Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NdpCkhDCKPzMyQxL6EmYc4ekMNo.roa
File: NdpCkhDCKPzMyQxL6EmYc4ekMNo.roa (raw, json)
Hash identifier: bEbgx1xyUcHrFNJBHFXXw/bC4zdjz5Z+88rurrrSsNI=
Subject key identifier: 35:DA:42:92:10:C2:28:FC:CC:C9:0C:4B:E8:49:98:73:87:A4:30:DA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CEE1B8C93973878EE86BECDCB1D5AD4A9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NdpCkhDCKPzMyQxL6EmYc4ekMNo.roa
Signing time: Tue 09 Jan 2024 12:03:52 +0000
ROA not before: Tue 09 Jan 2024 12:03:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.115.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 08:37:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:1b:8c:93:97:38:78:ee:86:be:cd:cb:1d:5a:d4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 9 12:03:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35da429210c228fcccc90c4be849987387a430da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:5f:81:81:f0:b1:ad:aa:e4:c3:53:15:f1:
3e:e4:65:85:97:c8:5e:c9:6d:d3:08:57:2d:85:39:
7d:2b:ba:18:98:49:71:91:ff:b9:38:a7:fc:c3:22:
2d:61:b0:be:e6:a1:4c:21:a6:43:80:01:5d:83:34:
a1:b1:5d:80:8a:2b:51:a0:41:5b:37:30:db:ff:80:
48:ee:69:9b:45:98:cb:46:b7:7d:bb:87:a7:92:51:
09:7b:fb:e5:f6:dc:78:d4:03:07:3d:dd:d5:31:95:
20:9f:9d:b7:9e:61:f7:92:1e:8f:ff:d1:47:fa:b8:
89:5c:70:e6:9c:60:62:26:72:42:3f:d0:c3:e5:08:
37:4c:c4:0a:57:ed:7a:1d:0b:b7:99:b0:ac:4c:99:
06:17:20:29:13:99:09:80:b5:0f:ae:46:b0:e0:3f:
2b:63:cc:c5:56:64:00:26:98:16:7c:9d:19:87:85:
ab:ba:4b:93:3e:00:7d:7e:23:61:6a:f2:34:06:1e:
aa:d5:bf:af:22:64:2d:c2:d1:14:e3:92:a4:1e:8e:
17:aa:fc:da:6a:92:78:c5:8a:7a:6d:e3:4f:ae:ce:
86:8e:52:88:40:c1:90:d8:19:7a:7f:c3:e9:20:ae:
91:a1:21:bd:b0:80:dd:39:f2:1e:e4:d4:3c:e6:f3:
d1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DA:42:92:10:C2:28:FC:CC:C9:0C:4B:E8:49:98:73:87:A4:30:DA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NdpCkhDCKPzMyQxL6EmYc4ekMNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.83.0/24
193.8.112.0/23
193.8.115.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:84:84:7c:05:bb:e3:7e:ee:f2:21:c4:0a:e4:11:4a:21:b5:
07:4a:bc:10:6d:b6:5c:85:80:b3:c9:d3:4c:ea:e5:7c:91:28:
ad:44:c2:5e:cf:92:7a:53:d4:25:06:dd:ee:39:8f:34:97:55:
16:87:57:90:e1:9d:44:e9:2f:dc:f5:69:6d:cd:db:21:a8:3e:
c3:18:6b:8d:3a:6f:64:2d:f1:3d:91:11:38:2a:59:9c:e1:90:
cc:d1:db:3d:cd:2f:8a:e3:d0:fb:30:0c:a1:b0:65:e6:24:93:
26:94:54:c6:71:cb:56:a6:c9:8d:dc:2a:39:d7:4a:8d:f4:3e:
a0:01:ed:a0:2d:2e:2d:87:51:8f:d7:86:50:74:88:7c:69:ce:
1e:3a:1b:8e:c7:59:c2:f9:48:09:92:71:60:b7:a4:18:64:02:
7b:d0:ae:e8:3f:be:7b:f5:7b:eb:6f:2f:3f:8a:be:9b:d7:60:
d5:4c:34:64:a6:38:f0:af:c8:67:b5:31:ca:79:0d:dd:c8:4e:
7e:72:a7:bb:b7:6c:17:05:67:d8:a9:bc:e3:43:27:f8:e6:3c:
ea:62:9b:ef:7c:f2:ac:96:65:31:c8:8b:b3:e0:ad:1c:40:2b:
93:8c:ab:17:db:e2:90:f7:bd:ba:69:36:06:74:f9:0e:e3:0b:
5b:7d:8c:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzuG4yTlzh47oa+zcsdWtSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA5MTIwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRhNDI5MjEwYzIyOGZjY2NjOTBjNGJlODQ5OTg3Mzg3YTQzMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvNfgYHwsa2q5MNTFfE+5GWFl8he
yW3TCFcthTl9K7oYmElxkf+5OKf8wyItYbC+5qFMIaZDgAFdgzShsV2AiitRoEFb
NzDb/4BI7mmbRZjLRrd9u4enklEJe/vl9tx41AMHPd3VMZUgn523nmH3kh6P/9FH
+riJXHDmnGBiJnJCP9DD5Qg3TMQKV+16HQu3mbCsTJkGFyApE5kJgLUPrkaw4D8r
Y8zFVmQAJpgWfJ0Zh4WrukuTPgB9fiNhavI0Bh6q1b+vImQtwtEU45KkHo4Xqvza
apJ4xYp6beNPrs6GjlKIQMGQ2Bl6f8PpIK6RoSG9sIDdOfIe5NQ85vPRTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDXaQpIQwij8zMkMS+hJmHOHpDDaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTmRwQ2toRENLUHpNeVF4TDZFbVljNGVrTU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAud9TAwQB
wQhwAwQAwQhzMA0GCSqGSIb3DQEBCwUAA4IBAQCbhIR8Bbvjfu7yIcQK5BFKIbUH
SrwQbbZchYCzydNM6uV8kSitRMJez5J6U9QlBt3uOY80l1UWh1eQ4Z1E6S/c9Wlt
zdshqD7DGGuNOm9kLfE9kRE4Klmc4ZDM0ds9zS+K49D7MAyhsGXmJJMmlFTGcctW
psmN3Co510qN9D6gAe2gLS4th1GP14ZQdIh8ac4eOhuOx1nC+UgJknFgt6QYZAJ7
0K7oP7579Xvrby8/ir6b12DVTDRkpjjwr8hntTHKeQ3dyE5+cqe7t2wXBWfYqbzj
Qyf45jzqYpvvfPKslmUxyIuz4K0cQCuTjKsX2+KQ9726aTYGdPkO4wtbfYyG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org