Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/NPiE83Sh76j7hcamJWUHqwuBxVw.roa
File: NPiE83Sh76j7hcamJWUHqwuBxVw.roa (raw, json)
Hash identifier: T0Ti0tIopcJzAHsRBEKnhmKvuYTmU6SeXQ72r5r0OAo=
Subject key identifier: 34:F8:84:F3:74:A1:EF:A8:FB:85:C6:A6:25:65:07:AB:0B:81:C5:5C
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 01856DD3E8E672524E32B5255BF5A9856E30
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/NPiE83Sh76j7hcamJWUHqwuBxVw.roa
Signing time: Sun 01 Jan 2023 14:54:42 +0000
ROA not before: Sun 01 Jan 2023 14:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394094
IP address blocks: 185.106.241.0/24 maxlen: 24
185.106.243.0/24 maxlen: 24
31.25.199.0/24 maxlen: 24
2a06:4101::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:e8:e6:72:52:4e:32:b5:25:5b:f5:a9:85:6e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Jan 1 14:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f884f374a1efa8fb85c6a6256507ab0b81c55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fc:47:ea:d1:4c:75:fa:a1:12:fc:6e:d4:36:
b3:86:76:9a:01:8f:16:49:b0:66:54:d0:4f:7b:da:
7f:ef:91:ef:41:db:e9:f5:5d:9f:25:ee:df:95:c5:
72:14:58:ba:98:10:c7:8f:12:ad:b7:d8:dd:d2:3d:
54:44:0a:39:91:bb:03:cd:ff:77:1a:52:f6:7a:71:
e5:43:b8:83:f7:56:7b:ee:e4:9e:67:7d:ea:f7:42:
b2:eb:cf:77:80:ef:e1:e3:aa:90:72:cb:83:bd:7b:
cb:18:ec:6b:b0:98:0c:bf:85:1e:cb:23:83:1a:cf:
ad:de:fa:84:eb:68:e7:cb:33:c0:e4:ea:a9:15:1f:
05:1a:f0:0d:91:61:f1:01:ad:dd:74:38:c9:f2:1d:
46:d8:0a:80:0b:13:8b:5b:ec:95:cb:ff:f8:e6:e0:
a8:a7:22:ff:1f:62:f1:6b:a7:3f:21:37:db:13:a4:
91:55:79:a0:b1:7d:45:1f:a7:ec:21:f3:5c:f9:b8:
56:93:ae:54:47:9d:4c:f2:64:64:4e:05:61:34:d7:
e2:ed:0d:8c:04:30:f3:20:f5:9e:da:21:37:47:39:
4e:f8:a1:27:d3:95:7d:df:b7:10:ea:ab:0f:32:14:
7e:3f:d4:d1:cc:d6:f7:e0:ad:ff:81:b4:4e:b1:83:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F8:84:F3:74:A1:EF:A8:FB:85:C6:A6:25:65:07:AB:0B:81:C5:5C
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/NPiE83Sh76j7hcamJWUHqwuBxVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.199.0/24
185.106.241.0/24
185.106.243.0/24
IPv6:
2a06:4101::/32
Signature Algorithm: sha256WithRSAEncryption
51:6c:22:e7:38:86:ef:5a:3e:84:bb:a9:8b:ea:c7:f5:ed:b4:
6d:56:c8:58:2a:48:2c:35:89:dc:51:05:75:ca:b5:74:8b:ec:
63:82:85:ce:03:97:01:dd:1c:41:9b:07:55:35:64:ea:e7:ca:
de:c2:5b:75:3a:83:a8:fe:7c:35:f4:4d:b9:a3:80:41:eb:ff:
7e:26:07:1d:88:62:f9:7f:1b:08:18:69:f9:d5:a8:b0:ff:4d:
ec:f9:1e:47:79:94:9a:30:28:9a:24:85:c0:98:7f:f1:9b:df:
48:af:93:11:b6:f4:e0:d6:c4:a1:cf:ea:32:64:13:0e:c9:97:
e4:24:62:8a:25:a9:cc:e5:5b:69:c2:f5:72:05:9e:0b:b0:f6:
9c:23:92:8b:5f:b3:73:da:ce:08:f7:a5:25:f7:c8:f9:bc:4e:
66:65:15:69:19:25:c4:31:f7:d5:85:56:32:93:cf:9c:5d:85:
25:a7:13:35:22:66:21:d4:1a:a8:a7:87:b5:fd:06:59:8f:74:
31:b7:be:d0:6b:b0:a5:76:da:41:45:9d:35:f0:4b:e2:25:93:
d4:b5:f0:b6:b9:81:68:43:dd:e8:35:1f:79:cb:37:28:46:57:
28:4e:3e:08:58:27:8c:31:c2:92:5e:8d:b9:5e:c7:22:27:14:
13:1c:8f:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt0+jmclJOMrUlW/WphW4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjMwMTAxMTQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY4ODRmMzc0YTFlZmE4ZmI4NWM2YTYyNTY1MDdhYjBiODFjNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvxH6tFMdfqhEvxu1DazhnaaAY8W
SbBmVNBPe9p/75HvQdvp9V2fJe7flcVyFFi6mBDHjxKtt9jd0j1URAo5kbsDzf93
GlL2enHlQ7iD91Z77uSeZ33q90Ky6893gO/h46qQcsuDvXvLGOxrsJgMv4UeyyOD
Gs+t3vqE62jnyzPA5OqpFR8FGvANkWHxAa3ddDjJ8h1G2AqACxOLW+yVy//45uCo
pyL/H2Lxa6c/ITfbE6SRVXmgsX1FH6fsIfNc+bhWk65UR51M8mRkTgVhNNfi7Q2M
BDDzIPWe2iE3RzlO+KEn05V937cQ6qsPMhR+P9TRzNb34K3/gbROsYMzJwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDT4hPN0oe+o+4XGpiVlB6sLgcVcMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvTlBpRTgzU2g3Nmo3aGNhbUpXVUhxd3VCeFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAHxnHAwQA
uWrxAwQAuWrzMA0EAgACMAcDBQAqBkEBMA0GCSqGSIb3DQEBCwUAA4IBAQBRbCLn
OIbvWj6Eu6mL6sf17bRtVshYKkgsNYncUQV1yrV0i+xjgoXOA5cB3RxBmwdVNWTq
58rewlt1OoOo/nw19E25o4BB6/9+JgcdiGL5fxsIGGn51aiw/03s+R5HeZSaMCia
JIXAmH/xm99Ir5MRtvTg1sShz+oyZBMOyZfkJGKKJanM5VtpwvVyBZ4LsPacI5KL
X7Nz2s4I96Ul98j5vE5mZRVpGSXEMffVhVYyk8+cXYUlpxM1ImYh1Bqop4e1/QZZ
j3Qxt77Qa7CldtpBRZ018EviJZPUtfC2uYFoQ93oNR95yzcoRlcoTj4IWCeMMcKS
Xo25XsciJxQTHI8p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org