Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/NDIczUICS24S9hRnnuIryNo_7cE.roa
File: NDIczUICS24S9hRnnuIryNo_7cE.roa (raw, json)
Hash identifier: 3dSKi6TwZ22RFHcg/ogfKaiJ3dNWI1K8gh3JAsMadiw=
Subject key identifier: 34:32:1C:CD:42:02:4B:6E:12:F6:14:67:9E:E2:2B:C8:DA:3F:ED:C1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ADB43406FC440D035C5448CC9197B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/NDIczUICS24S9hRnnuIryNo_7cE.roa
Signing time: Mon 02 Jan 2023 17:15:09 +0000
ROA not before: Mon 02 Jan 2023 17:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209632
IP address blocks: 139.28.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:db:43:40:6f:c4:40:d0:35:c5:44:8c:c9:19:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34321ccd42024b6e12f614679ee22bc8da3fedc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:bf:86:f6:2e:11:79:c0:33:e1:24:6f:c9:
d0:c7:03:75:04:56:b2:a3:e3:26:2e:99:52:ba:34:
31:c8:c2:31:ca:0e:57:ba:1e:c8:ca:50:54:bb:35:
e1:61:4a:1c:92:55:76:0f:fd:76:54:1f:e6:91:5f:
ed:a1:cc:6f:f0:6b:3a:57:52:16:f3:92:1b:55:26:
2d:e0:3f:81:98:f5:5b:2c:ba:12:0f:fb:32:f7:b4:
95:ec:21:88:8a:6a:a9:49:36:6b:fa:7d:3a:65:48:
25:a1:e7:fe:0b:18:a7:42:49:bc:fb:fb:d6:b8:e2:
26:d9:2b:f9:cb:59:60:7e:d5:e0:9c:af:0e:f5:37:
6d:8d:e0:45:d5:a8:f5:51:3f:a0:93:30:9a:67:15:
60:ac:76:42:c5:6b:b9:32:87:1c:80:e4:d7:db:55:
a8:54:91:2c:fe:d4:e4:0f:3c:92:2b:15:1f:34:8f:
e0:98:a8:7a:5c:fe:ad:b6:30:a9:41:6f:ad:ba:83:
87:e0:01:3f:cd:2f:4b:49:4b:41:ad:80:17:70:62:
4d:45:08:25:86:bc:59:5b:aa:15:ae:8b:31:04:03:
2c:d5:ea:a2:4b:5d:81:fd:b9:71:3c:a7:11:7a:f7:
e7:62:43:03:92:62:23:64:44:c1:6d:71:46:e6:94:
38:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:32:1C:CD:42:02:4B:6E:12:F6:14:67:9E:E2:2B:C8:DA:3F:ED:C1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/NDIczUICS24S9hRnnuIryNo_7cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:c7:99:a3:75:00:13:a6:f3:27:a2:6c:8d:48:f9:3c:17:0d:
5d:a3:62:0b:03:44:de:01:ec:8c:f0:6b:3f:ab:2d:36:8f:a8:
a0:f4:26:44:51:7e:c2:ac:87:84:24:23:40:64:e3:34:98:36:
1a:2f:66:f2:2a:4e:79:87:ce:52:71:2e:d8:69:9f:29:cb:07:
ed:52:9e:6c:2b:86:0d:c0:b1:7b:f8:ec:f0:bc:e0:6e:ed:ca:
e1:4a:ff:d5:2d:19:aa:e2:74:82:81:cc:96:2a:4d:08:21:56:
ff:d6:61:24:62:fd:4f:b0:3d:e9:bf:a2:9e:85:54:40:4b:cb:
9d:72:8a:f4:32:f4:45:14:ee:ce:56:05:bb:ea:8f:4b:bc:ba:
75:51:55:f4:ae:13:7a:ae:a5:09:8e:f0:9b:f0:29:19:32:45:
7e:6e:c7:c4:c5:27:99:7c:37:74:1d:24:98:24:10:f3:31:72:
07:a7:55:9a:08:43:d7:62:08:9c:bb:2e:49:11:9b:03:65:55:
e2:ca:6b:27:a3:f8:0e:5a:52:2e:85:b1:f3:40:b4:45:fb:a7:
ca:47:a0:a5:b6:fb:36:76:d0:ab:c7:7b:25:ac:3a:c5:e6:9e:
8f:82:3b:7c:41:45:da:12:d9:dd:9b:e2:53:e7:f8:d3:04:e7:
49:da:f0:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzettDQG/EQNA1xUSMyRl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDMyMWNjZDQyMDI0YjZlMTJmNjE0Njc5ZWUyMmJjOGRhM2ZlZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfi/hvYuEXnAM+Ekb8nQxwN1BFay
o+MmLplSujQxyMIxyg5Xuh7IylBUuzXhYUocklV2D/12VB/mkV/tocxv8Gs6V1IW
85IbVSYt4D+BmPVbLLoSD/sy97SV7CGIimqpSTZr+n06ZUgloef+CxinQkm8+/vW
uOIm2Sv5y1lgftXgnK8O9TdtjeBF1aj1UT+gkzCaZxVgrHZCxWu5MoccgOTX21Wo
VJEs/tTkDzySKxUfNI/gmKh6XP6ttjCpQW+tuoOH4AE/zS9LSUtBrYAXcGJNRQgl
hrxZW6oVrosxBAMs1eqiS12B/blxPKcRevfnYkMDkmIjZETBbXFG5pQ4HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQyHM1CAktuEvYUZ57iK8jaP+3BMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTkRJY3pVSUNTMjRTOWhSbm51SXJ5Tm9fN2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixy8MA0G
CSqGSIb3DQEBCwUAA4IBAQC4x5mjdQATpvMnomyNSPk8Fw1do2ILA0TeAeyM8Gs/
qy02j6ig9CZEUX7CrIeEJCNAZOM0mDYaL2byKk55h85ScS7YaZ8pywftUp5sK4YN
wLF7+OzwvOBu7crhSv/VLRmq4nSCgcyWKk0IIVb/1mEkYv1PsD3pv6KehVRAS8ud
cor0MvRFFO7OVgW76o9LvLp1UVX0rhN6rqUJjvCb8CkZMkV+bsfExSeZfDd0HSSY
JBDzMXIHp1WaCEPXYgicuy5JEZsDZVXiymsno/gOWlIuhbHzQLRF+6fKR6Cltvs2
dtCrx3slrDrF5p6Pgjt8QUXaEtndm+JT5/jTBOdJ2vBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org