Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/nu8D3KMPtRz4b5S5rZtoecLjhOA.roa
File: nu8D3KMPtRz4b5S5rZtoecLjhOA.roa (raw, json)
Hash identifier: /RmTSxf0GRrexFpP5etrudpTuarUHt/VKhdjkD3PsNg=
Subject key identifier: 9E:EF:03:DC:A3:0F:B5:1C:F8:6F:94:B9:AD:9B:68:79:C2:E3:84:E0
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 018CC5DC6B921D934947E34AF41A6842EF83
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/nu8D3KMPtRz4b5S5rZtoecLjhOA.roa
Signing time: Mon 01 Jan 2024 16:30:06 +0000
ROA not before: Mon 01 Jan 2024 16:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28715
IP address blocks: 185.104.122.0/24 maxlen: 24
185.104.123.0/24 maxlen: 24
185.104.120.0/22 maxlen: 22
185.104.120.0/24 maxlen: 24
185.104.121.0/24 maxlen: 24
2a06:3000:1::/48 maxlen: 48
2a06:3000::/29 maxlen: 29
2a06:3000:2::/48 maxlen: 48
2a06:3000:1000::/36 maxlen: 36
2a06:3000::/36 maxlen: 36
2a06:3000::/48 maxlen: 48
2a06:3000:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 00:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:6b:92:1d:93:49:47:e3:4a:f4:1a:68:42:ef:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Jan 1 16:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eef03dca30fb51cf86f94b9ad9b6879c2e384e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b9:ef:18:d9:23:7f:7a:61:4f:fb:54:77:d7:
c9:7d:67:c3:bc:fd:ba:ee:dc:a9:97:2d:da:58:b2:
1f:da:28:c7:cb:93:b6:9c:df:9f:cc:87:08:83:05:
9e:65:61:f9:bf:75:39:8a:6e:c5:ac:b2:d5:37:70:
0c:2d:74:04:06:0f:14:56:62:78:e2:39:6e:5c:d4:
6a:6f:89:b3:d2:33:c8:25:ba:ea:c0:10:1e:21:9d:
8b:8b:fa:37:3d:8b:39:ce:57:09:33:6d:9b:ad:4b:
07:56:4a:ab:9b:da:f9:4b:76:6a:2b:f4:80:bd:9d:
c7:bb:6e:51:bc:2e:05:73:62:16:b0:7e:8b:ba:f2:
10:c8:35:e2:8f:4b:01:62:67:63:41:e0:af:0b:46:
49:65:5b:86:54:0d:9a:1e:4b:a9:89:9e:73:f7:b9:
f7:9d:42:b1:0b:b1:a6:1e:a6:5e:c1:4c:a5:36:b7:
b2:fa:46:e5:b5:f5:5b:91:0f:f2:56:7d:e3:3f:e4:
92:b4:8c:68:bd:0a:0b:5b:07:05:bd:54:f9:21:4f:
d5:b6:8a:08:7f:eb:f5:63:32:f7:6b:bd:26:c1:0f:
eb:40:37:87:63:f1:9d:48:bd:4d:dd:22:b0:d3:4a:
d0:f6:16:a6:4e:b5:8c:1a:2c:5a:80:a6:cb:51:7a:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EF:03:DC:A3:0F:B5:1C:F8:6F:94:B9:AD:9B:68:79:C2:E3:84:E0
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/nu8D3KMPtRz4b5S5rZtoecLjhOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.120.0/22
IPv6:
2a06:3000::/29
Signature Algorithm: sha256WithRSAEncryption
ac:93:64:3c:30:56:49:94:8b:8f:c6:6b:e6:94:b0:cf:b1:4d:
0e:e1:e6:53:3c:11:64:23:08:f3:cd:28:f9:54:d7:b9:03:f8:
86:c4:ef:8b:b9:ef:62:fd:bc:20:e0:60:08:80:29:c0:e4:18:
6a:c4:e3:74:ed:2c:4d:99:74:83:fd:34:33:cc:8f:5d:78:3b:
58:08:20:ab:a4:b8:84:f5:82:cb:76:a1:c7:58:05:c0:0a:f2:
f8:df:b6:27:f2:37:de:e4:0b:56:07:60:12:97:08:1a:40:cd:
6b:69:d1:18:24:94:ba:52:58:47:82:20:a5:a2:29:51:36:77:
24:44:59:22:b6:d9:cf:4e:12:98:28:41:a0:39:67:86:d0:e6:
99:44:ba:0c:bc:6c:01:da:f9:e1:78:74:aa:ca:5a:bf:f3:3e:
34:e2:81:cb:6a:ed:cc:d6:67:af:39:1d:e7:e1:a8:36:2b:4b:
6f:dc:20:af:9c:4e:47:02:03:52:82:cc:ee:ca:e0:60:a8:1c:
10:ee:3d:47:fc:a8:a0:64:be:49:f1:1e:eb:eb:e8:90:e4:e5:
12:ee:0d:33:a7:59:1d:6f:5c:ce:37:4f:77:92:4d:d3:a4:35:
5a:d4:99:96:ac:44:25:e2:24:c7:13:a5:ac:d2:79:dd:19:81:
c0:00:94:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3GuSHZNJR+NK9BpoQu+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjQwMTAxMTYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVmMDNkY2EzMGZiNTFjZjg2Zjk0YjlhZDliNjg3OWMyZTM4NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLnvGNkjf3phT/tUd9fJfWfDvP26
7typly3aWLIf2ijHy5O2nN+fzIcIgwWeZWH5v3U5im7FrLLVN3AMLXQEBg8UVmJ4
4jluXNRqb4mz0jPIJbrqwBAeIZ2Li/o3PYs5zlcJM22brUsHVkqrm9r5S3ZqK/SA
vZ3Hu25RvC4Fc2IWsH6LuvIQyDXij0sBYmdjQeCvC0ZJZVuGVA2aHkupiZ5z97n3
nUKxC7GmHqZewUylNrey+kbltfVbkQ/yVn3jP+SStIxovQoLWwcFvVT5IU/VtooI
f+v1YzL3a70mwQ/rQDeHY/GdSL1N3SKw00rQ9hamTrWMGixagKbLUXrbQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7vA9yjD7Uc+G+Uua2baHnC44TgMB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvbnU4RDNLTVB0Uno0YjVTNXJadG9lY0xqaE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWh4MA0E
AgACMAcDBQMqBjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCsk2Q8MFZJlIuPxmvmlLDP
sU0O4eZTPBFkIwjzzSj5VNe5A/iGxO+Lue9i/bwg4GAIgCnA5BhqxON07SxNmXSD
/TQzzI9deDtYCCCrpLiE9YLLdqHHWAXACvL437Yn8jfe5AtWB2ASlwgaQM1radEY
JJS6UlhHgiCloilRNnckRFkittnPThKYKEGgOWeG0OaZRLoMvGwB2vnheHSqylq/
8z404oHLau3M1mevOR3n4ag2K0tv3CCvnE5HAgNSgszuyuBgqBwQ7j1H/KigZL5J
8R7r6+iQ5OUS7g0zp1kdb1zON093kk3TpDVa1JmWrEQl4iTHE6Ws0nndGYHAAJTt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org