Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NS3GjjvGX9RwC7G7SW4rMU2Tifg.roa
File: NS3GjjvGX9RwC7G7SW4rMU2Tifg.roa (raw, json)
Hash identifier: 69LY65ORoxaVnI99goIJ7ew3qBoDDqN+60NywW9BHcs=
Subject key identifier: 35:2D:C6:8E:3B:C6:5F:D4:70:0B:B1:BB:49:6E:2B:31:4D:93:89:F8
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 018A1CF56A0F501B49C9A6661D8839B69A71
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NS3GjjvGX9RwC7G7SW4rMU2Tifg.roa
Signing time: Tue 22 Aug 2023 11:16:00 +0000
ROA not before: Tue 22 Aug 2023 11:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14907
IP address blocks: 185.71.138.0/24 maxlen: 24
185.15.56.0/24 maxlen: 24
185.15.57.0/24 maxlen: 24
185.15.58.0/24 maxlen: 24
185.15.59.0/24 maxlen: 24
2a02:ec80:300::/48 maxlen: 48
2a02:ec80:600::/48 maxlen: 48
2001:67c:930::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Sep 2023 08:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:f5:6a:0f:50:1b:49:c9:a6:66:1d:88:39:b6:9a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Aug 22 11:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=352dc68e3bc65fd4700bb1bb496e2b314d9389f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:41:f1:b1:94:07:6d:14:00:08:8a:b3:d2:ef:
62:65:7b:84:2a:b7:8a:72:f0:5f:fe:8f:d7:5c:6d:
9a:40:5b:2a:5f:af:f5:36:96:b3:87:36:f2:b4:99:
16:36:87:25:a7:8e:78:10:db:ec:4f:49:c3:a0:7f:
63:89:39:5c:84:0f:c2:10:58:af:b3:fa:49:01:ac:
49:5a:e7:28:79:b4:fa:bc:bb:6a:37:f7:c0:1a:bb:
90:fd:5b:fa:0b:03:72:6c:7e:f1:49:1e:fe:a3:32:
6e:d7:f0:98:d4:01:dc:b2:f0:d1:47:35:74:28:ff:
28:35:df:b3:90:a7:06:2e:07:1c:7f:18:95:0b:2d:
b9:b9:96:60:33:2c:6b:48:d8:d8:ba:c2:87:79:17:
bb:6e:9f:7d:81:4d:c2:28:a4:86:3a:31:8d:69:77:
ba:78:73:b9:3e:f1:a3:f3:f4:a6:c3:f5:5c:69:ef:
d2:0a:74:ed:d4:8a:65:2b:18:5b:7f:61:aa:fd:3b:
14:d7:32:ad:6b:53:28:6f:a8:86:fd:12:6c:d2:19:
67:95:b6:51:a9:1e:cc:fd:7a:e4:ae:74:19:38:9c:
a0:c9:59:2e:b3:7b:18:49:59:56:19:d1:37:4c:e2:
09:43:50:0c:cb:19:98:f1:02:ed:c6:e8:1e:5b:ab:
3e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2D:C6:8E:3B:C6:5F:D4:70:0B:B1:BB:49:6E:2B:31:4D:93:89:F8
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NS3GjjvGX9RwC7G7SW4rMU2Tifg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.56.0/22
185.71.138.0/24
IPv6:
2001:67c:930::/48
2a02:ec80:300::/48
2a02:ec80:600::/48
Signature Algorithm: sha256WithRSAEncryption
3d:08:e3:26:49:54:b4:bc:bf:e8:f9:d2:c4:3a:01:77:c7:7b:
91:15:3c:40:73:fe:1c:61:15:96:72:6e:8a:ce:1c:ea:15:6f:
25:99:69:7b:2c:19:db:14:72:81:ec:f3:c8:2a:9e:b3:1a:fc:
57:07:25:b3:c7:6c:d7:94:af:d9:53:18:54:7b:72:62:47:dc:
37:09:f2:fd:99:08:72:1a:43:05:53:eb:87:31:04:79:41:19:
f0:7b:11:61:7d:0d:c1:63:ce:5e:17:be:ae:ce:a5:73:d5:94:
15:34:50:7c:38:8e:65:f3:25:5a:71:37:64:58:e7:f0:97:53:
7f:3c:42:6a:09:97:12:2f:4d:6d:57:be:8b:a6:36:a5:e3:4f:
d3:8c:72:97:00:95:8b:97:7a:09:99:18:b4:d4:bc:af:3c:8b:
79:00:8c:14:d1:16:b7:04:ad:4c:0c:03:31:85:b0:ba:bb:5e:
8e:ab:56:9f:ab:9e:bb:57:f5:28:8f:e6:b2:e7:53:c8:03:b1:
58:21:e4:73:66:67:05:db:1c:59:00:03:77:81:06:d7:f9:24:
7d:d0:c0:c0:5c:8d:78:06:49:82:b1:17:aa:07:4f:fe:e9:ef:
4e:99:cb:60:de:ce:ff:aa:3d:a0:8d:c6:a4:c0:32:18:d3:fc:
ed:3b:42:c5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYoc9WoPUBtJyaZmHYg5tppxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjMwODIyMTExNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJkYzY4ZTNiYzY1ZmQ0NzAwYmIxYmI0OTZlMmIzMTRkOTM4OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0HxsZQHbRQACIqz0u9iZXuEKreK
cvBf/o/XXG2aQFsqX6/1NpazhzbytJkWNoclp454ENvsT0nDoH9jiTlchA/CEFiv
s/pJAaxJWucoebT6vLtqN/fAGruQ/Vv6CwNybH7xSR7+ozJu1/CY1AHcsvDRRzV0
KP8oNd+zkKcGLgccfxiVCy25uZZgMyxrSNjYusKHeRe7bp99gU3CKKSGOjGNaXe6
eHO5PvGj8/Smw/Vcae/SCnTt1IplKxhbf2Gq/TsU1zKta1Mob6iG/RJs0hlnlbZR
qR7M/XrkrnQZOJygyVkus3sYSVlWGdE3TOIJQ1AMyxmY8QLtxugeW6s+LwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDUtxo47xl/UcAuxu0luKzFNk4n4MB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvTlMzR2pqdkdYOVJ3QzdHN1NXNHJNVTJUaWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQCuQ84AwQA
uUeKMCEEAgACMBsDBwAgAQZ8CTADBwAqAuyAAwADBwAqAuyABgAwDQYJKoZIhvcN
AQELBQADggEBAD0I4yZJVLS8v+j50sQ6AXfHe5EVPEBz/hxhFZZyborOHOoVbyWZ
aXssGdsUcoHs88gqnrMa/FcHJbPHbNeUr9lTGFR7cmJH3DcJ8v2ZCHIaQwVT64cx
BHlBGfB7EWF9DcFjzl4Xvq7OpXPVlBU0UHw4jmXzJVpxN2RY5/CXU388QmoJlxIv
TW1XvoumNqXjT9OMcpcAlYuXegmZGLTUvK88i3kAjBTRFrcErUwMAzGFsLq7Xo6r
Vp+rnrtX9SiP5rLnU8gDsVgh5HNmZwXbHFkAA3eBBtf5JH3QwMBcjXgGSYKxF6oH
T/7p706Zy2Dezv+qPaCNxqTAMhjT/O07QsU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:38 2024 by rpki-client on console-fra.rpki-client.org