Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/NDOPkZ_CzDGxK4qacmM1Ju_ZUe8.roa
File: NDOPkZ_CzDGxK4qacmM1Ju_ZUe8.roa (raw, json)
Hash identifier: vImddDboRGQg5NKu6yKPPsEfFgMMkslrV/QT1cUiNN0=
Subject key identifier: 34:33:8F:91:9F:C2:CC:31:B1:2B:8A:9A:72:63:35:26:EF:D9:51:EF
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 018C1735F64F6F37F9C4ABF203997B581AA4
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/NDOPkZ_CzDGxK4qacmM1Ju_ZUe8.roa
Signing time: Tue 28 Nov 2023 18:34:21 +0000
ROA not before: Tue 28 Nov 2023 18:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52320
IP address blocks: 146.19.227.0/24 maxlen: 24
185.149.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 15:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:35:f6:4f:6f:37:f9:c4:ab:f2:03:99:7b:58:1a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Nov 28 18:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34338f919fc2cc31b12b8a9a72633526efd951ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:43:ba:69:7c:c4:ce:55:d4:0d:8f:57:d6:
74:9c:17:6a:3f:e8:1f:68:de:89:6d:25:43:b6:55:
fe:e6:44:be:2c:22:51:5a:3c:2e:18:9b:97:e5:fd:
7d:d0:27:b8:c1:c3:84:a4:f7:0a:16:7a:a4:5d:0e:
f3:dd:52:af:3c:37:ba:bd:3d:8c:1f:fc:91:a1:31:
1c:18:59:a4:0d:b8:9c:a1:45:e4:24:0b:45:ba:99:
03:eb:6e:d6:d1:62:35:44:75:7a:5c:dc:35:55:06:
6a:c0:3c:8d:18:09:d1:46:52:27:de:41:4d:dc:b0:
ee:e7:fa:f0:c9:d7:97:69:44:52:77:72:ff:82:b1:
2e:13:fd:c8:cd:fa:eb:d0:88:bb:e1:17:1b:b5:08:
62:a4:ba:9d:ef:c3:4b:1b:22:8b:56:4a:9b:c0:48:
49:8f:c8:f0:27:a6:0f:5e:6b:e3:2a:ce:8a:af:6c:
b4:ea:93:8b:9e:81:30:08:86:c2:ca:fb:e5:7a:bc:
4d:96:4d:f6:e4:94:7e:c1:43:dd:7d:6e:78:65:63:
df:07:70:2d:fd:d5:ab:2c:3f:cd:cc:a3:8d:0c:b0:
ba:45:cd:f8:43:88:b2:c5:a6:dc:ad:61:35:67:cc:
74:66:34:de:ca:55:e6:0d:97:63:0c:be:9b:1b:24:
8a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:33:8F:91:9F:C2:CC:31:B1:2B:8A:9A:72:63:35:26:EF:D9:51:EF
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/NDOPkZ_CzDGxK4qacmM1Ju_ZUe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.227.0/24
185.149.151.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:1c:99:4a:b7:7f:32:42:23:6e:d5:8e:2a:8e:1c:c0:8c:c0:
d7:29:65:e2:0a:ca:f0:45:b8:f3:db:1d:e8:c2:77:e9:d0:3a:
e7:ab:cd:7a:a8:c7:9a:45:fb:d3:34:6f:d1:09:86:76:d3:88:
b0:7f:13:77:14:eb:e3:1f:2e:4a:ca:46:71:24:b7:85:23:69:
c3:97:55:0b:8f:11:58:91:80:b2:77:49:7f:12:b8:65:fb:4c:
8d:ca:e6:f4:02:e4:80:ae:2f:45:4b:f4:e1:b2:c9:fa:cd:de:
49:db:46:9b:94:1b:02:db:5a:76:c4:e3:94:f3:73:f0:9d:a6:
24:86:77:ab:29:bb:fa:8b:5e:ca:76:13:85:21:1f:84:5c:14:
06:00:3f:09:05:5d:d3:ba:50:71:36:73:f0:d7:af:b8:e3:d9:
07:0e:5a:0e:c7:f5:29:80:b8:0b:16:8e:8b:a9:01:33:38:34:
02:8c:06:e6:32:9b:1a:ca:77:c8:01:1c:85:cb:29:93:4f:25:
30:b0:b0:14:10:84:72:87:05:79:79:35:e6:b0:ff:5b:5a:f3:
ed:2f:c2:f4:5b:46:0d:a6:79:61:e7:3a:8a:39:37:6a:3b:d1:
5e:7f:13:c7:99:17:ef:60:6f:cc:a6:db:16:3a:ec:a3:03:74:
e1:5b:36:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwXNfZPbzf5xKvyA5l7WBqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjMxMTI4MTgzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDMzOGY5MTlmYzJjYzMxYjEyYjhhOWE3MjYzMzUyNmVmZDk1MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBFDuml8xM5V1A2PV9Z0nBdqP+gf
aN6JbSVDtlX+5kS+LCJRWjwuGJuX5f190Ce4wcOEpPcKFnqkXQ7z3VKvPDe6vT2M
H/yRoTEcGFmkDbicoUXkJAtFupkD627W0WI1RHV6XNw1VQZqwDyNGAnRRlIn3kFN
3LDu5/rwydeXaURSd3L/grEuE/3Izfrr0Ii74RcbtQhipLqd78NLGyKLVkqbwEhJ
j8jwJ6YPXmvjKs6Kr2y06pOLnoEwCIbCyvvlerxNlk325JR+wUPdfW54ZWPfB3At
/dWrLD/NzKONDLC6Rc34Q4iyxabcrWE1Z8x0ZjTeylXmDZdjDL6bGySKhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQzj5GfwswxsSuKmnJjNSbv2VHvMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvTkRPUGtaX0N6REd4SzRxYWNtTTFKdV9aVWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhPjAwQA
uZWXMA0GCSqGSIb3DQEBCwUAA4IBAQCqHJlKt38yQiNu1Y4qjhzAjMDXKWXiCsrw
Rbjz2x3ownfp0Drnq816qMeaRfvTNG/RCYZ204iwfxN3FOvjHy5KykZxJLeFI2nD
l1ULjxFYkYCyd0l/Erhl+0yNyub0AuSAri9FS/Thssn6zd5J20ablBsC21p2xOOU
83PwnaYkhnerKbv6i17KdhOFIR+EXBQGAD8JBV3TulBxNnPw16+449kHDloOx/Up
gLgLFo6LqQEzODQCjAbmMpsaynfIARyFyymTTyUwsLAUEIRyhwV5eTXmsP9bWvPt
L8L0W0YNpnlh5zqKOTdqO9FefxPHmRfvYG/MptsWOuyjA3ThWzYH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org