Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/NFhsEVKfOz-_-ux-0bP_OAUrB7k.roa
File: NFhsEVKfOz-_-ux-0bP_OAUrB7k.roa (raw, json)
Hash identifier: 0xXujTBZWElX51bjmUJz02/2GVwF12WTUcT9/7rugJI=
Subject key identifier: 34:58:6C:11:52:9F:3B:3F:BF:FA:EC:7E:D1:B3:FF:38:05:2B:07:B9
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018571D7BEC132175A19A90A1262BABAADBF
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/NFhsEVKfOz-_-ux-0bP_OAUrB7k.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 86.57.0.0/17 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:be:c1:32:17:5a:19:a9:0a:12:62:ba:ba:ad:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34586c11529f3b3fbffaec7ed1b3ff38052b07b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0c:4d:e1:67:71:e8:ea:fe:cc:db:c6:a0:c7:
fe:85:2d:3b:03:33:9b:e3:4e:ac:a3:42:5a:5c:50:
ef:70:63:e8:ae:fb:52:31:42:d1:59:73:d6:6a:5d:
94:51:ef:d9:9d:14:6a:75:a4:e2:e9:8c:4b:b1:af:
58:11:79:38:e3:24:b6:33:c5:81:ae:1f:6e:c8:32:
d2:4e:f5:44:b6:85:12:0f:52:3c:c0:4f:ec:b1:02:
b7:5b:07:18:7e:85:db:39:9d:56:be:61:b3:93:f8:
16:2b:83:ca:04:51:ab:fc:f0:b8:1d:ab:c2:09:44:
1c:58:5e:eb:af:b4:9b:5a:e0:22:31:78:fd:23:9c:
27:25:3f:73:ca:8b:05:3b:35:a5:c1:83:a9:2c:cd:
06:23:8e:5c:e5:3e:df:a8:b5:75:5a:df:1e:14:29:
05:3c:d9:9c:c6:cf:e5:73:fb:cd:db:69:fd:34:6e:
e8:63:2c:56:a5:4b:c2:71:96:f9:03:de:70:36:48:
66:da:d9:46:e0:39:47:de:cb:16:bd:4e:f4:26:de:
71:ef:fc:17:8e:cb:06:8c:43:b7:c4:f3:02:b3:48:
7c:91:ef:5d:d7:47:a2:fa:35:08:d2:5b:ac:84:60:
e6:5c:8f:fa:43:6b:1f:1e:31:35:d8:ce:6d:d1:2e:
07:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:58:6C:11:52:9F:3B:3F:BF:FA:EC:7E:D1:B3:FF:38:05:2B:07:B9
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/NFhsEVKfOz-_-ux-0bP_OAUrB7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.57.0.0/17
Signature Algorithm: sha256WithRSAEncryption
24:e9:f5:51:51:ed:de:bb:48:5f:16:35:d1:92:27:ee:cb:c9:
0c:12:48:11:e4:fe:3c:a9:25:b5:85:81:f6:10:64:aa:28:4a:
f2:3e:dd:26:ee:b7:d5:f6:a8:f3:67:fc:32:ef:13:9d:19:f6:
db:ad:34:68:78:01:55:7a:f2:52:82:ea:17:2c:81:52:b1:41:
66:7b:30:db:3c:46:ee:35:0c:21:a8:e1:14:cc:86:c7:38:f9:
9d:0a:36:d4:89:40:01:87:60:e3:c8:33:d2:07:24:40:9e:e2:
5a:9d:96:9d:c9:da:2c:b8:1c:b7:95:05:c8:72:ab:1f:fc:c8:
48:fb:49:78:b5:d3:d9:b7:2f:e7:a4:c0:ef:1f:ef:40:3f:b3:
6e:04:7f:28:c9:7c:34:34:15:71:e4:f9:da:de:7f:62:3f:4d:
8e:8a:f9:8b:5d:b7:28:75:61:fb:86:f8:e6:d5:33:91:e0:a9:
ed:a1:65:13:b8:af:dc:3c:63:29:7b:3a:f2:a0:eb:50:1d:ad:
01:b7:46:3c:cb:98:bc:85:26:81:aa:44:ed:f1:9f:b2:7a:dd:
37:07:ff:6b:5f:54:f4:cf:b4:57:68:7a:79:54:94:6a:43:c9:
56:d5:d3:a8:5d:fa:be:3e:a0:40:ec:40:75:3e:25:6b:6a:a3:
2d:16:2a:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx177BMhdaGakKEmK6uq2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU4NmMxMTUyOWYzYjNmYmZmYWVjN2VkMWIzZmYzODA1MmIwN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQxN4Wdx6Or+zNvGoMf+hS07AzOb
406so0JaXFDvcGPorvtSMULRWXPWal2UUe/ZnRRqdaTi6YxLsa9YEXk44yS2M8WB
rh9uyDLSTvVEtoUSD1I8wE/ssQK3WwcYfoXbOZ1WvmGzk/gWK4PKBFGr/PC4HavC
CUQcWF7rr7SbWuAiMXj9I5wnJT9zyosFOzWlwYOpLM0GI45c5T7fqLV1Wt8eFCkF
PNmcxs/lc/vN22n9NG7oYyxWpUvCcZb5A95wNkhm2tlG4DlH3ssWvU70Jt5x7/wX
jssGjEO3xPMCs0h8ke9d10ei+jUI0lushGDmXI/6Q2sfHjE12M5t0S4HiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRYbBFSnzs/v/rsftGz/zgFKwe5MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvTkZoc0VWS2ZPei1fLXV4LTBiUF9PQVVyQjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHVjkAMA0G
CSqGSIb3DQEBCwUAA4IBAQAk6fVRUe3eu0hfFjXRkifuy8kMEkgR5P48qSW1hYH2
EGSqKEryPt0m7rfV9qjzZ/wy7xOdGfbbrTRoeAFVevJSguoXLIFSsUFmezDbPEbu
NQwhqOEUzIbHOPmdCjbUiUABh2DjyDPSByRAnuJanZadydosuBy3lQXIcqsf/MhI
+0l4tdPZty/npMDvH+9AP7NuBH8oyXw0NBVx5Pna3n9iP02OivmLXbcodWH7hvjm
1TOR4KntoWUTuK/cPGMpezryoOtQHa0Bt0Y8y5i8hSaBqkTt8Z+yet03B/9rX1T0
z7RXaHp5VJRqQ8lW1dOoXfq+PqBA7EB1PiVraqMtFiq0
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:03 2024 by rpki-client on console-ams.rpki-client.org