Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/NgMWG_z9uSf2wxc-g2doJalHk9A.roa
File: NgMWG_z9uSf2wxc-g2doJalHk9A.roa (raw, json)
Hash identifier: G+ee2+bpFZvVcxZxUbswLACFL4nggJaHhQjM8FtcvIA=
Subject key identifier: 36:03:16:1B:FC:FD:B9:27:F6:C3:17:3E:83:67:68:25:A9:47:93:D0
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 01856D786F5ED6FA2C7FA2DD74C165523066
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/NgMWG_z9uSf2wxc-g2doJalHk9A.roa
Signing time: Sun 01 Jan 2023 13:14:47 +0000
ROA not before: Sun 01 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12463
IP address blocks: 213.215.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:6f:5e:d6:fa:2c:7f:a2:dd:74:c1:65:52:30:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 1 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3603161bfcfdb927f6c3173e83676825a94793d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:7a:cd:00:1d:13:17:d0:db:ab:88:a9:fb:
ce:25:79:1b:29:88:7a:f0:c0:78:53:7d:f0:8f:33:
f6:c7:bd:1c:7e:a2:1a:9d:e7:e0:16:f7:c6:da:53:
cb:c5:bf:c1:ea:a1:3a:ba:bf:ac:b7:8e:f5:8b:72:
5a:2a:f1:ae:79:17:8e:f7:28:6a:ea:87:b4:28:98:
16:d4:84:1a:26:8a:75:d1:a8:21:ca:88:9a:4e:84:
94:ae:0d:0c:b3:c7:c2:de:2f:c7:b4:e0:f9:a6:38:
db:97:92:f4:96:b9:47:ea:32:14:44:36:68:70:78:
64:f1:aa:2a:75:0f:df:6d:95:f9:45:d1:8b:95:25:
3f:73:c8:47:45:c3:e2:b1:17:ae:44:c6:45:6e:6e:
fe:01:f9:28:49:bc:45:1b:ed:9b:32:0b:08:7d:6d:
d3:70:76:67:38:a9:bb:43:6b:c2:5f:e7:d3:fc:13:
45:39:22:c8:4e:92:2b:e9:6c:9f:bd:e1:fc:49:6f:
a1:64:32:32:b9:a7:5b:5e:f4:aa:29:3b:0f:32:36:
49:b5:d0:14:d7:f4:cb:87:b0:12:14:ee:0d:dd:00:
fd:3c:33:f5:ee:21:08:32:c4:e4:01:6d:6a:75:4e:
c9:a0:c5:94:5f:d5:7c:6e:ec:89:27:d3:12:30:f3:
16:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:03:16:1B:FC:FD:B9:27:F6:C3:17:3E:83:67:68:25:A9:47:93:D0
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/NgMWG_z9uSf2wxc-g2doJalHk9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.215.38.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f4:fd:6d:de:5c:f9:37:ac:14:39:91:63:60:64:8c:ec:a6:
58:bb:c0:4b:17:c5:55:1d:7a:57:35:e9:e6:4d:51:a4:30:69:
2f:ca:1a:e3:79:94:2d:61:de:34:55:36:1f:96:cd:33:a1:ea:
49:e5:83:8c:bb:1e:09:68:7c:38:ea:bf:7d:eb:67:12:c3:e4:
d3:02:8b:24:a0:ef:22:ad:14:cb:ee:be:20:92:32:00:bb:17:
eb:8b:53:c8:4d:9e:f3:19:06:cd:a8:98:7c:b7:66:ab:0d:81:
36:5f:9e:0e:96:ab:dd:8b:20:51:b6:14:9b:48:fc:fc:5c:90:
f3:20:c1:d3:e1:85:3a:44:2a:a6:d8:33:fc:7e:d9:b0:c1:26:
77:74:d9:96:c2:25:00:b6:d8:fb:4e:dc:ae:dc:f3:97:39:57:
06:c3:09:85:40:1e:5b:93:dc:af:fa:31:8d:8f:c5:ee:03:c0:
a8:3c:57:ae:53:c1:e1:ab:62:8f:0b:f8:40:9f:2f:de:68:55:
ce:16:bd:56:cc:82:31:04:1f:e5:cf:5a:1e:f4:da:d9:41:06:
19:e5:6f:5f:6b:68:bb:9b:ea:2e:15:18:9b:72:b5:17:5a:04:
1e:bb:91:23:9e:a4:6f:0a:f2:c9:fc:f3:11:b3:4a:b3:c0:b5:
3e:18:2e:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteG9e1vosf6LddMFlUjBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjMwMTAxMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjAzMTYxYmZjZmRiOTI3ZjZjMzE3M2U4MzY3NjgyNWE5NDc5M2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz16zQAdExfQ26uIqfvOJXkbKYh6
8MB4U33wjzP2x70cfqIanefgFvfG2lPLxb/B6qE6ur+st471i3JaKvGueReO9yhq
6oe0KJgW1IQaJop10aghyoiaToSUrg0Ms8fC3i/HtOD5pjjbl5L0lrlH6jIURDZo
cHhk8aoqdQ/fbZX5RdGLlSU/c8hHRcPisReuRMZFbm7+AfkoSbxFG+2bMgsIfW3T
cHZnOKm7Q2vCX+fT/BNFOSLITpIr6WyfveH8SW+hZDIyuadbXvSqKTsPMjZJtdAU
1/TLh7ASFO4N3QD9PDP17iEIMsTkAW1qdU7JoMWUX9V8buyJJ9MSMPMW8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYDFhv8/bkn9sMXPoNnaCWpR5PQMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvTmdNV0dfejl1U2Yyd3hjLWcyZG9KYWxIazlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dcmMA0G
CSqGSIb3DQEBCwUAA4IBAQAC9P1t3lz5N6wUOZFjYGSM7KZYu8BLF8VVHXpXNenm
TVGkMGkvyhrjeZQtYd40VTYfls0zoepJ5YOMux4JaHw46r9962cSw+TTAoskoO8i
rRTL7r4gkjIAuxfri1PITZ7zGQbNqJh8t2arDYE2X54OlqvdiyBRthSbSPz8XJDz
IMHT4YU6RCqm2DP8ftmwwSZ3dNmWwiUAttj7Ttyu3POXOVcGwwmFQB5bk9yv+jGN
j8XuA8CoPFeuU8Hhq2KPC/hAny/eaFXOFr1WzIIxBB/lz1oe9NrZQQYZ5W9fa2i7
m+ouFRibcrUXWgQeu5EjnqRvCvLJ/PMRs0qzwLU+GC4r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:27 2024 by rpki-client on console-fra.rpki-client.org