Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/Nwj7GE-ExELnY6UKwarwBmnqPXM.roa
File: Nwj7GE-ExELnY6UKwarwBmnqPXM.roa (raw, json)
Hash identifier: ADgMXQz4KdKotfvUc6IJAXB6kHLYlhcWfjE7xTlpm+w=
Subject key identifier: 37:08:FB:18:4F:84:C4:42:E7:63:A5:0A:C1:AA:F0:06:69:EA:3D:73
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 01856CCB006C7EE54F928DC197706F1F7C1E
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/Nwj7GE-ExELnY6UKwarwBmnqPXM.roa
Signing time: Sun 01 Jan 2023 10:05:21 +0000
ROA not before: Sun 01 Jan 2023 10:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29396
IP address blocks: 185.128.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:00:6c:7e:e5:4f:92:8d:c1:97:70:6f:1f:7c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Jan 1 10:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3708fb184f84c442e763a50ac1aaf00669ea3d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:ba:58:1a:64:bf:c5:d7:3e:b8:51:1b:d2:
b5:9f:82:5a:15:55:77:90:80:00:a3:ee:54:17:ca:
17:a3:62:e2:04:7c:01:b2:05:6a:9f:3f:97:d5:c5:
5b:6f:6c:8d:2b:fa:19:3b:b5:0e:3b:e1:aa:45:43:
a4:5e:52:5b:42:85:7a:b1:70:f7:20:8a:39:2f:ff:
a2:ae:15:19:df:13:a5:00:6a:76:b6:ca:93:71:73:
40:e3:11:07:85:9f:c5:c5:fe:af:ee:36:2a:2a:69:
97:d0:f2:e0:06:86:84:f5:39:00:ef:6c:d6:cd:8d:
5a:66:c1:2f:0a:c4:91:70:c0:a4:e6:2e:f4:d2:6f:
1b:49:2d:b4:51:2d:71:4a:3e:71:26:0e:c3:13:29:
94:a8:c0:f0:26:fa:9d:b4:80:a4:f2:a2:6d:bf:a1:
65:a8:c3:3f:19:df:d8:fd:f3:5f:fe:5d:21:01:1a:
8e:8d:0a:b7:2a:9b:73:38:b0:f7:5d:93:77:97:e5:
20:36:2b:f1:e2:fd:19:7a:91:d9:30:d1:d4:91:64:
b6:d4:e1:49:03:01:47:77:21:f6:b0:92:da:68:3a:
44:e5:3b:08:83:a5:68:97:0f:4a:bc:dd:3b:56:bf:
a0:23:e4:9b:08:cc:73:56:be:e7:96:53:63:e1:ef:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:08:FB:18:4F:84:C4:42:E7:63:A5:0A:C1:AA:F0:06:69:EA:3D:73
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/Nwj7GE-ExELnY6UKwarwBmnqPXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.32.0/22
Signature Algorithm: sha256WithRSAEncryption
43:37:55:38:cf:eb:55:89:ca:9d:0f:b5:77:45:8c:0a:3c:04:
a0:76:b3:5a:4e:17:c3:c2:5b:63:70:73:4e:d2:24:dd:16:bf:
4f:6e:54:de:aa:58:75:75:db:8f:5d:a4:8c:6a:a6:3c:cb:1b:
78:02:a8:81:fb:a2:01:82:c8:98:08:b0:30:9f:c2:dd:b7:11:
84:b8:3f:84:0d:9c:e3:19:ef:4b:08:c0:b3:e2:e0:53:88:8d:
9a:03:00:46:d9:3f:91:e2:c7:f0:41:aa:84:e2:b8:f0:80:7a:
6f:c0:38:00:6f:fe:f9:47:cc:26:e1:6e:42:ca:66:8c:2b:cf:
4e:d9:7d:fc:43:a0:55:74:3d:d7:b2:c5:18:3b:3b:40:36:1f:
cf:0c:9e:65:8b:b9:fc:6c:0a:05:a7:76:2c:a6:60:53:0e:a5:
72:9e:f3:10:c2:e9:da:8d:fb:04:2b:81:69:e3:f4:c2:34:49:
4c:9e:94:9a:5c:a3:7a:cf:09:6e:93:39:14:9e:eb:6d:b9:bc:
e5:80:97:5f:bd:1b:4f:c2:3e:4a:27:1c:e6:b9:f7:f3:f4:64:
e1:8a:c9:66:2a:f9:73:fd:d5:65:44:e3:b3:0c:27:ca:52:97:
9e:51:19:91:ad:ac:e9:2f:81:c3:0a:3c:91:ce:80:db:25:db:
2b:70:7c:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsywBsfuVPko3Bl3BvH3weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjMwMTAxMTAwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA4ZmIxODRmODRjNDQyZTc2M2E1MGFjMWFhZjAwNjY5ZWEzZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoW6WBpkv8XXPrhRG9K1n4JaFVV3
kIAAo+5UF8oXo2LiBHwBsgVqnz+X1cVbb2yNK/oZO7UOO+GqRUOkXlJbQoV6sXD3
IIo5L/+irhUZ3xOlAGp2tsqTcXNA4xEHhZ/Fxf6v7jYqKmmX0PLgBoaE9TkA72zW
zY1aZsEvCsSRcMCk5i700m8bSS20US1xSj5xJg7DEymUqMDwJvqdtICk8qJtv6Fl
qMM/Gd/Y/fNf/l0hARqOjQq3KptzOLD3XZN3l+UgNivx4v0ZepHZMNHUkWS21OFJ
AwFHdyH2sJLaaDpE5TsIg6Volw9KvN07Vr+gI+SbCMxzVr7nllNj4e/mJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcI+xhPhMRC52OlCsGq8AZp6j1zMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvTndqN0dFLUV4RUxuWTZVS3dhcndCbW5xUFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBDN1U4z+tVicqdD7V3RYwKPASgdrNaThfDwltjcHNO
0iTdFr9PblTeqlh1dduPXaSMaqY8yxt4AqiB+6IBgsiYCLAwn8LdtxGEuD+EDZzj
Ge9LCMCz4uBTiI2aAwBG2T+R4sfwQaqE4rjwgHpvwDgAb/75R8wm4W5CymaMK89O
2X38Q6BVdD3XssUYOztANh/PDJ5li7n8bAoFp3YspmBTDqVynvMQwunajfsEK4Fp
4/TCNElMnpSaXKN6zwlukzkUnuttubzlgJdfvRtPwj5KJxzmuffz9GThislmKvlz
/dVlROOzDCfKUpeeURmRrazpL4HDCjyRzoDbJdsrcHxC
-----END CERTIFICATE-----
Generated at Wed Nov 8 15:28:34 2023 by rpki-client on console-fra.rpki-client.org