Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/_NgfhLtJfYxLALymK6OtQxQABEw.roa
File: _NgfhLtJfYxLALymK6OtQxQABEw.roa (raw, json)
Hash identifier: mDWP/RIklYCbaKiSzu7gflum4DBJBr1uvS8/wxYi06s=
Subject key identifier: FC:D8:1F:84:BB:49:7D:8C:4B:00:BC:A6:2B:A3:AD:43:14:00:04:4C
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018A21F1926D26826CD2AFCE2BFE378816F9
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/_NgfhLtJfYxLALymK6OtQxQABEw.roa
Signing time: Wed 23 Aug 2023 10:29:54 +0000
ROA not before: Wed 23 Aug 2023 10:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205020
IP address blocks: 85.31.94.0/23 maxlen: 23
80.251.0.0/20 maxlen: 20
85.31.64.0/19 maxlen: 19
85.31.75.0/24 maxlen: 24
5.11.28.0/22 maxlen: 22
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:f1:92:6d:26:82:6c:d2:af:ce:2b:fe:37:88:16:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 23 10:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcd81f84bb497d8c4b00bca62ba3ad431400044c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:f6:fd:90:1a:70:4a:e4:63:1b:95:e8:e1:
9c:c3:97:07:85:29:06:6c:5c:51:73:8e:15:a2:d6:
62:ec:ff:28:43:f9:04:f0:a1:9b:8d:bc:d9:49:51:
1b:d8:c5:59:69:52:01:03:40:96:95:7b:e0:0c:79:
9e:f0:af:5b:e1:e0:d7:5c:29:c5:60:8e:01:e8:5b:
66:79:81:f3:ab:8e:f4:8d:e4:4a:b7:89:89:e2:b5:
0e:40:3b:10:ca:4a:81:30:66:5f:99:9f:31:36:12:
cb:58:e5:a3:70:d6:f4:2a:14:37:1e:14:72:45:cc:
91:62:b2:23:92:71:bc:4c:44:6e:97:83:c0:01:52:
82:be:8f:99:cd:24:d3:a7:5b:97:e4:a2:3e:91:1b:
e8:bb:5d:0f:4c:2f:53:36:d4:41:1b:e0:56:a6:45:
14:ef:08:06:37:d4:56:72:a2:e7:7b:1f:a9:fc:57:
9a:6b:ed:22:78:16:2e:6d:14:c6:b2:2b:95:df:d4:
3c:68:8e:fb:dd:b5:40:58:0e:b6:93:33:68:84:cd:
5a:b0:68:32:20:2c:32:f8:a6:4c:bc:c5:9c:7e:e0:
ae:60:d3:86:ac:08:59:fd:ed:dc:9a:6c:9a:70:7d:
b2:77:01:04:3e:08:cb:af:17:ff:a2:42:aa:f1:4a:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D8:1F:84:BB:49:7D:8C:4B:00:BC:A6:2B:A3:AD:43:14:00:04:4C
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/_NgfhLtJfYxLALymK6OtQxQABEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.28.0/22
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:f6:1c:87:11:52:40:bc:cf:5f:be:c4:07:04:13:fb:72:d6:
f9:34:d0:6f:55:89:c9:a4:a9:20:29:a3:f1:da:f6:4e:8f:0a:
2b:33:b6:23:71:81:f6:ad:b6:2c:99:ce:a8:83:43:64:bd:fd:
96:6f:af:33:7e:c3:f6:08:2d:e6:6b:b4:8f:eb:95:01:0b:a9:
d2:48:d6:19:56:e7:91:22:d1:f0:7e:39:db:06:49:fd:9c:ce:
25:7c:40:43:e2:a5:0d:e2:04:74:60:d2:28:92:32:5f:4c:3a:
62:66:8e:9c:1e:77:2d:f3:61:ba:4e:24:b2:6e:55:fe:b3:5f:
a6:c2:1a:c9:26:37:af:dc:bc:64:f1:a9:89:58:21:3c:0d:72:
13:9e:c1:90:bf:9b:b9:48:46:61:69:ca:53:4e:da:eb:9e:18:
bf:b8:d9:b7:03:88:08:25:f3:e1:03:3e:13:30:9d:93:6d:cc:
5f:9c:50:32:0a:08:70:ab:f9:71:a1:12:e5:30:5e:01:c2:6d:
77:f5:b3:b3:70:4d:ee:28:29:8f:7b:bb:2b:16:df:a5:01:1e:
6b:4b:ee:1e:92:d4:f6:f5:fc:80:be:c9:a0:fd:88:9b:7d:0d:
01:f7:d3:1f:95:21:4a:86:a5:a6:d8:bb:e3:48:28:0d:9e:d3:
04:7b:80:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoh8ZJtJoJs0q/OK/43iBb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODIzMTAyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q4MWY4NGJiNDk3ZDhjNGIwMGJjYTYyYmEzYWQ0MzE0MDAwNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfr2/ZAacErkYxuV6OGcw5cHhSkG
bFxRc44VotZi7P8oQ/kE8KGbjbzZSVEb2MVZaVIBA0CWlXvgDHme8K9b4eDXXCnF
YI4B6FtmeYHzq470jeRKt4mJ4rUOQDsQykqBMGZfmZ8xNhLLWOWjcNb0KhQ3HhRy
RcyRYrIjknG8TERul4PAAVKCvo+ZzSTTp1uX5KI+kRvou10PTC9TNtRBG+BWpkUU
7wgGN9RWcqLnex+p/Feaa+0ieBYubRTGsiuV39Q8aI773bVAWA62kzNohM1asGgy
ICwy+KZMvMWcfuCuYNOGrAhZ/e3cmmyacH2ydwEEPgjLrxf/okKq8UqT/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPzYH4S7SX2MSwC8piujrUMUAARMMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvX05nZmhMdEpmWXhMQUx5bUs2T3RReFFBQkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBQscAwQE
UPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQB/9hyHEVJAvM9fvsQHBBP7ctb5
NNBvVYnJpKkgKaPx2vZOjworM7YjcYH2rbYsmc6og0Nkvf2Wb68zfsP2CC3ma7SP
65UBC6nSSNYZVueRItHwfjnbBkn9nM4lfEBD4qUN4gR0YNIokjJfTDpiZo6cHnct
82G6TiSyblX+s1+mwhrJJjev3Lxk8amJWCE8DXITnsGQv5u5SEZhacpTTtrrnhi/
uNm3A4gIJfPhAz4TMJ2TbcxfnFAyCghwq/lxoRLlMF4Bwm139bOzcE3uKCmPe7sr
Ft+lAR5rS+4ektT29fyAvsmg/YibfQ0B99MflSFKhqWm2LvjSCgNntMEe4Cx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org