Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NVsaOVQydSkpIZFYuNylECT1UZc.roa
File: NVsaOVQydSkpIZFYuNylECT1UZc.roa (raw, json)
Hash identifier: HcRujO5OaW8QD4YLvxfMDufc42K9EqwYIaOvmL66p7U=
Subject key identifier: 35:5B:1A:39:54:32:75:29:29:21:91:58:B8:DC:A5:10:24:F5:51:97
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0189FD646F135708515C9DD234A87F40F601
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NVsaOVQydSkpIZFYuNylECT1UZc.roa
Signing time: Wed 16 Aug 2023 08:09:24 +0000
ROA not before: Wed 16 Aug 2023 08:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 62.220.118.0/23 maxlen: 24
81.12.43.0/24 maxlen: 24
87.107.100.0/22 maxlen: 24
81.12.77.0/24 maxlen: 24
81.12.96.0/22 maxlen: 22
81.12.96.0/21 maxlen: 24
81.12.102.0/23 maxlen: 23
81.12.100.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:64:6f:13:57:08:51:5c:9d:d2:34:a8:7f:40:f6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Aug 16 08:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=355b1a395432752929219158b8dca51024f55197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fd:83:67:02:ec:65:dd:21:77:f1:f6:33:b1:
52:93:24:90:66:14:05:f3:56:c9:13:62:a6:89:4c:
22:e2:9b:66:27:53:6a:28:2a:bc:eb:f1:da:b7:25:
9d:e7:99:22:52:34:a8:1d:62:aa:6b:80:9c:18:45:
ec:31:f2:56:9b:02:25:10:b4:a1:3e:7e:1c:3b:f0:
c6:c2:da:aa:79:4a:f5:92:e1:a5:22:74:af:78:ba:
77:00:31:e9:44:c5:65:24:b2:f0:48:3a:4b:db:52:
e6:ea:5e:0c:6a:db:eb:bc:19:c3:38:80:d2:62:9e:
f3:95:0f:ba:e2:d0:15:0f:be:68:b4:c1:e2:e3:5c:
6b:21:c7:e9:ee:bc:43:2d:70:ef:c9:75:cf:c4:46:
73:86:b9:71:88:61:19:ea:fd:cd:4a:43:ef:f1:d7:
a4:57:b3:64:6a:29:ec:56:c6:e7:d0:25:ef:fc:50:
c2:12:ea:86:a4:54:6a:5e:90:c5:9e:ef:c4:17:1f:
1a:58:ab:31:f5:29:6d:c4:d5:bb:f0:a7:0b:aa:84:
22:3b:f6:50:85:5e:0a:8f:6c:fb:8a:21:a4:be:d8:
e4:b6:59:19:f6:d5:59:4b:c7:e5:05:87:ed:67:30:
09:ea:a8:10:da:d7:a2:df:f8:06:34:ea:d0:57:1e:
75:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5B:1A:39:54:32:75:29:29:21:91:58:B8:DC:A5:10:24:F5:51:97
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NVsaOVQydSkpIZFYuNylECT1UZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.118.0/23
81.12.43.0/24
81.12.77.0/24
81.12.96.0/21
87.107.100.0/22
Signature Algorithm: sha256WithRSAEncryption
58:d0:f3:f0:08:6b:f5:6b:53:fd:69:f0:1d:63:c7:3a:1b:90:
0b:96:00:d3:c9:41:b4:7f:61:c2:9a:73:91:a9:c3:49:54:e4:
f4:bc:ce:d6:d4:9d:1d:18:6a:ab:2d:b3:58:23:d6:18:bc:ae:
79:6b:01:6c:84:e1:2c:66:b7:ed:52:3f:cc:03:01:bf:29:7f:
db:0f:68:94:b5:e3:27:82:b3:16:59:01:4d:83:bd:22:7c:e5:
02:4c:b3:9f:89:30:bd:f4:6a:8b:35:1f:d8:44:64:4b:01:f1:
bc:58:80:36:77:8b:e1:16:69:9c:a8:d6:00:2e:1f:c4:73:f5:
34:7e:73:c2:34:64:30:2c:74:2d:e3:ca:c1:54:a4:39:7f:5e:
e7:a2:f5:71:89:2d:23:f7:eb:c3:c2:a2:53:83:49:1c:ae:2c:
ff:41:71:09:2b:86:6f:a3:85:63:dd:d3:2a:bf:f7:c7:8e:dc:
71:ea:12:de:a5:33:ff:18:c7:ae:d1:9b:bd:09:e8:d1:dc:af:
cf:90:72:a9:56:a2:4f:ac:fd:ad:c1:ac:66:c5:e0:72:2b:8b:
46:24:7a:ea:93:b9:6a:6e:6b:5a:f5:f7:44:ac:db:a7:e7:87:
11:c9:52:15:a1:17:25:22:60:f4:74:dd:d7:62:dd:a5:15:e1:
93:c8:12:54
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYn9ZG8TVwhRXJ3SNKh/QPYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwODE2MDgwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTViMWEzOTU0MzI3NTI5MjkyMTkxNThiOGRjYTUxMDI0ZjU1MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv2DZwLsZd0hd/H2M7FSkySQZhQF
81bJE2KmiUwi4ptmJ1NqKCq86/HatyWd55kiUjSoHWKqa4CcGEXsMfJWmwIlELSh
Pn4cO/DGwtqqeUr1kuGlInSveLp3ADHpRMVlJLLwSDpL21Lm6l4MatvrvBnDOIDS
Yp7zlQ+64tAVD75otMHi41xrIcfp7rxDLXDvyXXPxEZzhrlxiGEZ6v3NSkPv8dek
V7NkainsVsbn0CXv/FDCEuqGpFRqXpDFnu/EFx8aWKsx9SltxNW78KcLqoQiO/ZQ
hV4Kj2z7iiGkvtjktlkZ9tVZS8flBYftZzAJ6qgQ2tei3/gGNOrQVx51sQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDVbGjlUMnUpKSGRWLjcpRAk9VGXMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTlZzYU9WUXlkU2twSVpGWXVOeWxFQ1QxVVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBPtx2AwQA
UQwrAwQAUQxNAwQDUQxgAwQCV2tkMA0GCSqGSIb3DQEBCwUAA4IBAQBY0PPwCGv1
a1P9afAdY8c6G5ALlgDTyUG0f2HCmnORqcNJVOT0vM7W1J0dGGqrLbNYI9YYvK55
awFshOEsZrftUj/MAwG/KX/bD2iUteMngrMWWQFNg70ifOUCTLOfiTC99GqLNR/Y
RGRLAfG8WIA2d4vhFmmcqNYALh/Ec/U0fnPCNGQwLHQt48rBVKQ5f17novVxiS0j
9+vDwqJTg0kcriz/QXEJK4Zvo4Vj3dMqv/fHjtxx6hLepTP/GMeu0Zu9CejR3K/P
kHKpVqJPrP2twaxmxeByK4tGJHrqk7lqbmta9fdErNun54cRyVIVoRclImD0dN3X
Yt2lFeGTyBJU
-----END CERTIFICATE-----
Generated at Mon Nov 27 09:11:09 2023 by rpki-client on console-ams.rpki-client.org