Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/nhkK25qQnObw6DznaDtd_W5y8QI.roa
File: nhkK25qQnObw6DznaDtd_W5y8QI.roa (raw, json)
Hash identifier: mqoIYlWMoZshPv/GFgQmhUh6os4XW/THfG8xC2H2GX4=
Subject key identifier: 9E:19:0A:DB:9A:90:9C:E6:F0:E8:3C:E7:68:3B:5D:FD:6E:72:F1:02
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 018BD46875710D488DCCDD58B0EEA5302E70
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/nhkK25qQnObw6DznaDtd_W5y8QI.roa
Signing time: Wed 15 Nov 2023 19:14:57 +0000
ROA not before: Wed 15 Nov 2023 19:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203324
IP address blocks: 185.238.85.0/24 maxlen: 24
185.238.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:68:75:71:0d:48:8d:cc:dd:58:b0:ee:a5:30:2e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Nov 15 19:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e190adb9a909ce6f0e83ce7683b5dfd6e72f102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:7f:50:fb:9e:8a:8a:03:25:48:72:2c:84:
b9:ba:d4:3c:3b:53:82:07:f8:d6:77:8b:86:8e:58:
d2:22:46:7b:9b:1d:ae:fe:c5:43:91:28:b6:d4:af:
ae:91:9e:88:bc:96:49:12:59:03:7b:5d:2e:d4:57:
22:7d:7f:8c:bc:f8:d5:93:07:d3:06:9c:a4:eb:c5:
42:4a:71:72:a8:22:af:8b:53:8b:9c:e4:95:35:9a:
7e:91:e4:42:8f:e4:8c:b3:c5:32:e2:62:f4:3a:08:
e6:6e:12:3a:b0:32:46:84:80:81:43:cf:34:8e:22:
f0:80:c6:2d:4d:22:6e:bf:55:ec:1b:dc:6f:b6:d0:
45:8a:74:92:01:9f:77:34:61:25:25:99:ef:d1:b9:
0d:28:99:8e:d2:24:05:92:d5:99:75:93:e6:22:50:
ea:be:9c:d9:81:37:bf:dd:31:c3:98:3a:54:e8:b8:
d8:ae:54:48:f4:d4:27:e0:6e:aa:18:6e:89:85:54:
26:df:ba:b0:c1:d7:70:8b:f4:77:dc:d6:0a:96:1b:
8d:75:2f:57:77:ce:2d:93:10:73:85:fd:70:77:76:
d8:46:51:a0:35:88:cf:3d:33:dc:51:5c:27:50:5e:
c4:0e:3b:22:75:67:a0:9c:f3:71:f8:73:91:1f:c6:
6b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:19:0A:DB:9A:90:9C:E6:F0:E8:3C:E7:68:3B:5D:FD:6E:72:F1:02
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/nhkK25qQnObw6DznaDtd_W5y8QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.85.0-185.238.86.255
Signature Algorithm: sha256WithRSAEncryption
23:ed:04:87:07:e5:2a:0e:d5:ed:7d:c6:2a:ab:99:7b:1e:86:
de:a4:da:c2:27:a7:4d:05:ea:b4:f5:40:2e:85:da:c4:70:95:
a1:d1:9e:04:d1:38:19:fc:a8:e8:b6:52:2a:b3:0d:f4:5b:13:
32:fd:f2:34:20:68:41:61:e3:47:12:f6:91:a0:07:a5:4c:dc:
20:f3:d5:05:b7:a0:3a:1f:d0:ea:01:3f:ef:d1:92:8a:a4:27:
92:4e:c1:57:d3:fd:9e:b3:9b:64:f9:74:80:f9:ea:0b:95:96:
db:03:5a:92:20:7a:ad:84:ba:ca:93:2a:b2:b1:dd:d2:0e:26:
81:7c:b9:77:33:76:bd:4a:80:5b:13:21:80:dd:c8:ce:29:7e:
f5:89:ac:0c:57:84:25:a8:f0:18:bb:9b:75:58:d0:de:ad:dd:
d6:44:e8:4e:a9:17:11:d8:3e:5e:66:b6:3e:a4:40:3e:80:42:
7d:d7:42:d1:ee:be:e7:b1:77:ef:3c:c6:70:46:3c:56:8b:2d:
01:88:81:f0:ea:18:98:cd:de:9f:f4:4a:d3:45:8e:b3:96:d4:
78:8d:c4:f6:8f:98:92:f9:fb:cc:e7:07:79:84:02:8c:43:c6:
e2:29:b3:e5:06:75:5d:fd:82:07:6c:63:8f:02:d8:98:65:f1:
86:bd:87:8c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvUaHVxDUiNzN1YsO6lMC5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjMxMTE1MTkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE5MGFkYjlhOTA5Y2U2ZjBlODNjZTc2ODNiNWRmZDZlNzJmMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUh/UPueiooDJUhyLIS5utQ8O1OC
B/jWd4uGjljSIkZ7mx2u/sVDkSi21K+ukZ6IvJZJElkDe10u1FcifX+MvPjVkwfT
Bpyk68VCSnFyqCKvi1OLnOSVNZp+keRCj+SMs8Uy4mL0OgjmbhI6sDJGhICBQ880
jiLwgMYtTSJuv1XsG9xvttBFinSSAZ93NGElJZnv0bkNKJmO0iQFktWZdZPmIlDq
vpzZgTe/3THDmDpU6LjYrlRI9NQn4G6qGG6JhVQm37qwwddwi/R33NYKlhuNdS9X
d84tkxBzhf1wd3bYRlGgNYjPPTPcUVwnUF7EDjsidWegnPNx+HORH8Zr3QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ4ZCtuakJzm8Og852g7Xf1ucvECMB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvbmhrSzI1cVFuT2J3NkR6bmFEdGRfVzV5OFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57lUD
BAC57lYwDQYJKoZIhvcNAQELBQADggEBACPtBIcH5SoO1e19xiqrmXseht6k2sIn
p00F6rT1QC6F2sRwlaHRngTROBn8qOi2UiqzDfRbEzL98jQgaEFh40cS9pGgB6VM
3CDz1QW3oDof0OoBP+/RkoqkJ5JOwVfT/Z6zm2T5dID56guVltsDWpIgeq2EusqT
KrKx3dIOJoF8uXczdr1KgFsTIYDdyM4pfvWJrAxXhCWo8Bi7m3VY0N6t3dZE6E6p
FxHYPl5mtj6kQD6AQn3XQtHuvuexd+88xnBGPFaLLQGIgfDqGJjN3p/0StNFjrOW
1HiNxPaPmJL5+8znB3mEAoxDxuIps+UGdV39ggdsY48C2Jhl8Ya9h4w=
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:57 2024 by rpki-client on console-ams.rpki-client.org