Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa
File: NKRjNocUklS4dC9NRkp7i6EiUuc.roa (raw, json)
Hash identifier: jwEaY/NemfIFC2K1Y7Y0tyQN6/gyQSXRFjSxvr9ymnQ=
Subject key identifier: 34:A4:63:36:87:14:92:54:B8:74:2F:4D:46:4A:7B:8B:A1:22:52:E7
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018910B3FB6040C288B8ED5EAC923C8A426A
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa
Signing time: Sat 01 Jul 2023 09:06:18 +0000
ROA not before: Sat 01 Jul 2023 09:06:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45027
IP address blocks: 31.129.30.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
77.83.117.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 08:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:10:b3:fb:60:40:c2:88:b8:ed:5e:ac:92:3c:8a:42:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 1 09:06:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a4633687149254b8742f4d464a7b8ba12252e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:e0:27:71:28:f8:8b:a5:b9:27:24:df:16:
36:1b:e6:1b:aa:bf:53:fb:10:0b:89:d0:9d:f1:f6:
64:4e:18:51:59:d8:4c:79:af:60:e5:0a:cc:b4:45:
5e:a7:55:53:d6:04:d7:99:a4:e1:6f:21:43:58:71:
72:69:53:ac:f5:7d:a6:b2:48:e0:b2:61:54:82:bf:
76:69:02:d3:dc:10:22:13:66:97:7e:91:90:06:31:
34:78:79:39:d8:25:11:84:a7:f9:42:91:cc:68:9a:
2e:15:3d:45:18:73:1a:13:4a:95:f6:fd:24:6d:c1:
a9:82:41:58:4e:e3:3e:98:b2:b3:c7:99:7e:ca:ad:
26:bb:c1:22:12:35:27:01:4a:bf:0f:04:d3:4b:5d:
c0:45:48:bc:e9:98:2c:33:67:6b:2b:ff:84:8a:83:
e3:c0:23:19:a4:92:74:b3:b5:9d:f0:5d:34:e3:9f:
dc:6e:4d:fd:ab:83:df:da:fd:2e:c3:12:c7:5f:3f:
98:f5:bf:19:d5:03:57:93:16:39:ad:15:33:51:6e:
91:6b:44:e2:a4:d6:56:ab:01:f9:57:87:8e:ca:06:
be:56:da:e6:51:b4:85:81:e5:97:63:ac:65:8f:6f:
0d:bc:39:59:7a:7e:70:bd:ef:2c:a7:e7:cd:14:96:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A4:63:36:87:14:92:54:B8:74:2F:4D:46:4A:7B:8B:A1:22:52:E7
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.30.0/24
77.83.117.0/24
92.118.112.0/24
141.98.233.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:3f:16:c9:7a:1a:13:9a:8d:96:67:0e:e3:0b:d6:7f:13:ce:
80:ab:07:4b:00:0d:00:e2:a9:68:5b:d0:24:ec:76:0f:e9:f6:
fb:f2:1e:b4:84:48:ed:da:0b:5b:38:cc:7a:66:87:08:cb:0f:
0c:0c:81:b3:7a:af:57:4f:f3:36:9a:d2:2e:b6:7f:4d:58:ab:
63:81:10:d2:c0:76:85:a7:84:02:d8:5a:61:00:e2:ae:ce:22:
37:2e:60:b9:b2:ef:ef:51:e7:5e:76:d9:95:10:01:b2:e8:4c:
6b:21:32:29:67:27:21:58:10:cf:71:89:68:b0:fa:27:15:c9:
d8:ba:d0:28:cc:15:37:a8:0a:f5:27:3f:5f:27:ea:96:53:56:
17:96:24:a5:83:b7:af:52:a8:7a:77:47:ab:96:67:2f:34:89:
17:f5:83:14:7f:01:9e:25:d5:8f:9f:ea:8a:84:66:1c:2d:f1:
cb:66:31:98:ce:65:04:35:c5:a7:c5:ba:99:8e:ab:a5:5d:0b:
a5:82:88:50:bc:2d:11:0b:3d:81:b9:d2:39:9d:fe:68:3a:3c:
0a:cd:c3:e1:08:59:59:cd:62:aa:a0:97:7d:56:75:1a:38:1d:
b5:50:2b:37:2f:ad:83:b9:f5:f9:8f:ed:a3:57:bd:73:1e:e5:
a9:ae:bb:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkQs/tgQMKIuO1erJI8ikJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzAxMDkwNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE0NjMzNjg3MTQ5MjU0Yjg3NDJmNGQ0NjRhN2I4YmExMjI1MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyngJ3Eo+IuluSck3xY2G+Ybqr9T
+xALidCd8fZkThhRWdhMea9g5QrMtEVep1VT1gTXmaThbyFDWHFyaVOs9X2mskjg
smFUgr92aQLT3BAiE2aXfpGQBjE0eHk52CURhKf5QpHMaJouFT1FGHMaE0qV9v0k
bcGpgkFYTuM+mLKzx5l+yq0mu8EiEjUnAUq/DwTTS13ARUi86ZgsM2drK/+EioPj
wCMZpJJ0s7Wd8F0045/cbk39q4Pf2v0uwxLHXz+Y9b8Z1QNXkxY5rRUzUW6Ra0Ti
pNZWqwH5V4eOyga+VtrmUbSFgeWXY6xlj28NvDlZen5wve8sp+fNFJZF1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDSkYzaHFJJUuHQvTUZKe4uhIlLnMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTktSak5vY1VrbFM0ZEM5TlJrcDdpNkVpVXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4EeAwQA
TVN1AwQAXHZwAwQAjWLpMA0GCSqGSIb3DQEBCwUAA4IBAQBuPxbJehoTmo2WZw7j
C9Z/E86AqwdLAA0A4qloW9Ak7HYP6fb78h60hEjt2gtbOMx6ZocIyw8MDIGzeq9X
T/M2mtIutn9NWKtjgRDSwHaFp4QC2FphAOKuziI3LmC5su/vUededtmVEAGy6Exr
ITIpZychWBDPcYlosPonFcnYutAozBU3qAr1Jz9fJ+qWU1YXliSlg7evUqh6d0er
lmcvNIkX9YMUfwGeJdWPn+qKhGYcLfHLZjGYzmUENcWnxbqZjqulXQulgohQvC0R
Cz2BudI5nf5oOjwKzcPhCFlZzWKqoJd9VnUaOB21UCs3L62DufX5j+2jV71zHuWp
rrvk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org