Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/nmDzB_VdbWfXXCqRYuxuvhg63zs.roa
File: nmDzB_VdbWfXXCqRYuxuvhg63zs.roa (raw, json)
Hash identifier: Epwm4PbZHTIfl/aog/tbltlCAATO0r8r/Cet6OmDvng=
Subject key identifier: 9E:60:F3:07:F5:5D:6D:67:D7:5C:2A:91:62:EC:6E:BE:18:3A:DF:3B
Certificate issuer: /CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Certificate serial: 018B8F700A956BF31C576EBEBB49F613184B
Authority key identifier: A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/nmDzB_VdbWfXXCqRYuxuvhg63zs.roa
Signing time: Thu 02 Nov 2023 09:49:26 +0000
ROA not before: Thu 02 Nov 2023 09:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211664
IP address blocks: 185.226.241.0/24 maxlen: 24
91.232.23.0/24 maxlen: 24
91.232.22.0/24 maxlen: 24
2a12:84c0:1::/48 maxlen: 48
2a0c:7680:1337::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:70:0a:95:6b:f3:1c:57:6e:be:bb:49:f6:13:18:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Validity
Not Before: Nov 2 09:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e60f307f55d6d67d75c2a9162ec6ebe183adf3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2d:2d:ef:2e:ac:1d:25:22:2e:7a:8a:27:58:
d3:01:cd:9f:d7:70:05:73:3c:a7:0f:36:e6:b5:d3:
2b:be:e0:14:80:60:c7:64:36:8f:6f:29:0a:42:f0:
7f:a4:d5:62:1d:38:74:1a:d2:79:f3:ca:70:38:2b:
3c:3b:56:f0:7d:c6:7f:9e:43:17:78:d3:92:ba:b1:
dd:e6:75:0b:19:39:5c:c6:22:9d:fb:4f:fa:ee:54:
f5:21:c6:4e:23:cd:17:2b:c7:14:f3:9d:bc:51:48:
5b:de:61:6d:9a:9e:7a:bf:aa:de:68:d6:46:09:a2:
13:b5:b8:1a:25:3b:6b:8d:7a:3c:c6:72:0f:10:b1:
0c:29:ee:02:4a:72:7c:ac:fd:6f:34:fb:35:b4:6f:
b2:24:46:80:86:65:7b:7a:8d:da:75:94:b1:62:27:
57:21:a4:29:f1:65:39:39:31:74:73:d0:76:66:8f:
eb:cc:e2:c1:96:84:6f:80:14:8c:a0:a6:bd:2d:0e:
5c:cd:ff:b3:1b:02:fd:68:52:1b:fe:8f:d0:87:d8:
29:35:49:59:07:c6:ae:5e:f4:fb:48:b0:1e:53:75:
a5:da:2e:a4:be:db:22:65:f0:38:04:a0:24:77:73:
b1:f8:37:f8:42:24:e2:ea:07:10:2b:41:86:d8:85:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:60:F3:07:F5:5D:6D:67:D7:5C:2A:91:62:EC:6E:BE:18:3A:DF:3B
X509v3 Authority Key Identifier:
keyid:A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/nmDzB_VdbWfXXCqRYuxuvhg63zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.22.0/23
185.226.241.0/24
IPv6:
2a0c:7680:1337::/48
2a12:84c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
59:53:cc:f8:c2:79:5c:92:cf:54:42:2e:a8:49:4d:74:27:c4:
1b:fd:72:fa:54:2d:da:b7:58:c1:62:a6:56:f0:c5:a3:10:dc:
6b:d5:e2:d0:1f:c2:97:8b:5c:ee:e8:15:d5:b7:13:10:b1:73:
06:3d:63:7b:db:48:47:f4:82:ec:b3:9f:0e:c6:d6:53:e0:9b:
80:57:f2:70:8d:0a:0b:2f:41:0b:ba:52:01:81:ff:d7:ff:d1:
34:be:0e:03:9f:4b:65:bd:8f:c0:4d:52:47:ee:27:2d:4c:0b:
2c:65:d7:6c:d0:bb:90:58:1d:cb:57:c3:05:3e:a6:f4:33:94:
c8:b2:3f:f9:58:59:ba:d8:d8:be:23:2c:81:54:35:a0:67:a6:
41:24:e8:80:8f:3f:8a:b7:17:8e:6f:62:0c:14:91:e6:65:35:
87:3c:33:12:42:37:86:c3:5e:ef:27:28:1d:18:94:11:b1:c2:
c2:7b:cc:3a:ab:92:81:4f:9e:e3:58:36:73:c8:dd:d1:46:ec:
40:ea:a7:17:c3:9c:d5:c2:3c:55:f5:18:8c:b6:a5:97:ea:35:
6f:2c:e1:68:16:01:d4:59:49:74:65:cb:4b:db:c6:83:e2:8a:
db:c7:b2:5c:82:02:69:eb:2e:a6:f0:39:45:3a:1f:c2:2a:b5:
04:68:e0:9b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYuPcAqVa/McV26+u0n2ExhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGFlNzY3OGEzOTY5NjllNjM0MGM5ZGNiNjVjZGU5ZTMy
OTU1NGEwHhcNMjMxMTAyMDk0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTYwZjMwN2Y1NWQ2ZDY3ZDc1YzJhOTE2MmVjNmViZTE4M2FkZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri0t7y6sHSUiLnqKJ1jTAc2f13AF
czynDzbmtdMrvuAUgGDHZDaPbykKQvB/pNViHTh0GtJ588pwOCs8O1bwfcZ/nkMX
eNOSurHd5nULGTlcxiKd+0/67lT1IcZOI80XK8cU8528UUhb3mFtmp56v6reaNZG
CaITtbgaJTtrjXo8xnIPELEMKe4CSnJ8rP1vNPs1tG+yJEaAhmV7eo3adZSxYidX
IaQp8WU5OTF0c9B2Zo/rzOLBloRvgBSMoKa9LQ5czf+zGwL9aFIb/o/Qh9gpNUlZ
B8auXvT7SLAeU3Wl2i6kvtsiZfA4BKAkd3Ox+Df4QiTi6gcQK0GG2IUc/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ5g8wf1XW1n11wqkWLsbr4YOt87MB8GA1UdIwQY
MBaAFKDa52eKOWlp5jQMnctlzenjKVVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDct
ZjczNWUzZGFmZDUzLzEvbm1EekJfVmRiV2ZYWENxUll1eHV2aGc2M3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDctZjczNWUzZGFmZDUz
LzEvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBW+gWAwQA
ueLxMBgEAgACMBIDBwAqDHaAEzcDBwAqEoTAAAEwDQYJKoZIhvcNAQELBQADggEB
AFlTzPjCeVySz1RCLqhJTXQnxBv9cvpULdq3WMFiplbwxaMQ3GvV4tAfwpeLXO7o
FdW3ExCxcwY9Y3vbSEf0guyznw7G1lPgm4BX8nCNCgsvQQu6UgGB/9f/0TS+DgOf
S2W9j8BNUkfuJy1MCyxl12zQu5BYHctXwwU+pvQzlMiyP/lYWbrY2L4jLIFUNaBn
pkEk6ICPP4q3F45vYgwUkeZlNYc8MxJCN4bDXu8nKB0YlBGxwsJ7zDqrkoFPnuNY
NnPI3dFG7EDqpxfDnNXCPFX1GIy2pZfqNW8s4WgWAdRZSXRly0vbxoPiitvHslyC
AmnrLqbwOUU6H8IqtQRo4Js=
-----END CERTIFICATE-----
Generated at Sat Dec 16 09:45:03 2023 by rpki-client on console-fra.rpki-client.org