Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NodrCr-4VUdWyeDhbAqPw0EXeYw.roa
File: NodrCr-4VUdWyeDhbAqPw0EXeYw.roa (raw, json)
Hash identifier: UsE2IUZVpxajxgGXEEcplSlArb7iUNhbSqi79HhZjGc=
Subject key identifier: 36:87:6B:0A:BF:B8:55:47:56:C9:E0:E1:6C:0A:8F:C3:41:17:79:8C
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0190FD16BFB6632940D796DD4CA914794EA8
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NodrCr-4VUdWyeDhbAqPw0EXeYw.roa
Signing time: Mon 29 Jul 2024 06:04:04 +0000
ROA not before: Mon 29 Jul 2024 06:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 213.145.68.0/24 maxlen: 24
213.145.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 20:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:16:bf:b6:63:29:40:d7:96:dd:4c:a9:14:79:4e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 29 06:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36876b0abfb8554756c9e0e16c0a8fc34117798c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:2f:2b:69:88:4b:72:50:5c:c4:f0:da:83:
36:54:e5:af:5b:d7:e5:4d:49:fb:78:12:53:88:17:
26:cc:9d:f6:76:36:7b:25:d2:c3:ef:26:b1:01:19:
b7:71:f6:42:12:8c:e4:b2:22:33:5f:15:36:c0:00:
ba:12:b6:90:1f:a4:bd:5e:d6:e0:14:11:25:72:15:
08:7e:06:67:25:6d:4a:44:85:f7:1c:21:b1:99:d7:
0f:05:08:3f:f3:84:73:1b:a4:cb:16:ff:31:08:bf:
ef:1d:0b:ff:e4:33:58:84:84:70:4a:e6:14:3e:79:
61:35:18:a7:58:47:40:3e:99:03:20:10:94:2a:e5:
74:be:78:db:a7:ea:47:44:96:5d:7e:ac:2d:14:1f:
f7:f5:ac:cd:08:f7:cf:e2:5b:56:23:c7:84:6f:58:
29:e9:99:15:c4:54:23:64:9b:e4:af:3d:3e:ce:a8:
bb:b1:d5:c2:ef:0d:24:25:9c:6b:f5:c3:fb:d3:17:
ac:6c:51:1e:b7:44:c7:77:c4:e6:b5:62:d0:5e:5f:
28:e6:f5:2d:71:f6:17:2d:d9:8c:68:4d:ad:25:85:
f8:8c:ae:20:76:85:d5:48:76:aa:d6:00:d2:b1:97:
3a:ad:f9:00:67:f7:d0:7b:20:6e:45:56:71:f4:0e:
3c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:87:6B:0A:BF:B8:55:47:56:C9:E0:E1:6C:0A:8F:C3:41:17:79:8C
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NodrCr-4VUdWyeDhbAqPw0EXeYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.68.0/24
213.145.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:92:96:c1:40:29:0f:dc:ea:a9:03:db:f2:5f:51:c4:a9:c2:
78:31:f1:80:84:e3:be:f3:7d:2d:c6:42:5a:de:55:3e:99:cf:
11:6f:5f:7f:60:45:93:2d:5a:e7:58:e8:89:2b:c1:37:2d:db:
84:81:63:d3:fb:8e:b2:e2:2d:65:10:94:a1:28:e8:1c:d1:54:
44:23:80:ef:ae:90:ac:92:f8:1e:15:b1:eb:f8:b4:dd:ca:0f:
37:24:7d:c2:e0:b2:6c:be:db:7b:67:fe:0c:e1:55:dd:99:c6:
4d:ea:cc:ff:0e:c2:d4:35:8e:5e:96:22:fc:a4:78:d5:b7:81:
43:4c:54:7f:bc:2a:08:4d:f6:44:e3:e4:9f:67:17:ea:92:d9:
8d:8d:b6:38:76:1e:c7:65:53:6a:17:06:67:c2:7d:3e:c5:8b:
56:d1:ac:53:d2:1a:2d:7e:73:ff:d7:22:43:94:cc:7d:d4:5c:
1f:65:d6:cf:9b:d9:94:58:46:ec:ed:38:b9:09:59:0a:33:e4:
d9:a7:2d:8e:5b:69:26:23:7b:25:00:4e:ca:5d:d2:86:5a:11:
f9:d8:5d:e0:94:d8:97:18:1b:41:eb:a7:31:e3:fc:cc:3c:a2:
cf:3a:72:ef:e3:5b:73:32:2a:16:77:18:0c:f8:99:05:65:ae:
fa:a7:57:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZD9Fr+2YylA15bdTKkUeU6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwNzI5MDYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg3NmIwYWJmYjg1NTQ3NTZjOWUwZTE2YzBhOGZjMzQxMTc3OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhcvK2mIS3JQXMTw2oM2VOWvW9fl
TUn7eBJTiBcmzJ32djZ7JdLD7yaxARm3cfZCEozksiIzXxU2wAC6EraQH6S9Xtbg
FBElchUIfgZnJW1KRIX3HCGxmdcPBQg/84RzG6TLFv8xCL/vHQv/5DNYhIRwSuYU
PnlhNRinWEdAPpkDIBCUKuV0vnjbp+pHRJZdfqwtFB/39azNCPfP4ltWI8eEb1gp
6ZkVxFQjZJvkrz0+zqi7sdXC7w0kJZxr9cP70xesbFEet0THd8TmtWLQXl8o5vUt
cfYXLdmMaE2tJYX4jK4gdoXVSHaq1gDSsZc6rfkAZ/fQeyBuRVZx9A48gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDaHawq/uFVHVsng4WwKj8NBF3mMMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvTm9kckNyLTRWVWRXeWVEaGJBcVB3MEVYZVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1ZFEAwQA
1ZFWMA0GCSqGSIb3DQEBCwUAA4IBAQAvkpbBQCkP3OqpA9vyX1HEqcJ4MfGAhOO+
830txkJa3lU+mc8Rb19/YEWTLVrnWOiJK8E3LduEgWPT+46y4i1lEJShKOgc0VRE
I4DvrpCskvgeFbHr+LTdyg83JH3C4LJsvtt7Z/4M4VXdmcZN6sz/DsLUNY5eliL8
pHjVt4FDTFR/vCoITfZE4+SfZxfqktmNjbY4dh7HZVNqFwZnwn0+xYtW0axT0hot
fnP/1yJDlMx91FwfZdbPm9mUWEbs7Ti5CVkKM+TZpy2OW2kmI3slAE7KXdKGWhH5
2F3glNiXGBtB66cx4/zMPKLPOnLv41tzMioWdxgM+JkFZa76p1c4
-----END CERTIFICATE-----
Generated at Mon Aug 5 21:20:10 2024 by rpki-client on console-fra.rpki-client.org