Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/2NzJ3EmOGK3L5-MKpB6QIVONxx0.roa
File: 2NzJ3EmOGK3L5-MKpB6QIVONxx0.roa (raw, json)
Hash identifier: z+re6VkvGfk3ttsfbOkn9xgZmAnnhg95dVI9zOec42M=
Subject key identifier: D8:DC:C9:DC:49:8E:18:AD:CB:E7:E3:0A:A4:1E:90:21:53:8D:C7:1D
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 018B4D79E4D6D87935E509A787E4DE3C20D8
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/2NzJ3EmOGK3L5-MKpB6QIVONxx0.roa
Signing time: Fri 20 Oct 2023 14:25:15 +0000
ROA not before: Fri 20 Oct 2023 14:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207503
IP address blocks: 85.199.112.0/22 maxlen: 22
82.193.248.0/24 maxlen: 24
82.193.254.0/24 maxlen: 24
156.67.144.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:79:e4:d6:d8:79:35:e5:09:a7:87:e4:de:3c:20:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Oct 20 14:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8dcc9dc498e18adcbe7e30aa41e9021538dc71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d2:5f:c7:37:04:3c:94:bc:af:35:a5:83:b8:
69:ea:d1:c1:ff:f0:31:fd:51:3e:9c:6c:79:7a:66:
e7:49:ea:4a:29:42:c3:9e:97:40:da:65:3c:c1:30:
24:14:42:bf:fd:47:33:8d:bb:e2:10:66:67:f9:9a:
be:a2:a1:0e:61:5b:6a:d3:a1:d6:38:d5:b6:75:39:
30:7b:ad:21:0b:d5:73:1b:f3:cc:56:30:00:fa:a6:
7b:2f:ab:50:a7:d2:d3:7d:8d:9e:29:93:d2:dc:f6:
1d:5a:07:42:57:14:d1:e2:3b:04:23:67:4a:10:2a:
fe:c5:8e:44:4f:fa:be:7d:85:fb:60:88:73:74:5c:
fc:b0:4c:61:ad:30:3b:d9:33:68:60:78:68:0d:a4:
59:b3:21:b6:2f:9a:bc:2c:7c:11:33:47:ac:e9:16:
24:84:2e:ba:44:05:87:81:4c:b3:9f:e2:cf:f2:66:
2d:a8:2f:28:b1:35:cf:62:6c:97:a4:b3:51:65:16:
76:5c:bc:2e:8e:e0:b4:74:4c:74:91:ec:6b:87:3e:
36:5b:bf:03:0f:1d:a5:6d:9c:6a:91:8c:13:f1:48:
51:b7:6c:be:94:63:fe:08:34:18:8e:48:a1:22:2d:
22:55:f3:b4:b8:5a:ac:ef:54:83:37:62:fb:4d:f3:
7e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DC:C9:DC:49:8E:18:AD:CB:E7:E3:0A:A4:1E:90:21:53:8D:C7:1D
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/2NzJ3EmOGK3L5-MKpB6QIVONxx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.248.0/24
82.193.254.0/24
85.199.112.0/22
156.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:d8:b9:a0:62:bc:ec:7e:28:27:d6:fb:3d:4e:2d:65:87:34:
bb:e4:aa:d1:37:40:a5:87:cc:0b:8e:45:b4:66:fd:0e:e5:e2:
19:e3:b3:25:75:00:89:94:0e:21:af:67:2e:63:fc:bd:b5:50:
da:cf:4c:f0:33:e4:ea:84:6c:8e:67:60:a2:7a:b8:05:e9:6c:
46:fe:90:33:75:f4:8f:58:71:1e:6b:0d:56:f9:46:08:64:8b:
42:eb:79:c8:c3:46:c9:15:ce:c7:d2:24:c5:63:49:a1:97:42:
c9:e4:2b:f1:3f:15:31:b5:25:57:15:7b:82:83:bb:32:59:c9:
8d:a7:a6:37:1a:49:23:90:a5:00:20:e7:d7:3a:3c:1c:f7:94:
e0:41:36:32:3e:f6:84:05:04:1b:82:59:eb:15:e7:4c:c9:88:
e6:66:2c:4c:ae:96:7d:91:4b:b7:6e:47:52:ac:13:92:90:97:
ba:97:e3:e5:91:47:7a:70:43:51:f6:3a:9a:1c:f0:8d:30:e5:
c8:84:9a:2d:fe:56:5c:8c:62:2f:0a:54:27:e0:20:4b:98:57:
4a:ae:fd:4e:fe:93:cc:13:1a:7a:6b:66:04:a6:ab:a4:94:d1:
c3:f2:4d:26:89:3c:6b:58:d9:8f:8e:be:81:23:3d:81:99:56:
2f:85:0c:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtNeeTW2Hk15Qmnh+TePCDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjMxMDIwMTQyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRjYzlkYzQ5OGUxOGFkY2JlN2UzMGFhNDFlOTAyMTUzOGRjNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9JfxzcEPJS8rzWlg7hp6tHB//Ax
/VE+nGx5embnSepKKULDnpdA2mU8wTAkFEK//UczjbviEGZn+Zq+oqEOYVtq06HW
ONW2dTkwe60hC9VzG/PMVjAA+qZ7L6tQp9LTfY2eKZPS3PYdWgdCVxTR4jsEI2dK
ECr+xY5ET/q+fYX7YIhzdFz8sExhrTA72TNoYHhoDaRZsyG2L5q8LHwRM0es6RYk
hC66RAWHgUyzn+LP8mYtqC8osTXPYmyXpLNRZRZ2XLwujuC0dEx0kexrhz42W78D
Dx2lbZxqkYwT8UhRt2y+lGP+CDQYjkihIi0iVfO0uFqs71SDN2L7TfN+SQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNjcydxJjhity+fjCqQekCFTjccdMB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEvMk56SjNFbU9HSzNMNS1NS3BCNlFJVk9OeHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTctZDY4YzU3ZGI0Y2Fl
LzEvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUsH4AwQA
UsH+AwQCVcdwAwQEnEOQMA0GCSqGSIb3DQEBCwUAA4IBAQCk2LmgYrzsfign1vs9
Ti1lhzS75KrRN0Clh8wLjkW0Zv0O5eIZ47MldQCJlA4hr2cuY/y9tVDaz0zwM+Tq
hGyOZ2CiergF6WxG/pAzdfSPWHEeaw1W+UYIZItC63nIw0bJFc7H0iTFY0mhl0LJ
5CvxPxUxtSVXFXuCg7syWcmNp6Y3GkkjkKUAIOfXOjwc95TgQTYyPvaEBQQbglnr
FedMyYjmZixMrpZ9kUu3bkdSrBOSkJe6l+PlkUd6cENR9jqaHPCNMOXIhJot/lZc
jGIvClQn4CBLmFdKrv1O/pPMExp6a2YEpquklNHD8k0miTxrWNmPjr6BIz2BmVYv
hQwG
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:15 2024 by rpki-client on console-fra.rpki-client.org