Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nNHE4lbaA2syWIFkMFx_IZJHgn8.roa
File: nNHE4lbaA2syWIFkMFx_IZJHgn8.roa (raw, json)
Hash identifier: jXSkQdk7P7OJITfTmR9RMFDIFEbiZ03fpMj6BylefBQ=
Subject key identifier: 9C:D1:C4:E2:56:DA:03:6B:32:58:81:64:30:5C:7F:21:92:47:82:7F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B637723D47D7E3EC974CE02AD60337
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nNHE4lbaA2syWIFkMFx_IZJHgn8.roa
Signing time: Mon 02 Jan 2023 09:00:45 +0000
ROA not before: Mon 02 Jan 2023 09:00:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.226.105.0/24 maxlen: 24
185.194.28.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 08:41:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:37:72:3d:47:d7:e3:ec:97:4c:e0:2a:d6:03:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd1c4e256da036b32588164305c7f219247827f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b6:2f:e1:72:27:1f:3f:66:a3:a4:ae:5d:da:
33:bd:dd:e8:a1:03:bc:5d:d8:8d:ab:b8:85:29:82:
1a:bc:5a:c2:4a:83:c8:81:41:85:ac:b4:a5:ee:4b:
dd:4a:f5:e5:60:53:60:d4:89:56:68:61:88:ae:a7:
cc:49:00:28:6f:a0:15:09:34:f4:22:95:41:53:a1:
15:15:65:2d:68:82:cf:5e:f4:2a:e2:56:d4:eb:f4:
59:ef:c1:28:a5:b9:e4:92:50:f5:b9:0c:7b:bb:b9:
be:5c:16:81:3f:1c:a6:6b:65:03:1a:ad:91:95:a5:
9f:b1:96:ea:fa:6d:eb:bc:e5:5e:b0:c4:54:77:b4:
1d:ab:18:16:87:14:8b:d1:25:9d:16:79:04:e2:bd:
a7:85:3f:f5:34:6d:8b:96:70:39:1f:61:f0:67:e1:
b0:5a:16:ad:f8:61:f6:24:85:89:4f:33:12:cb:3d:
e5:48:de:da:25:e8:ae:53:38:57:93:21:65:2a:06:
07:ee:71:58:f6:ec:23:cf:8c:c8:08:f9:6e:39:34:
60:4f:d1:1e:a9:9c:51:bf:d8:44:b3:b7:fb:2a:81:
6c:94:e1:73:07:5c:69:7f:48:29:53:b8:17:82:4d:
ed:8c:31:f0:dc:48:7f:6c:52:23:e3:d2:e6:fa:66:
e3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D1:C4:E2:56:DA:03:6B:32:58:81:64:30:5C:7F:21:92:47:82:7F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nNHE4lbaA2syWIFkMFx_IZJHgn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.28.0/24
185.225.3.0/24
185.226.105.0/24
Signature Algorithm: sha256WithRSAEncryption
14:5d:85:fd:47:ad:02:96:9f:4a:b7:84:a0:f0:d3:3d:0e:8c:
c0:58:e5:56:59:33:05:ab:b0:0e:03:3f:ae:52:ac:20:d7:61:
f2:4f:61:4a:5e:84:f8:90:94:5f:a0:c0:75:cd:b9:ce:c7:9e:
f3:08:55:83:ba:84:ac:13:0f:dd:38:3b:0e:7b:86:eb:65:0f:
f1:ea:7f:3a:65:c6:51:a2:99:63:bd:81:46:5e:e8:7e:1e:a8:
7b:ff:f5:6a:ad:45:38:65:f2:b0:f0:f2:39:0f:f6:7e:ac:62:
b6:6e:34:a2:4e:9c:62:5d:70:6b:db:52:e0:53:45:40:31:2b:
3d:cc:8b:a5:f6:4c:90:c8:e1:88:bb:ed:d2:8e:fc:bf:c8:e3:
db:de:e3:0f:95:6e:36:68:c8:28:88:c5:f6:a2:ef:c7:17:1f:
11:b1:a3:7b:c4:1f:b1:57:7b:94:d6:99:b0:bb:e4:e8:41:f1:
e1:f5:c3:e9:e6:4f:ef:ee:d3:e4:e1:95:79:11:02:ad:fb:26:
69:56:08:e8:73:16:09:c2:ec:1d:f7:6e:e7:64:d2:4c:58:a0:
67:5f:ca:a7:fc:4f:ee:71:dc:b2:72:56:22:fd:53:23:de:d4:
7d:9d:7e:f6:24:c6:3c:d3:a5:43:de:db:2a:81:74:0d:22:5b:
dc:f2:7e:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxtjdyPUfX4+yXTOAq1gM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QxYzRlMjU2ZGEwMzZiMzI1ODgxNjQzMDVjN2YyMTkyNDc4MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrYv4XInHz9mo6SuXdozvd3ooQO8
XdiNq7iFKYIavFrCSoPIgUGFrLSl7kvdSvXlYFNg1IlWaGGIrqfMSQAob6AVCTT0
IpVBU6EVFWUtaILPXvQq4lbU6/RZ78EopbnkklD1uQx7u7m+XBaBPxyma2UDGq2R
laWfsZbq+m3rvOVesMRUd7QdqxgWhxSL0SWdFnkE4r2nhT/1NG2LlnA5H2HwZ+Gw
What+GH2JIWJTzMSyz3lSN7aJeiuUzhXkyFlKgYH7nFY9uwjz4zICPluOTRgT9Ee
qZxRv9hEs7f7KoFslOFzB1xpf0gpU7gXgk3tjDHw3Eh/bFIj49Lm+mbjXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJzRxOJW2gNrMliBZDBcfyGSR4J/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbk5IRTRsYmFBMnN5V0lGa01GeF9JWkpIZ244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucIcAwQA
ueEDAwQAueJpMA0GCSqGSIb3DQEBCwUAA4IBAQAUXYX9R60Clp9Kt4Sg8NM9DozA
WOVWWTMFq7AOAz+uUqwg12HyT2FKXoT4kJRfoMB1zbnOx57zCFWDuoSsEw/dODsO
e4brZQ/x6n86ZcZRopljvYFGXuh+Hqh7//VqrUU4ZfKw8PI5D/Z+rGK2bjSiTpxi
XXBr21LgU0VAMSs9zIul9kyQyOGIu+3Sjvy/yOPb3uMPlW42aMgoiMX2ou/HFx8R
saN7xB+xV3uU1pmwu+ToQfHh9cPp5k/v7tPk4ZV5EQKt+yZpVgjocxYJwuwd927n
ZNJMWKBnX8qn/E/ucdyyclYi/VMj3tR9nX72JMY806VD3tsqgXQNIlvc8n75
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org