Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/nXUB6fAi9Dxe5aH7RhB0HiNFz5s.roa
File: nXUB6fAi9Dxe5aH7RhB0HiNFz5s.roa (raw, json)
Hash identifier: xaVSzalqHuvoiGCjeq3TnoGUuSwhEM81PPQ11hgS0A4=
Subject key identifier: 9D:75:01:E9:F0:22:F4:3C:5E:E5:A1:FB:46:10:74:1E:23:45:CF:9B
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 018A01EE664D11E296A3F1876222AA14ADF0
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/nXUB6fAi9Dxe5aH7RhB0HiNFz5s.roa
Signing time: Thu 17 Aug 2023 05:18:35 +0000
ROA not before: Thu 17 Aug 2023 05:18:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.137.164.0/24 maxlen: 24
185.184.219.0/24 maxlen: 24
5.180.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 11:02:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:01:ee:66:4d:11:e2:96:a3:f1:87:62:22:aa:14:ad:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Aug 17 05:18:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d7501e9f022f43c5ee5a1fb4610741e2345cf9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:f5:74:67:f0:a1:76:d9:f2:a2:6e:0f:28:
6a:a8:ae:01:9d:c5:d4:4a:81:be:9a:15:4b:aa:f1:
d9:0d:16:03:30:b6:87:0a:61:52:58:2b:90:33:85:
e3:27:4f:2c:4c:fa:a6:63:bc:46:2c:f7:5f:6b:f0:
5e:c2:25:e0:e2:3a:24:6e:3b:87:a9:49:16:4e:51:
4b:a9:2b:6a:bc:b4:ef:36:3b:e8:9d:1b:48:23:65:
de:b2:ca:68:f6:43:73:90:5b:47:55:ef:89:40:23:
d3:46:bc:2c:2d:ad:1a:9b:e2:91:78:f5:4f:3f:02:
87:bd:4d:89:ef:9f:47:2f:9f:78:82:b4:52:4c:46:
a9:99:a8:1c:6c:76:64:b6:1c:ad:08:44:cd:da:0a:
18:ea:38:dd:1f:67:26:6c:25:ef:c7:c0:12:a3:82:
be:3c:ee:77:ba:42:ff:5c:0f:a6:20:0d:5d:6b:a4:
fa:28:ce:3d:44:e9:b2:cb:f1:b0:fb:cd:40:af:fd:
9e:60:59:65:5d:b4:d7:dc:85:0d:e8:26:a7:fc:36:
bd:89:b5:c1:fe:3f:81:d9:55:62:43:bd:33:f1:13:
cf:3c:73:69:26:16:f6:57:e2:b4:f1:50:8d:a1:d3:
2c:3f:a2:84:ab:b1:3e:bf:68:fe:00:ce:5f:a7:3f:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:75:01:E9:F0:22:F4:3C:5E:E5:A1:FB:46:10:74:1E:23:45:CF:9B
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/nXUB6fAi9Dxe5aH7RhB0HiNFz5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
185.137.164.0/24
185.184.219.0/24
Signature Algorithm: sha256WithRSAEncryption
63:eb:ba:36:5e:da:8d:da:ff:06:fc:2c:f3:38:11:ad:79:f6:
65:c5:a9:83:16:a4:41:64:fc:68:df:9e:3d:9e:64:b2:bd:09:
29:bf:da:72:e4:da:55:26:df:79:1b:62:58:21:8d:5f:1a:8a:
2a:c3:54:2d:86:e5:cb:91:93:ae:40:ea:54:94:8d:86:20:1a:
7f:f3:d1:04:f1:f6:f5:6d:7e:1d:0a:e2:65:41:33:11:19:ff:
a8:06:3d:47:cc:f9:b0:cb:c8:b2:61:90:7e:a2:50:85:fd:35:
da:80:f7:72:d7:19:ed:05:56:23:99:23:f4:22:b7:09:8d:a1:
2d:66:e1:ff:7f:63:43:51:bd:a1:c4:02:fe:73:52:02:11:fa:
93:7c:d8:00:a7:3e:2d:b3:59:37:8d:4d:c1:16:4e:e7:3f:cf:
19:bf:08:c9:c0:f8:77:09:3a:3f:7e:04:89:fe:6e:bd:24:16:
7e:19:d6:a1:f5:ae:04:5f:46:90:e7:ab:be:88:de:15:75:9c:
f8:ea:8e:18:ca:6f:75:a0:6e:05:a4:0e:67:80:13:d9:f4:c2:
fe:34:1c:46:67:98:5a:91:b8:f7:cd:62:cc:57:86:81:06:b1:
62:91:c8:23:ed:63:d0:b9:30:96:8c:75:e0:39:17:2e:e6:7a:
be:19:f7:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoB7mZNEeKWo/GHYiKqFK3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMwODE3MDUxODM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc1MDFlOWYwMjJmNDNjNWVlNWExZmI0NjEwNzQxZTIzNDVjZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkD1dGfwoXbZ8qJuDyhqqK4BncXU
SoG+mhVLqvHZDRYDMLaHCmFSWCuQM4XjJ08sTPqmY7xGLPdfa/BewiXg4jokbjuH
qUkWTlFLqStqvLTvNjvonRtII2Xesspo9kNzkFtHVe+JQCPTRrwsLa0am+KRePVP
PwKHvU2J759HL594grRSTEapmagcbHZkthytCETN2goY6jjdH2cmbCXvx8ASo4K+
PO53ukL/XA+mIA1da6T6KM49ROmyy/Gw+81Ar/2eYFllXbTX3IUN6Can/Da9ibXB
/j+B2VViQ70z8RPPPHNpJhb2V+K08VCNodMsP6KEq7E+v2j+AM5fpz/WMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ11AenwIvQ8XuWh+0YQdB4jRc+bMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvblhVQjZmQWk5RHhlNWFIN1JoQjBIaU5GejVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbSzAwQA
uYmkAwQAubjbMA0GCSqGSIb3DQEBCwUAA4IBAQBj67o2XtqN2v8G/CzzOBGtefZl
xamDFqRBZPxo3549nmSyvQkpv9py5NpVJt95G2JYIY1fGooqw1QthuXLkZOuQOpU
lI2GIBp/89EE8fb1bX4dCuJlQTMRGf+oBj1HzPmwy8iyYZB+olCF/TXagPdy1xnt
BVYjmSP0IrcJjaEtZuH/f2NDUb2hxAL+c1ICEfqTfNgApz4ts1k3jU3BFk7nP88Z
vwjJwPh3CTo/fgSJ/m69JBZ+Gdah9a4EX0aQ56u+iN4VdZz46o4Yym91oG4FpA5n
gBPZ9ML+NBxGZ5hakbj3zWLMV4aBBrFikcgj7WPQuTCWjHXgORcu5nq+Gff+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org