Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/nsJ8BEbqCr5yOuNbmpQp1_30aXE.roa
File: nsJ8BEbqCr5yOuNbmpQp1_30aXE.roa (raw, json)
Hash identifier: Qp+JRZ0TKQN7PpKUSJ79r6C6CuVPa2K/IhYRYOkDDwA=
Subject key identifier: 9E:C2:7C:04:46:EA:0A:BE:72:3A:E3:5B:9A:94:29:D7:FD:F4:69:71
Certificate issuer: /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Certificate serial: 0189BAE9498A1479E809C3CBFB9906AC36DF
Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/nsJ8BEbqCr5yOuNbmpQp1_30aXE.roa
Signing time: Thu 03 Aug 2023 10:19:58 +0000
ROA not before: Thu 03 Aug 2023 10:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.246.172.0/22 maxlen: 32
46.232.208.0/23 maxlen: 32
2a09:77c0::/30 maxlen: 48
Validation: Failed, certificate revoked on Thu 26 Oct 2023 08:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:e9:49:8a:14:79:e8:09:c3:cb:fb:99:06:ac:36:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Validity
Not Before: Aug 3 10:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ec27c0446ea0abe723ae35b9a9429d7fdf46971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:9e:8d:bd:c7:18:e5:c8:df:f2:90:6b:37:
1f:68:de:c9:58:e2:0f:77:51:11:3e:44:aa:63:22:
36:c6:91:43:bd:ac:57:b6:1d:40:45:1d:72:75:c6:
02:c0:98:74:5c:8d:48:49:54:c2:26:ea:66:69:6a:
0a:34:62:c1:b7:49:18:34:24:a7:d3:23:d3:55:49:
73:5b:27:78:dc:86:8e:73:d5:86:2c:3e:c2:b6:b0:
e2:23:42:71:b1:8f:46:8b:8f:48:4b:e4:61:be:a5:
34:ee:31:82:a8:3b:20:7b:3e:5e:e2:49:f7:73:36:
81:51:db:89:0f:e3:f0:56:76:50:32:c5:bc:82:20:
b9:83:92:63:95:28:2e:9d:46:e1:9e:0f:5e:f5:2f:
19:07:03:41:46:18:1b:bc:df:df:d9:ce:c8:50:9b:
2b:0e:8d:d6:9e:35:2d:fe:ab:dc:3f:e9:21:a2:cb:
6e:b5:34:28:7f:c4:c5:54:25:e8:88:be:92:5c:98:
45:f7:ee:fe:8d:74:a4:bf:ff:8f:b5:fb:96:dd:d0:
b5:58:f5:50:29:26:8f:81:9c:41:89:f0:4f:de:15:
31:54:37:7d:72:d6:0c:07:2b:5e:3c:37:e3:8f:87:
a8:76:c6:fd:14:fa:c6:40:13:d7:40:8f:9b:77:18:
6f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C2:7C:04:46:EA:0A:BE:72:3A:E3:5B:9A:94:29:D7:FD:F4:69:71
X509v3 Authority Key Identifier:
keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/nsJ8BEbqCr5yOuNbmpQp1_30aXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.208.0/23
185.246.172.0/22
IPv6:
2a09:77c0::/30
Signature Algorithm: sha256WithRSAEncryption
60:56:c1:d4:4d:88:54:03:0b:b1:1e:cd:87:e7:cf:bb:fd:3a:
cb:0c:20:0d:7e:b7:40:3a:0c:66:79:04:1c:b4:26:f8:26:12:
e8:3c:9b:e8:18:55:17:b9:3a:80:8f:19:16:13:8a:a3:3e:1a:
7e:42:b0:ef:ac:fc:a9:e4:3b:87:2d:1e:a4:ee:a2:6b:56:a5:
34:f7:8c:c1:ab:9b:2c:af:6c:65:d3:6a:33:5b:d6:09:46:69:
a3:10:21:fc:7d:15:52:bb:e7:40:87:56:ee:34:92:3b:5b:b6:
24:c9:a0:20:94:17:d6:13:cd:96:92:b5:5d:df:25:bb:35:ce:
51:23:14:68:7c:2f:3d:d8:ab:52:aa:a6:ff:35:83:2a:00:9c:
f8:87:40:b9:43:ae:f7:f4:f3:76:4d:eb:c5:1a:f9:5a:29:80:
60:9b:3a:7e:72:91:de:51:75:e8:4b:39:29:e6:99:7e:74:f8:
c6:b6:a4:d3:c9:b6:3c:d7:65:3a:ef:f6:40:98:65:f2:ae:cb:
63:da:ba:5c:d4:da:25:42:c7:84:ec:32:92:93:4f:5e:7f:24:
dc:7b:39:f9:58:7c:a0:90:24:23:37:13:f0:03:ce:47:3a:e2:
98:0e:4e:a8:0a:25:8e:54:44:e7:88:e4:96:76:60:d5:e5:1d:
08:b6:49:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYm66UmKFHnoCcPL+5kGrDbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4
MWM2ZjIwHhcNMjMwODAzMTAxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWMyN2MwNDQ2ZWEwYWJlNzIzYWUzNWI5YTk0MjlkN2ZkZjQ2OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyCejb3HGOXI3/KQazcfaN7JWOIP
d1ERPkSqYyI2xpFDvaxXth1ARR1ydcYCwJh0XI1ISVTCJupmaWoKNGLBt0kYNCSn
0yPTVUlzWyd43IaOc9WGLD7CtrDiI0JxsY9Gi49IS+RhvqU07jGCqDsgez5e4kn3
czaBUduJD+PwVnZQMsW8giC5g5JjlSgunUbhng9e9S8ZBwNBRhgbvN/f2c7IUJsr
Do3WnjUt/qvcP+khostutTQof8TFVCXoiL6SXJhF9+7+jXSkv/+PtfuW3dC1WPVQ
KSaPgZxBifBP3hUxVDd9ctYMBytePDfjj4eodsb9FPrGQBPXQI+bdxhvGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ7CfARG6gq+cjrjW5qUKdf99GlxMB8GA1UdIwQY
MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt
MjdmMmJjMTYyYTA3LzEvbnNKOEJFYnFDcjV5T3VOYm1wUXAxXzMwYVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3
LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLujQAwQC
ufasMA0EAgACMAcDBQIqCXfAMA0GCSqGSIb3DQEBCwUAA4IBAQBgVsHUTYhUAwux
Hs2H58+7/TrLDCANfrdAOgxmeQQctCb4JhLoPJvoGFUXuTqAjxkWE4qjPhp+QrDv
rPyp5DuHLR6k7qJrVqU094zBq5ssr2xl02ozW9YJRmmjECH8fRVSu+dAh1buNJI7
W7YkyaAglBfWE82WkrVd3yW7Nc5RIxRofC892KtSqqb/NYMqAJz4h0C5Q6739PN2
TevFGvlaKYBgmzp+cpHeUXXoSzkp5pl+dPjGtqTTybY812U67/ZAmGXyrstj2rpc
1NolQseE7DKSk09efyTcezn5WHygkCQjNxPwA85HOuKYDk6oCiWOVETniOSWdmDV
5R0ItknL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org