Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/NtyX_WGKxCJGg6nJmQlpy_EKLKY.roa
File: NtyX_WGKxCJGg6nJmQlpy_EKLKY.roa (raw, json)
Hash identifier: 4AmLujlJ2a4BR6uNL6ZO4kWI5RyQaI5HolZGONKcSLc=
Subject key identifier: 36:DC:97:FD:61:8A:C4:22:46:83:A9:C9:99:09:69:CB:F1:0A:2C:A6
Certificate issuer: /CN=382c67b4ab4af86fe61ea8c6e17d11e3e05d0a51
Certificate serial: 018571308B5C58390BBD855AD801C86ACF7F
Authority key identifier: 38:2C:67:B4:AB:4A:F8:6F:E6:1E:A8:C6:E1:7D:11:E3:E0:5D:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCxntKtK-G_mHqjG4X0R4-BdClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/NtyX_WGKxCJGg6nJmQlpy_EKLKY.roa
Signing time: Mon 02 Jan 2023 06:34:44 +0000
ROA not before: Mon 02 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41743
IP address blocks: 176.115.136.0/24 maxlen: 24
176.115.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:8b:5c:58:39:0b:bd:85:5a:d8:01:c8:6a:cf:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382c67b4ab4af86fe61ea8c6e17d11e3e05d0a51
Validity
Not Before: Jan 2 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36dc97fd618ac4224683a9c9990969cbf10a2ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:29:06:11:25:dd:ad:43:56:b8:d3:44:1a:58:
4c:3a:83:35:ad:8f:d9:09:d3:ae:62:db:4c:70:e8:
bc:74:8b:c9:84:93:84:f9:dc:ba:91:5a:22:d2:52:
38:a4:f5:b6:23:8f:e2:c1:fe:9a:cd:f4:3f:c9:b9:
86:25:56:63:14:1a:9c:b8:cd:3f:25:dc:91:de:9d:
09:24:c7:86:d8:d8:67:67:2c:57:5e:14:5c:11:d6:
9b:e3:b1:e7:43:ae:a2:e3:d0:39:8f:0c:6d:da:34:
fb:74:16:87:13:87:89:07:cd:f6:fe:43:b4:45:2f:
32:b9:56:87:5e:58:29:f2:47:72:f3:05:be:3d:c9:
7f:10:35:dc:51:26:3d:2f:25:17:12:dd:88:c9:11:
47:52:22:88:13:3c:e7:48:65:1c:f4:0a:e5:6f:cc:
b1:0a:9f:cb:a1:79:7d:b1:5a:4b:f5:a5:9e:d8:d2:
87:40:dd:ab:7a:46:4d:65:79:fa:8a:ec:27:85:6f:
e1:4c:f2:a0:b4:2c:54:75:3f:f9:25:a8:b4:2a:a1:
f8:3a:c7:e1:a2:9a:ac:76:2d:b2:ca:8f:4d:17:2d:
79:e9:78:c7:f1:e3:6e:79:02:30:11:48:6a:02:b3:
9a:c0:66:d2:f3:45:43:d9:16:51:96:0f:07:38:8e:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DC:97:FD:61:8A:C4:22:46:83:A9:C9:99:09:69:CB:F1:0A:2C:A6
X509v3 Authority Key Identifier:
keyid:38:2C:67:B4:AB:4A:F8:6F:E6:1E:A8:C6:E1:7D:11:E3:E0:5D:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCxntKtK-G_mHqjG4X0R4-BdClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/NtyX_WGKxCJGg6nJmQlpy_EKLKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/OCxntKtK-G_mHqjG4X0R4-BdClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.115.136.0/21
Signature Algorithm: sha256WithRSAEncryption
75:de:70:3a:75:4e:10:24:84:3c:3a:08:32:24:f0:18:eb:ef:
51:d2:7a:5b:7a:c8:e8:6f:bf:9b:d7:7f:40:2e:4b:c8:30:40:
26:b5:e9:99:e0:69:b0:42:f2:94:16:35:55:7e:89:f1:58:69:
78:de:ca:71:c9:c4:66:b5:d4:42:01:bb:c2:17:23:15:92:ea:
9e:14:87:f4:63:c1:79:c0:20:d9:72:1e:04:d4:a4:61:c6:7b:
f9:4f:f0:4f:ef:70:59:35:ed:cb:2e:27:19:b3:ed:7f:57:94:
42:17:99:25:70:61:fd:de:4d:1a:6a:a1:25:0d:46:9e:cd:89:
dc:ed:da:6e:c0:7b:68:d8:47:0b:f9:e5:10:0a:bc:28:0a:78:
96:b4:93:f3:76:2a:33:1c:9b:72:7c:16:d5:82:db:0c:11:99:
5f:54:bf:ad:8a:ba:1f:f8:0a:78:8f:8b:d6:ae:02:9b:ff:cd:
86:c3:ea:d9:cc:da:22:f4:de:2e:61:0b:6e:ec:41:78:66:38:
b8:96:7a:d9:12:62:34:40:97:df:8e:66:20:9a:08:20:31:dd:
e4:8e:1e:6b:29:ff:d1:57:1c:f9:a8:a3:72:b4:85:2a:9c:13:
5b:35:66:ec:7c:2f:19:af:df:f6:1b:b7:cc:4d:3d:5e:4b:9e:
03:66:d8:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMItcWDkLvYVa2AHIas9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmM2N2I0YWI0YWY4NmZlNjFlYThjNmUxN2QxMWUzZTA1
ZDBhNTEwHhcNMjMwMTAyMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRjOTdmZDYxOGFjNDIyNDY4M2E5Yzk5OTA5NjljYmYxMGEyY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SkGESXdrUNWuNNEGlhMOoM1rY/Z
CdOuYttMcOi8dIvJhJOE+dy6kVoi0lI4pPW2I4/iwf6azfQ/ybmGJVZjFBqcuM0/
JdyR3p0JJMeG2NhnZyxXXhRcEdab47HnQ66i49A5jwxt2jT7dBaHE4eJB832/kO0
RS8yuVaHXlgp8kdy8wW+Pcl/EDXcUSY9LyUXEt2IyRFHUiKIEzznSGUc9Arlb8yx
Cp/LoXl9sVpL9aWe2NKHQN2rekZNZXn6iuwnhW/hTPKgtCxUdT/5Jai0KqH4Osfh
opqsdi2yyo9NFy156XjH8eNueQIwEUhqArOawGbS80VD2RZRlg8HOI7oAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbcl/1hisQiRoOpyZkJacvxCiymMB8GA1UdIwQY
MBaAFDgsZ7SrSvhv5h6oxuF9EePgXQpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0N4bnRLdEstR19tSHFqRzRYMFI0LUJkQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wYzY3MTYtMTcxNS00MzIwLWFhMjUt
Mjc5OTA2ZWI1Yzg1LzEvTnR5WF9XR0t4Q0pHZzZuSm1RbHB5X0VLTEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wYzY3MTYtMTcxNS00MzIwLWFhMjUtMjc5OTA2ZWI1Yzg1
LzEvT0N4bnRLdEstR19tSHFqRzRYMFI0LUJkQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHOIMA0G
CSqGSIb3DQEBCwUAA4IBAQB13nA6dU4QJIQ8OggyJPAY6+9R0npbesjob7+b139A
LkvIMEAmtemZ4GmwQvKUFjVVfonxWGl43spxycRmtdRCAbvCFyMVkuqeFIf0Y8F5
wCDZch4E1KRhxnv5T/BP73BZNe3LLicZs+1/V5RCF5klcGH93k0aaqElDUaezYnc
7dpuwHto2EcL+eUQCrwoCniWtJPzdiozHJtyfBbVgtsMEZlfVL+tirof+Ap4j4vW
rgKb/82Gw+rZzNoi9N4uYQtu7EF4Zji4lnrZEmI0QJffjmYgmgggMd3kjh5rKf/R
Vxz5qKNytIUqnBNbNWbsfC8Zr9/2G7fMTT1eS54DZtjt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org