Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/N8hHbIJ-vxrPh4BH1oL42_BJmd4.roa
File: N8hHbIJ-vxrPh4BH1oL42_BJmd4.roa (raw, json)
Hash identifier: xuj9PjZn8//Kv0b7rHEAXNkaDo04AtLgXZw3DAGAAd8=
Subject key identifier: 37:C8:47:6C:82:7E:BF:1A:CF:87:80:47:D6:82:F8:DB:F0:49:99:DE
Certificate issuer: /CN=776405e0283743cf52180d5b13812dfba3ded7fc
Certificate serial: 01856F949D005363AB5F8B0DCF6175BB6CA4
Authority key identifier: 77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/N8hHbIJ-vxrPh4BH1oL42_BJmd4.roa
Signing time: Sun 01 Jan 2023 23:04:48 +0000
ROA not before: Sun 01 Jan 2023 23:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12637
IP address blocks: 185.146.252.0/22 maxlen: 24
212.44.96.0/19 maxlen: 24
2a02:ea::/32 maxlen: 48
2a02:eb::/32 maxlen: 48
2a02:e9::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9d:00:53:63:ab:5f:8b:0d:cf:61:75:bb:6c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776405e0283743cf52180d5b13812dfba3ded7fc
Validity
Not Before: Jan 1 23:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37c8476c827ebf1acf878047d682f8dbf04999de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:12:fe:7f:3a:12:cc:2d:4c:fb:0e:2e:80:b8:
0c:24:4d:09:3f:13:22:cf:01:3f:63:35:ab:bb:29:
f8:59:67:14:b6:c6:8e:4f:d5:8c:cb:38:9e:df:c3:
e3:42:1b:79:f9:c2:c3:fb:ca:2d:32:40:f0:7b:24:
1a:f2:5a:5a:c9:8c:fc:c1:0f:90:2b:44:42:b5:51:
5a:68:7c:98:d6:c9:cf:e8:a6:f5:04:f8:fa:cc:80:
f3:b6:48:0c:c3:05:8b:d5:84:83:83:bd:27:9d:55:
fb:36:32:f3:2e:bc:4c:e5:61:15:5f:97:04:86:1d:
55:3b:1a:26:36:93:ae:57:84:81:b7:77:85:d1:de:
6a:a2:3f:08:3c:9a:f6:7d:ca:51:fc:3a:d9:7a:23:
ff:bc:83:16:2c:18:cb:3b:32:a8:c8:05:44:bd:d2:
f0:7f:2b:9d:ad:4d:ae:b6:1e:28:2d:84:18:78:fb:
c5:aa:7f:8a:a9:89:7c:b0:7d:5c:37:df:fc:6a:6e:
d4:8a:bd:82:67:29:6c:0c:d5:79:8c:57:98:de:f6:
b5:cd:9b:f6:a5:93:6f:af:d7:de:fc:88:9b:b9:36:
2f:b5:d8:d8:5d:e4:66:74:1d:90:b2:20:ba:ed:98:
fe:72:1e:94:85:99:24:84:36:e3:6c:e3:e1:34:ac:
a8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C8:47:6C:82:7E:BF:1A:CF:87:80:47:D6:82:F8:DB:F0:49:99:DE
X509v3 Authority Key Identifier:
keyid:77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/N8hHbIJ-vxrPh4BH1oL42_BJmd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.252.0/22
212.44.96.0/19
IPv6:
2a02:e9::-2a02:eb:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:16:93:45:f5:5e:3b:d9:b8:8d:0f:bf:a0:cf:c4:cd:45:4e:
4a:0c:4a:0e:ee:a9:03:54:2f:e3:80:df:98:83:29:c3:04:91:
17:41:21:b5:48:b9:4c:1d:24:4b:8c:53:6b:6d:9d:90:b4:a6:
e8:c2:fe:42:43:ec:8b:09:7d:84:2e:90:ec:26:e4:59:76:61:
c7:9a:bf:ce:8c:6c:41:4d:5c:18:51:ea:ac:fd:ef:36:4f:54:
19:0b:e1:f9:06:99:73:af:dc:fd:f3:f5:d0:92:4b:a4:a3:7e:
4c:e6:71:f8:dd:74:05:77:81:ae:04:32:e6:7c:0d:18:6e:b7:
07:03:95:4a:59:c0:ef:91:23:a6:8a:1b:f4:43:96:fe:05:c3:
be:d9:69:b2:cc:53:04:76:df:be:1e:52:bd:0a:10:07:d1:d3:
aa:2d:e7:98:d8:2e:ce:56:57:df:c9:91:81:dc:a1:ca:9c:3a:
55:35:fb:0f:43:ce:f0:3c:0d:d3:25:a8:1d:08:76:5e:40:cb:
2b:d9:9e:62:4b:f9:45:89:32:5a:ca:aa:77:b0:72:27:9e:25:
28:03:b0:c2:48:29:e9:01:64:d9:db:9b:93:c9:e3:a0:78:ce:
d1:be:27:14:d3:e6:44:fa:e3:61:82:60:bf:f6:86:46:d2:57:
47:dc:7c:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvlJ0AU2OrX4sNz2F1u2ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjQwNWUwMjgzNzQzY2Y1MjE4MGQ1YjEzODEyZGZiYTNk
ZWQ3ZmMwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2M4NDc2YzgyN2ViZjFhY2Y4NzgwNDdkNjgyZjhkYmYwNDk5OWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xL+fzoSzC1M+w4ugLgMJE0JPxMi
zwE/YzWruyn4WWcUtsaOT9WMyzie38PjQht5+cLD+8otMkDweyQa8lpayYz8wQ+Q
K0RCtVFaaHyY1snP6Kb1BPj6zIDztkgMwwWL1YSDg70nnVX7NjLzLrxM5WEVX5cE
hh1VOxomNpOuV4SBt3eF0d5qoj8IPJr2fcpR/DrZeiP/vIMWLBjLOzKoyAVEvdLw
fyudrU2uth4oLYQYePvFqn+KqYl8sH1cN9/8am7Uir2CZylsDNV5jFeY3va1zZv2
pZNvr9fe/IibuTYvtdjYXeRmdB2QsiC67Zj+ch6UhZkkhDbjbOPhNKyocQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDfIR2yCfr8az4eAR9aC+NvwSZneMB8GA1UdIwQY
MBaAFHdkBeAoN0PPUhgNWxOBLfuj3tf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAt
NmNhNTJlMDI5Y2JlLzEvTjhoSGJJSi12eHJQaDRCSDFvTDQyX0JKbWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAtNmNhNTJlMDI5Y2Jl
LzEvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuZL8AwQF
1CxgMBYEAgACMBAwDgMFACoCAOkDBQIqAgDoMA0GCSqGSIb3DQEBCwUAA4IBAQB5
FpNF9V472biND7+gz8TNRU5KDEoO7qkDVC/jgN+YgynDBJEXQSG1SLlMHSRLjFNr
bZ2QtKbowv5CQ+yLCX2ELpDsJuRZdmHHmr/OjGxBTVwYUeqs/e82T1QZC+H5Bplz
r9z98/XQkkuko35M5nH43XQFd4GuBDLmfA0YbrcHA5VKWcDvkSOmihv0Q5b+BcO+
2WmyzFMEdt++HlK9ChAH0dOqLeeY2C7OVlffyZGB3KHKnDpVNfsPQ87wPA3TJagd
CHZeQMsr2Z5iS/lFiTJayqp3sHInniUoA7DCSCnpAWTZ25uTyeOgeM7RvicU0+ZE
+uNhgmC/9oZG0ldH3Hwx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:31 2024 by rpki-client on console-ams.rpki-client.org