Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NVwmT6mtlIaOMewODlr4tCzP_N0.roa
File: NVwmT6mtlIaOMewODlr4tCzP_N0.roa (raw, json)
Hash identifier: rGz2g2u36cfIdT5MdUt4/uE0YAskyrmA22rQph+1em4=
Subject key identifier: 35:5C:26:4F:A9:AD:94:86:8E:31:EC:0E:0E:5A:F8:B4:2C:CF:FC:DD
Certificate issuer: /CN=525b705a91dbc30ed10eb7222b7797b834e01863
Certificate serial: 01856E38B0BF9C88A558B5D09954E8A6ED05
Authority key identifier: 52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NVwmT6mtlIaOMewODlr4tCzP_N0.roa
Signing time: Sun 01 Jan 2023 16:44:46 +0000
ROA not before: Sun 01 Jan 2023 16:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204880
IP address blocks: 185.236.240.0/23 maxlen: 24
185.236.242.0/23 maxlen: 24
2a0d:eb00::/32 maxlen: 32
2a0d:eb01::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:b0:bf:9c:88:a5:58:b5:d0:99:54:e8:a6:ed:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525b705a91dbc30ed10eb7222b7797b834e01863
Validity
Not Before: Jan 1 16:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=355c264fa9ad94868e31ec0e0e5af8b42ccffcdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:6c:42:f1:32:7b:44:07:c1:03:c5:97:d5:
61:22:a4:24:5f:68:76:4f:66:28:58:3e:20:45:eb:
ce:5d:6f:7d:57:5d:1e:89:fd:d5:b5:63:8e:39:a0:
74:44:2a:52:db:ca:0d:04:5e:87:da:39:6a:59:1c:
84:01:5c:26:7a:d5:4c:cb:5f:ee:7f:2f:aa:7a:54:
fa:a5:ca:17:f0:b3:6a:2f:f6:9d:a3:cf:b4:66:21:
58:e4:de:b0:f3:c1:1a:17:ba:21:fa:33:3c:cc:d8:
6a:8b:08:f4:bb:8f:cb:4e:78:7a:f1:c0:b7:f1:65:
51:d1:b8:5c:ba:4f:3b:fe:da:0d:fb:d5:59:04:99:
57:14:9e:4d:45:16:b8:6b:73:e2:4a:9e:cb:f0:d9:
22:6a:89:0a:dc:0c:51:5b:60:e4:94:46:09:5d:10:
2e:69:74:08:47:af:77:dd:3d:c9:34:da:26:e0:71:
35:49:df:cd:45:23:51:7a:6c:5a:b5:49:be:f8:c6:
88:ec:7d:0c:bd:fc:ee:e1:d0:df:11:a5:4e:f3:6c:
57:ba:ee:7c:b8:9e:fc:58:a5:54:58:b1:ac:f1:ca:
e4:46:38:46:21:d6:3c:b7:71:a3:15:c5:89:cc:a3:
0a:92:1e:11:a5:d0:c0:45:8d:29:a4:65:c3:02:8e:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5C:26:4F:A9:AD:94:86:8E:31:EC:0E:0E:5A:F8:B4:2C:CF:FC:DD
X509v3 Authority Key Identifier:
keyid:52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/NVwmT6mtlIaOMewODlr4tCzP_N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.240.0/22
IPv6:
2a0d:eb00::-2a0d:eb01:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:fd:17:86:0d:14:ca:c0:ec:6d:6e:69:2d:fc:04:84:74:5c:
6c:34:3d:c2:86:e4:bd:98:3c:49:1b:02:9c:b0:28:c8:3b:90:
9b:2b:04:c2:80:53:60:66:2b:a4:ea:e2:88:d7:fa:c8:3f:2d:
00:15:c0:3a:c8:d4:2b:44:eb:ec:f2:43:33:69:9a:5d:ae:d5:
e5:35:df:86:01:f7:ec:bc:92:36:9a:e3:ae:6e:31:f2:e2:73:
1e:25:2e:25:94:bb:2d:7d:c3:e8:3d:17:55:27:83:1b:29:d5:
6c:4f:07:8b:f2:40:84:1e:74:db:fb:1a:c0:14:ca:4b:6b:94:
30:64:75:e9:f4:3e:ea:97:67:e0:29:e9:3c:62:2c:1b:d9:98:
64:28:90:6f:8c:44:4e:66:b6:b4:e9:a0:f8:38:1b:bc:f2:fd:
d3:dc:f0:7a:8b:b3:69:49:7d:39:de:f3:2d:ed:c6:5f:c3:e3:
8b:d9:f4:d9:5a:b5:6d:e7:2a:42:19:58:12:a4:0b:62:8c:d7:
33:b2:f2:f1:d3:20:11:a9:9a:c6:8d:be:a3:f5:f3:b2:7a:b3:
54:9d:9c:c5:09:70:1a:48:3c:cb:da:27:08:82:0e:02:99:98:
92:41:f0:38:96:6a:68:23:23:a8:33:9d:69:71:ca:d9:9b:50:
e1:77:b5:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuOLC/nIilWLXQmVTopu0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNWI3MDVhOTFkYmMzMGVkMTBlYjcyMjJiNzc5N2I4MzRl
MDE4NjMwHhcNMjMwMTAxMTY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTVjMjY0ZmE5YWQ5NDg2OGUzMWVjMGUwZTVhZjhiNDJjY2ZmY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7NsQvEye0QHwQPFl9VhIqQkX2h2
T2YoWD4gRevOXW99V10eif3VtWOOOaB0RCpS28oNBF6H2jlqWRyEAVwmetVMy1/u
fy+qelT6pcoX8LNqL/ado8+0ZiFY5N6w88EaF7oh+jM8zNhqiwj0u4/LTnh68cC3
8WVR0bhcuk87/toN+9VZBJlXFJ5NRRa4a3PiSp7L8NkiaokK3AxRW2DklEYJXRAu
aXQIR6933T3JNNom4HE1Sd/NRSNRemxatUm++MaI7H0Mvfzu4dDfEaVO82xXuu58
uJ78WKVUWLGs8crkRjhGIdY8t3GjFcWJzKMKkh4RpdDARY0ppGXDAo41AwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDVcJk+prZSGjjHsDg5a+LQsz/zdMB8GA1UdIwQY
MBaAFFJbcFqR28MO0Q63Iit3l7g04BhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQt
ZjQ2ODg3ZGY5ODYzLzEvTlZ3bVQ2bXRsSWFPTWV3T0RscjR0Q3pQX04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQtZjQ2ODg3ZGY5ODYz
LzEvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuezwMBYE
AgACMBAwDgMEACoN6wMGACoN6wEAMA0GCSqGSIb3DQEBCwUAA4IBAQBp/ReGDRTK
wOxtbmkt/ASEdFxsND3ChuS9mDxJGwKcsCjIO5CbKwTCgFNgZiuk6uKI1/rIPy0A
FcA6yNQrROvs8kMzaZpdrtXlNd+GAffsvJI2muOubjHy4nMeJS4llLstfcPoPRdV
J4MbKdVsTweL8kCEHnTb+xrAFMpLa5QwZHXp9D7ql2fgKek8Yiwb2ZhkKJBvjERO
Zra06aD4OBu88v3T3PB6i7NpSX053vMt7cZfw+OL2fTZWrVt5ypCGVgSpAtijNcz
svLx0yARqZrGjb6j9fOyerNUnZzFCXAaSDzL2icIgg4CmZiSQfA4lmpoIyOoM51p
ccrZm1Dhd7Wm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:54 2024 by rpki-client on console-ams.rpki-client.org