExMnFpyyIhljJvAWWPG5czGq3SN16FPdAFdi4ZDM1kARh
E/eK9Vl+vHfKCbu/p5pGDcaRvf/+qoyNTRoy9a8eQIkC0Nk2XKK2BByPbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJ7YWPhjdlF9XoEZ68RQ1giQq5kIMB8GA1UdIwQY
MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt
YmU0MzRjYjlmOGY4LzEvbnRoWS1HTjJVWDFlZ1JucnhGRFdDSkNybVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4
LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAV+ySAwQA
W8eJAwQAW8eTAwQAW8eaAwQAW8egAwQAvH/3MA0EAgACMAcDBQMqETuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAY4jyOC71TvK/ASCC+vs/95bvi+nlAb8lfMhHvA7VSkse2
iXddvhK48GVtxZVl47XBzgD6jmA/3djfZ9rY5noKsABw2liogu1QeKSKGX1UgJDh
PGWg9HTVPL2SSgdepzKiFWQHshBcEhvfd1LL49LgXEcFiMmEz8C1+dg7jnO0Z0tJ
t/3AdNb9uvOL9QY1pLvXYBb2o4WtSqpF0dnEs/IuUD1tsDFntV+Kuwdfm0KQZV6z
uP1LwGO1pAwV0Yg7A+jfJtC/uRlD2SZIDNzzu2+Hr8DEF9SDf6+IDGqqReNfhX31
9YLS/oDYAKqcEyQpA6pzXbh8qNTTAAzT6O0NVqtg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-fra.rpki-client.org