Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/f9f4a9-a0cd-4107-aa41-d52a18985999/1/nyKo_Qv73nLjiceWD3mZcsyM138.roa
File: nyKo_Qv73nLjiceWD3mZcsyM138.roa (raw, json)
Hash identifier: E0IWWICmLJbN5PjVQdHhkqX+9VNxaqydS2T8WB95QlU=
Subject key identifier: 9F:22:A8:FD:0B:FB:DE:72:E3:89:C7:96:0F:79:99:72:CC:8C:D7:7F
Certificate issuer: /CN=632e3d037bf0507571b2a068cb90308374ce53ed
Certificate serial: 0188B06F97F5891BBDDBF60585C1CC995177
Authority key identifier: 63:2E:3D:03:7B:F0:50:75:71:B2:A0:68:CB:90:30:83:74:CE:53:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yy49A3vwUHVxsqBoy5Awg3TOU-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/f9f4a9-a0cd-4107-aa41-d52a18985999/1/nyKo_Qv73nLjiceWD3mZcsyM138.roa
Signing time: Mon 12 Jun 2023 16:28:03 +0000
ROA not before: Mon 12 Jun 2023 16:28:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3949
IP address blocks: 171.22.145.0/24 maxlen: 24
185.243.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:6f:97:f5:89:1b:bd:db:f6:05:85:c1:cc:99:51:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632e3d037bf0507571b2a068cb90308374ce53ed
Validity
Not Before: Jun 12 16:28:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f22a8fd0bfbde72e389c7960f799972cc8cd77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0b:7c:4e:9b:ea:e1:48:0c:69:03:8d:4a:ef:
45:8a:0a:78:20:53:12:c7:f4:2c:db:8e:c0:6e:c4:
8d:9f:83:c1:d7:23:52:95:79:02:30:de:85:ed:dc:
5b:1d:e3:77:64:4d:55:97:c4:7f:ca:0a:30:9f:0d:
79:d7:57:bf:20:de:7b:fe:0c:66:20:22:f2:42:df:
25:7c:37:a0:8e:cb:1c:be:3d:11:13:50:25:3b:43:
5d:bd:33:40:66:86:89:f7:00:4e:f7:1a:cc:1f:46:
ab:54:4f:d1:e2:0d:ec:ee:79:b7:8e:a3:22:9c:f3:
43:f7:a8:5d:1c:8b:89:2e:2f:28:78:aa:e0:8b:cd:
d9:fd:01:53:f3:0b:9d:55:d5:4d:4d:e7:89:6e:59:
8f:c2:9e:5f:9a:04:47:54:0e:62:d6:99:32:29:7f:
8c:a8:f1:86:a0:7e:4f:bc:63:c4:42:4f:3c:e7:c0:
03:14:03:10:d4:2d:5f:4e:20:35:8a:a1:83:7d:34:
18:b4:c2:e4:ad:a1:93:61:e8:35:87:90:e7:d9:25:
12:07:5b:0c:0b:a9:8f:14:2e:12:09:d9:86:5c:9e:
8f:87:c5:e5:44:a1:f0:cf:40:ff:2d:f4:a5:55:4b:
5f:43:87:37:82:af:96:8d:bc:99:f2:cf:d9:ea:1e:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:22:A8:FD:0B:FB:DE:72:E3:89:C7:96:0F:79:99:72:CC:8C:D7:7F
X509v3 Authority Key Identifier:
keyid:63:2E:3D:03:7B:F0:50:75:71:B2:A0:68:CB:90:30:83:74:CE:53:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yy49A3vwUHVxsqBoy5Awg3TOU-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/f9f4a9-a0cd-4107-aa41-d52a18985999/1/nyKo_Qv73nLjiceWD3mZcsyM138.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/f9f4a9-a0cd-4107-aa41-d52a18985999/1/Yy49A3vwUHVxsqBoy5Awg3TOU-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.145.0/24
185.243.129.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d6:67:3a:59:c6:ce:b7:8d:1f:00:47:f0:e5:b2:7e:35:d2:
f3:dd:02:c5:1f:95:42:09:db:1d:f3:c7:a5:8b:a2:38:e8:c9:
01:86:2b:c0:e6:29:5e:ff:d5:f9:24:5f:72:7e:b5:83:0d:dd:
57:84:74:ed:7b:c6:8c:50:6b:58:83:dd:70:c8:71:bc:29:91:
23:c7:21:ea:96:d3:f5:af:bc:1d:2a:f8:80:7d:97:e4:e5:d9:
d8:b4:1c:3c:1a:43:7a:6b:12:8b:d2:19:cf:0e:08:1b:a1:da:
83:a8:74:a8:4d:7b:17:92:54:53:40:61:51:a6:7e:fa:26:dc:
bf:2c:49:6a:3b:31:4a:96:0e:f4:68:f3:e1:9b:0b:ec:ff:32:
33:ef:30:86:34:a6:1c:69:86:03:1b:0b:af:dd:7b:fd:73:82:
a2:d1:43:09:fb:31:ce:ca:38:a7:5d:2a:9a:ff:81:28:bd:ee:
b3:ed:b2:87:75:63:43:0c:ca:0a:b6:9e:63:cb:31:03:92:d8:
0b:ac:2e:a6:a8:b8:b2:d4:c8:63:6d:4b:16:41:1b:3a:13:33:
17:a3:5e:22:5b:75:80:36:f8:6c:59:53:94:35:7b:a1:92:5c:
24:66:1c:05:e2:27:98:13:c9:12:06:4c:6b:be:7d:d5:d1:97:
48:88:0b:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiwb5f1iRu92/YFhcHMmVF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmUzZDAzN2JmMDUwNzU3MWIyYTA2OGNiOTAzMDgzNzRj
ZTUzZWQwHhcNMjMwNjEyMTYyODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjIyYThmZDBiZmJkZTcyZTM4OWM3OTYwZjc5OTk3MmNjOGNkNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwt8Tpvq4UgMaQONSu9Figp4IFMS
x/Qs247AbsSNn4PB1yNSlXkCMN6F7dxbHeN3ZE1Vl8R/ygownw1511e/IN57/gxm
ICLyQt8lfDegjsscvj0RE1AlO0NdvTNAZoaJ9wBO9xrMH0arVE/R4g3s7nm3jqMi
nPND96hdHIuJLi8oeKrgi83Z/QFT8wudVdVNTeeJblmPwp5fmgRHVA5i1pkyKX+M
qPGGoH5PvGPEQk8858ADFAMQ1C1fTiA1iqGDfTQYtMLkraGTYeg1h5Dn2SUSB1sM
C6mPFC4SCdmGXJ6Ph8XlRKHwz0D/LfSlVUtfQ4c3gq+WjbyZ8s/Z6h7JvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ8iqP0L+95y44nHlg95mXLMjNd/MB8GA1UdIwQY
MBaAFGMuPQN78FB1cbKgaMuQMIN0zlPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXk0OUEzdndVSFZ4c3FCb3k1QXdnM1RPVS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9mOWY0YTktYTBjZC00MTA3LWFhNDEt
ZDUyYTE4OTg1OTk5LzEvbnlLb19RdjczbkxqaWNlV0QzbVpjc3lNMTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9mOWY0YTktYTBjZC00MTA3LWFhNDEtZDUyYTE4OTg1OTk5
LzEvWXk0OUEzdndVSFZ4c3FCb3k1QXdnM1RPVS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxaRAwQA
ufOBMA0GCSqGSIb3DQEBCwUAA4IBAQBW1mc6WcbOt40fAEfw5bJ+NdLz3QLFH5VC
Cdsd88eli6I46MkBhivA5ile/9X5JF9yfrWDDd1XhHTte8aMUGtYg91wyHG8KZEj
xyHqltP1r7wdKviAfZfk5dnYtBw8GkN6axKL0hnPDggbodqDqHSoTXsXklRTQGFR
pn76Jty/LElqOzFKlg70aPPhmwvs/zIz7zCGNKYcaYYDGwuv3Xv9c4Ki0UMJ+zHO
yjinXSqa/4Eove6z7bKHdWNDDMoKtp5jyzEDktgLrC6mqLiy1MhjbUsWQRs6EzMX
o14iW3WANvhsWVOUNXuhklwkZhwF4ieYE8kSBkxrvn3V0ZdIiAvF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:24 2024 by rpki-client on console-fra.rpki-client.org