Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/Nx7Qc5ku55wkmbTrTtgUkXx3EKM.roa
File: Nx7Qc5ku55wkmbTrTtgUkXx3EKM.roa (raw, json)
Hash identifier: EmN6tVjzn/2ej7ToPqrsoER4iTZ8+bFDRhF/ZIe22lE=
Subject key identifier: 37:1E:D0:73:99:2E:E7:9C:24:99:B4:EB:4E:D8:14:91:7C:77:10:A3
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 0189F842B3A3F863B2E6E056AEB59C6CDE6D
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/Nx7Qc5ku55wkmbTrTtgUkXx3EKM.roa
Signing time: Tue 15 Aug 2023 08:14:28 +0000
ROA not before: Tue 15 Aug 2023 08:14:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20836
IP address blocks: 185.47.228.0/22 maxlen: 24
95.157.96.0/19 maxlen: 24
178.249.184.0/21 maxlen: 24
178.249.189.0/24 maxlen: 24
217.171.32.0/20 maxlen: 24
95.157.64.0/19 maxlen: 24
2001:b60::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:42:b3:a3:f8:63:b2:e6:e0:56:ae:b5:9c:6c:de:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Aug 15 08:14:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=371ed073992ee79c2499b4eb4ed814917c7710a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:84:f1:5b:06:db:23:66:33:44:30:46:c0:
46:48:2e:9d:d7:e7:80:c6:23:39:19:c3:dd:04:dc:
34:7d:d5:e8:2c:cc:3a:bd:08:57:c3:be:c2:9b:dc:
2f:9c:12:34:c5:82:00:22:b5:8b:91:33:4b:fa:ca:
20:87:0a:ec:e5:47:25:64:8d:09:ca:f9:66:98:a1:
33:aa:b0:ef:26:c1:7f:f9:cb:25:45:bd:1b:72:97:
26:79:25:89:3e:ad:b6:26:d6:96:b3:46:c1:1f:23:
36:1c:df:73:0d:07:3b:93:77:76:c0:90:d0:40:9e:
52:48:3c:09:5b:1b:3f:dd:87:ba:76:36:af:81:c3:
47:01:af:82:47:e3:d4:3e:ae:5e:e8:89:25:6d:ca:
66:8c:07:2d:30:99:de:d7:84:a4:9a:4b:d6:33:3a:
db:1d:28:46:93:20:58:8c:71:1e:0c:04:80:d6:18:
6d:26:41:33:a6:23:a9:d9:da:ab:5d:01:d6:83:86:
30:c3:c2:f1:73:96:1a:a3:6a:d4:6f:52:99:54:0a:
72:3d:70:2b:03:d2:0e:f1:b5:73:bc:1c:2d:fe:8b:
11:c3:7d:80:59:9c:21:84:8b:54:2e:f4:cb:05:ce:
dc:a4:5d:ce:55:03:71:b8:b3:a4:ff:a3:63:64:22:
50:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1E:D0:73:99:2E:E7:9C:24:99:B4:EB:4E:D8:14:91:7C:77:10:A3
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/Nx7Qc5ku55wkmbTrTtgUkXx3EKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.64.0/18
178.249.184.0/21
185.47.228.0/22
217.171.32.0/20
IPv6:
2001:b60::/32
Signature Algorithm: sha256WithRSAEncryption
a2:a4:45:c5:ea:eb:a6:96:1c:06:63:eb:91:44:fe:4c:b3:1e:
4e:3f:91:d0:7c:3c:b3:84:61:01:46:28:82:e6:4c:c5:df:7b:
65:06:e1:af:ee:e3:82:17:e1:a8:ad:51:ed:9e:33:ca:6b:61:
e1:54:73:d9:83:06:e2:e2:d4:7e:f0:8c:f8:29:ca:91:b5:63:
d5:f4:ae:3e:c7:3e:66:8b:d6:bf:09:e5:4a:17:9e:c3:4f:00:
b7:d5:0d:a8:24:bd:11:1d:f7:47:c6:d7:fb:c6:b1:20:b2:e0:
de:b0:06:07:cd:90:71:58:bb:fb:67:42:65:38:d2:6b:d4:01:
ef:b5:d4:80:2c:47:d3:b1:10:e8:4a:e9:a2:3a:9e:19:c5:39:
9c:ec:b8:ce:aa:7f:ba:7a:8e:7d:5a:43:cb:c6:4e:e8:15:ae:
4b:11:05:5f:b1:7c:45:52:72:93:30:28:7f:27:04:fc:da:d7:
52:e9:97:53:26:7d:72:a2:f1:fe:1e:da:9b:18:c3:3b:07:a2:
e9:fb:70:83:59:1c:12:6a:82:64:20:4b:e9:ed:2f:6b:38:c2:
2b:60:17:04:2c:35:29:a7:c5:2f:e1:54:3a:60:81:4b:a8:70:
bf:1a:9a:9a:77:aa:8b:76:ba:ab:20:d8:22:f3:49:a1:a1:32:
1b:e0:9f:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYn4QrOj+GOy5uBWrrWcbN5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjMwODE1MDgxNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFlZDA3Mzk5MmVlNzljMjQ5OWI0ZWI0ZWQ4MTQ5MTdjNzcxMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmOE8VsG2yNmM0QwRsBGSC6d1+eA
xiM5GcPdBNw0fdXoLMw6vQhXw77Cm9wvnBI0xYIAIrWLkTNL+soghwrs5UclZI0J
yvlmmKEzqrDvJsF/+cslRb0bcpcmeSWJPq22JtaWs0bBHyM2HN9zDQc7k3d2wJDQ
QJ5SSDwJWxs/3Ye6djavgcNHAa+CR+PUPq5e6IklbcpmjActMJne14SkmkvWMzrb
HShGkyBYjHEeDASA1hhtJkEzpiOp2dqrXQHWg4Yww8Lxc5Yao2rUb1KZVApyPXAr
A9IO8bVzvBwt/osRw32AWZwhhItULvTLBc7cpF3OVQNxuLOk/6NjZCJQJwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDce0HOZLuecJJm0607YFJF8dxCjMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvTng3UWM1a3U1NXdrbWJUclR0Z1VrWHgzRUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD
svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQAgAQtgMA0GCSqGSIb3DQEBCwUAA4IB
AQCipEXF6uumlhwGY+uRRP5Msx5OP5HQfDyzhGEBRiiC5kzF33tlBuGv7uOCF+Go
rVHtnjPKa2HhVHPZgwbi4tR+8Iz4KcqRtWPV9K4+xz5mi9a/CeVKF57DTwC31Q2o
JL0RHfdHxtf7xrEgsuDesAYHzZBxWLv7Z0JlONJr1AHvtdSALEfTsRDoSumiOp4Z
xTmc7LjOqn+6eo59WkPLxk7oFa5LEQVfsXxFUnKTMCh/JwT82tdS6ZdTJn1yovH+
HtqbGMM7B6Lp+3CDWRwSaoJkIEvp7S9rOMIrYBcELDUpp8Uv4VQ6YIFLqHC/Gpqa
d6qLdrqrINgi80mhoTIb4J/m
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:28 2024 by rpki-client on console-fra.rpki-client.org