Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/N9VBsaISkaED_zSqjav32Hq0qC8.roa
File: N9VBsaISkaED_zSqjav32Hq0qC8.roa (raw, json)
Hash identifier: lNO5k8tYgSesCSmwvPHa9Tn3Xc9rMlrLIh7LsNMlrS4=
Subject key identifier: 37:D5:41:B1:A2:12:91:A1:03:FF:34:AA:8D:AB:F7:D8:7A:B4:A8:2F
Certificate issuer: /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial: 018B1E534615A41365132C69B69967B856A8
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/N9VBsaISkaED_zSqjav32Hq0qC8.roa
Signing time: Wed 11 Oct 2023 10:40:55 +0000
ROA not before: Wed 11 Oct 2023 10:40:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56443
IP address blocks: 185.69.120.0/22 maxlen: 22
185.127.176.0/22 maxlen: 22
185.129.208.0/22 maxlen: 22
185.199.196.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:53:46:15:a4:13:65:13:2c:69:b6:99:67:b8:56:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Validity
Not Before: Oct 11 10:40:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37d541b1a21291a103ff34aa8dabf7d87ab4a82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:76:19:24:65:ef:1f:8b:6a:d0:02:ae:16:3d:
a6:0d:b5:24:ff:4c:1d:2b:04:76:6b:98:3a:be:ad:
b6:a2:50:14:7b:33:21:43:bd:22:c3:e7:44:8b:cc:
7b:98:a5:13:a2:bb:b2:73:ef:fd:c8:69:18:e2:cd:
50:a8:64:29:1d:3d:5e:4a:af:29:3e:89:23:8f:46:
34:c3:cc:1c:a1:30:d8:b6:42:df:86:cd:cc:5b:22:
94:4e:43:71:fd:5c:17:4c:0e:c3:ea:ce:a6:19:24:
e5:d2:14:5b:ad:c4:c3:83:30:29:dc:ea:a9:52:97:
ec:3c:ec:aa:a9:51:82:f0:15:f5:cf:17:37:70:f0:
4b:2e:30:1b:f8:63:72:d1:94:b5:41:ac:1c:a6:21:
b3:27:b5:19:e9:a4:2f:d6:d9:84:f5:4a:95:51:f5:
f0:71:00:a0:91:18:81:16:17:15:d9:c4:4d:be:c5:
3b:d9:ef:d6:d3:5b:6f:37:a2:ce:64:ed:c8:e2:4e:
81:88:e8:ed:10:07:7c:c9:1d:8c:27:c5:c6:2c:4f:
54:9a:59:a6:0c:04:27:4b:41:0f:eb:3f:95:a0:14:
4a:23:39:53:fe:9a:ec:68:9c:cf:45:aa:6b:06:42:
02:b9:a1:37:55:bc:a1:1a:ce:ea:59:a2:8d:6f:26:
64:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D5:41:B1:A2:12:91:A1:03:FF:34:AA:8D:AB:F7:D8:7A:B4:A8:2F
X509v3 Authority Key Identifier:
keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/N9VBsaISkaED_zSqjav32Hq0qC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.120.0/22
185.127.176.0/22
185.129.208.0/22
185.199.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:69:42:c5:88:f9:00:a0:fb:61:9a:16:00:99:ed:56:01:50:
1c:25:fa:92:f2:95:6a:ce:14:e7:6f:0f:78:a8:f9:2e:b9:c2:
9a:c4:15:dd:44:db:df:16:80:81:34:27:da:80:09:70:79:dd:
fb:83:8b:bd:a8:a5:d7:6b:a1:d3:1e:66:fb:06:12:05:b6:b3:
94:08:d3:09:65:f7:0c:31:da:9a:36:28:30:7d:d0:55:19:80:
51:9b:93:a0:22:31:19:77:2d:48:ca:20:85:52:23:4f:00:56:
56:96:e8:5a:55:1f:7e:22:ca:91:25:5b:28:07:28:41:ba:ad:
8e:df:88:a1:57:93:83:e1:60:38:62:82:37:f6:61:66:19:db:
c1:9a:a6:86:38:79:35:26:fd:38:94:07:37:06:df:65:a7:f3:
f5:42:45:9c:9f:a6:c0:35:2a:b6:b4:54:c1:21:a2:c6:3e:60:
6e:bf:31:47:37:d2:2c:92:b9:4e:44:d7:3b:35:4f:71:02:67:
10:67:9e:9f:cd:55:1d:ef:d1:92:04:36:91:f7:18:cd:0d:ed:
6e:74:f3:dc:39:fb:7f:1e:ef:60:40:b3:0b:a6:57:f2:a3:23:
82:27:9b:df:db:9c:0d:0d:98:b8:4e:58:41:c5:12:6b:db:c4:
b0:15:97:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYseU0YVpBNlEyxptplnuFaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw
YTFhNjYwHhcNMjMxMDExMTA0MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q1NDFiMWEyMTI5MWExMDNmZjM0YWE4ZGFiZjdkODdhYjRhODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHYZJGXvH4tq0AKuFj2mDbUk/0wd
KwR2a5g6vq22olAUezMhQ70iw+dEi8x7mKUToruyc+/9yGkY4s1QqGQpHT1eSq8p
Pokjj0Y0w8wcoTDYtkLfhs3MWyKUTkNx/VwXTA7D6s6mGSTl0hRbrcTDgzAp3Oqp
UpfsPOyqqVGC8BX1zxc3cPBLLjAb+GNy0ZS1QawcpiGzJ7UZ6aQv1tmE9UqVUfXw
cQCgkRiBFhcV2cRNvsU72e/W01tvN6LOZO3I4k6BiOjtEAd8yR2MJ8XGLE9Umlmm
DAQnS0EP6z+VoBRKIzlT/prsaJzPRaprBkICuaE3VbyhGs7qWaKNbyZkAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDfVQbGiEpGhA/80qo2r99h6tKgvMB8GA1UdIwQY
MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct
ZGU5YjJmOGY3ZTI5LzEvTjlWQnNhSVNrYUVEX3pTcWphdjMySHEwcUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5
LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuUV4AwQC
uX+wAwQCuYHQAwQCucfEMA0GCSqGSIb3DQEBCwUAA4IBAQCaaULFiPkAoPthmhYA
me1WAVAcJfqS8pVqzhTnbw94qPkuucKaxBXdRNvfFoCBNCfagAlwed37g4u9qKXX
a6HTHmb7BhIFtrOUCNMJZfcMMdqaNigwfdBVGYBRm5OgIjEZdy1IyiCFUiNPAFZW
luhaVR9+IsqRJVsoByhBuq2O34ihV5OD4WA4YoI39mFmGdvBmqaGOHk1Jv04lAc3
Bt9lp/P1QkWcn6bANSq2tFTBIaLGPmBuvzFHN9IskrlORNc7NU9xAmcQZ56fzVUd
79GSBDaR9xjNDe1udPPcOft/Hu9gQLMLplfyoyOCJ5vf25wNDZi4TlhBxRJr28Sw
FZc3
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:48 2024 by rpki-client on console-fra.rpki-client.org