Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NSDRnimyctdQhapmqaxNygcdrKo.roa
File: NSDRnimyctdQhapmqaxNygcdrKo.roa (raw, json)
Hash identifier: V7+Mnf5tVyIXsPXUe55o6rP6ARNmMM3hxYMTl81h18I=
Subject key identifier: 35:20:D1:9E:29:B2:72:D7:50:85:AA:66:A9:AC:4D:CA:07:1D:AC:AA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01870EF457914178A96B007E4B2AC0293D78
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NSDRnimyctdQhapmqaxNygcdrKo.roa
Signing time: Thu 23 Mar 2023 14:51:46 +0000
ROA not before: Thu 23 Mar 2023 14:51:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201949
IP address blocks: 185.255.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:f4:57:91:41:78:a9:6b:00:7e:4b:2a:c0:29:3d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 23 14:51:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3520d19e29b272d75085aa66a9ac4dca071dacaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1a:38:c8:a9:04:b7:12:dc:d9:59:b2:3d:0a:
b4:39:1b:e6:a6:e1:ca:7d:23:5b:3f:12:be:f2:11:
e6:d5:63:64:27:09:08:95:c5:ea:cb:67:43:9b:fa:
f8:06:53:a8:35:c0:7f:04:a5:69:88:93:6b:10:b5:
c1:f6:fb:1a:e2:65:6e:37:9f:b7:3c:77:ec:00:61:
a8:10:87:63:57:ed:9d:82:32:5a:7c:f6:fc:b5:ab:
1c:fa:8e:51:8c:4c:0e:d8:8f:86:04:5f:65:5f:96:
09:40:83:15:47:e7:54:87:ce:1c:6d:bb:f4:60:f5:
89:78:42:92:2d:d5:08:58:36:c5:d3:c8:81:e3:d7:
34:83:9c:0b:b9:2c:cc:60:a3:fd:81:1d:43:65:a9:
ef:d7:4b:11:2e:e5:46:ef:57:60:11:8b:db:e2:8e:
fc:c6:d0:8e:d6:1d:b9:d5:a5:e8:6e:53:fe:49:ec:
35:48:e0:1b:20:79:9a:da:23:01:ec:40:07:57:ca:
22:67:60:86:f6:71:3b:40:48:2a:9f:2e:52:60:10:
9e:5a:59:26:f2:a9:bd:08:b2:34:58:01:4f:a0:6a:
0c:7b:0d:23:ee:f5:cf:75:c1:d3:7c:20:31:4e:31:
0c:96:4a:3b:78:cd:2f:62:98:7c:e2:72:ab:bf:28:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:20:D1:9E:29:B2:72:D7:50:85:AA:66:A9:AC:4D:CA:07:1D:AC:AA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NSDRnimyctdQhapmqaxNygcdrKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.39.0/24
Signature Algorithm: sha256WithRSAEncryption
40:04:c8:92:c6:32:16:39:d6:1f:05:ed:c3:fc:6b:18:fc:71:
ba:00:db:57:7d:a7:e1:53:f5:ef:6a:c3:73:ac:9f:3a:31:64:
fa:d2:85:b9:c5:6c:b4:bb:f8:b1:f1:f2:d2:f5:42:e1:17:e4:
ca:7f:7f:d9:a8:6a:1f:67:01:94:26:dc:a4:a4:54:76:9d:5d:
74:d1:e6:13:ab:2b:84:7a:d2:b0:c6:05:59:52:3c:b0:93:bf:
57:b5:19:d2:ab:f8:db:ad:bc:5a:dc:02:30:11:ca:f3:83:b6:
e4:8c:12:d0:36:74:13:85:ce:88:98:f8:af:65:2e:f7:d7:f5:
39:80:3f:0d:c3:62:e1:c2:c3:e3:4c:38:8b:c1:ec:06:15:7e:
b7:2a:ad:68:2f:7d:ff:91:96:66:e6:e4:cd:49:ff:14:0e:44:
de:41:20:53:1a:53:0f:59:34:ef:b2:04:d2:37:c9:94:2a:b2:
96:da:1a:1c:43:5e:86:c1:17:15:b6:2c:2f:f5:23:b8:6f:56:
58:b4:e5:8b:05:b2:75:e9:db:39:5a:3c:67:d3:25:bc:6e:bd:
40:cd:ac:c0:2d:2b:cb:bc:80:12:f8:44:bf:65:ae:51:dc:11:
88:e5:96:27:ce:b6:26:5e:a3:38:56:45:1a:72:5c:65:2e:2f:
fd:6c:4a:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcO9FeRQXipawB+SyrAKT14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzIzMTQ1MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIwZDE5ZTI5YjI3MmQ3NTA4NWFhNjZhOWFjNGRjYTA3MWRhY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhho4yKkEtxLc2VmyPQq0ORvmpuHK
fSNbPxK+8hHm1WNkJwkIlcXqy2dDm/r4BlOoNcB/BKVpiJNrELXB9vsa4mVuN5+3
PHfsAGGoEIdjV+2dgjJafPb8tasc+o5RjEwO2I+GBF9lX5YJQIMVR+dUh84cbbv0
YPWJeEKSLdUIWDbF08iB49c0g5wLuSzMYKP9gR1DZanv10sRLuVG71dgEYvb4o78
xtCO1h251aXoblP+Sew1SOAbIHma2iMB7EAHV8oiZ2CG9nE7QEgqny5SYBCeWlkm
8qm9CLI0WAFPoGoMew0j7vXPdcHTfCAxTjEMlko7eM0vYph84nKrvyg2eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUg0Z4psnLXUIWqZqmsTcoHHayqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTlNEUm5pbXljdGRRaGFwbXFheE55Z2NkcktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf8nMA0G
CSqGSIb3DQEBCwUAA4IBAQBABMiSxjIWOdYfBe3D/GsY/HG6ANtXfafhU/XvasNz
rJ86MWT60oW5xWy0u/ix8fLS9ULhF+TKf3/ZqGofZwGUJtykpFR2nV100eYTqyuE
etKwxgVZUjywk79XtRnSq/jbrbxa3AIwEcrzg7bkjBLQNnQThc6ImPivZS731/U5
gD8Nw2LhwsPjTDiLwewGFX63Kq1oL33/kZZm5uTNSf8UDkTeQSBTGlMPWTTvsgTS
N8mUKrKW2hocQ16GwRcVtiwv9SO4b1ZYtOWLBbJ16ds5Wjxn0yW8br1AzazALSvL
vIAS+ES/Za5R3BGI5ZYnzrYmXqM4VkUaclxlLi/9bEqr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org