Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Nx9YspzW55Ah_Wl75L9DOav8y-w.roa
File: Nx9YspzW55Ah_Wl75L9DOav8y-w.roa (raw, json)
Hash identifier: F4g9P3CdcA10cTF6m98iBwOCASErGz2ZMWe+YTqj6Qg=
Subject key identifier: 37:1F:58:B2:9C:D6:E7:90:21:FD:69:7B:E4:BF:43:39:AB:FC:CB:EC
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018573039C8E0CF13AC85F1E76D115B9B01B
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Nx9YspzW55Ah_Wl75L9DOav8y-w.roa
Signing time: Mon 02 Jan 2023 15:04:54 +0000
ROA not before: Mon 02 Jan 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60241
IP address blocks: 198.52.44.0/22 maxlen: 24
198.52.46.0/23 maxlen: 23
185.120.128.0/22 maxlen: 22
185.34.60.0/22 maxlen: 22
2a04:5d00::/29 maxlen: 29
2a06:9a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9c:8e:0c:f1:3a:c8:5f:1e:76:d1:15:b9:b0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 2 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=371f58b29cd6e79021fd697be4bf4339abfccbec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4c:0b:4c:01:9b:87:f0:2e:6a:71:98:01:cf:
bb:f2:76:30:91:9b:af:ea:03:65:46:70:4e:48:9f:
cc:9d:79:71:3b:da:d9:0f:4d:c6:3f:c3:6a:81:ae:
7e:c2:5c:ef:98:93:3d:83:9c:98:a9:43:fb:8f:3f:
dc:ac:50:ce:ec:54:f1:79:38:f8:9b:87:4c:44:5f:
5b:44:49:a2:29:20:ef:64:5a:8c:7f:7b:fa:47:1c:
aa:47:39:7d:ac:cf:d8:f2:19:60:0f:b9:96:80:14:
4a:32:0a:c6:f4:a5:f1:4b:ca:84:d1:47:a9:15:09:
87:ff:7c:0e:3b:dc:ed:42:17:05:94:0b:7a:c6:ca:
bf:db:9b:e6:1c:89:ea:b9:5d:be:40:08:1f:2f:56:
22:0f:cc:50:ed:37:9a:82:a3:c2:26:f5:55:0f:ff:
c0:ac:0a:d7:bd:f6:3c:cf:b5:02:84:a7:20:13:fd:
75:7c:88:00:0a:97:95:ed:13:49:06:3a:46:62:1a:
cd:10:92:f2:3e:3c:d8:d8:9a:7e:63:52:69:b8:06:
aa:84:14:62:f1:11:d3:ba:33:ed:66:6b:dd:e4:09:
ee:ae:a9:ec:88:ad:9d:a8:3a:fd:6f:78:38:7f:e8:
c1:ab:a8:de:52:29:66:5c:59:b4:4d:42:64:fd:99:
67:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1F:58:B2:9C:D6:E7:90:21:FD:69:7B:E4:BF:43:39:AB:FC:CB:EC
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/Nx9YspzW55Ah_Wl75L9DOav8y-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.60.0/22
185.120.128.0/22
198.52.44.0/22
IPv6:
2a04:5d00::/29
2a06:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
18:b1:38:a2:63:20:d6:22:b6:b1:f7:9b:8c:3b:79:2f:18:9b:
5c:b5:ff:83:fc:a6:90:25:2b:dd:a2:7a:be:64:08:f5:39:bf:
1e:0f:80:e6:98:16:39:e3:70:a6:42:8f:1d:a6:8a:9e:e6:97:
1b:50:31:d2:c8:77:f8:48:4a:f3:02:d6:e2:16:2d:11:52:7c:
3a:ed:06:3a:a8:73:0e:72:98:de:98:ed:3a:c4:75:31:06:80:
5a:a0:92:f4:73:7e:16:54:8e:f6:12:df:96:8c:65:f2:86:dc:
86:c2:42:47:39:a2:c9:db:80:60:9c:98:24:aa:27:86:f0:0a:
f8:6e:03:63:45:c3:5e:92:a1:3a:75:06:df:f4:80:2c:fa:72:
59:da:40:69:4b:63:4c:a4:da:3e:00:b6:50:7d:17:b3:fd:a1:
a2:43:bd:33:c4:5a:7c:47:76:a2:47:f2:d4:d8:bf:1e:85:b7:
33:05:2d:d6:fd:cd:68:50:30:71:f0:17:69:2d:5c:58:a2:39:
2e:de:7a:11:d1:b6:d7:43:67:4d:90:e7:74:a3:60:7d:27:13:
4c:a5:c5:84:e6:f5:69:3e:28:09:51:3b:6d:54:f8:99:b5:12:
6d:4a:5d:a3:1d:ac:75:6c:7b:3a:52:10:f5:86:a9:43:54:54:
5b:f2:17:24
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVzA5yODPE6yF8edtEVubAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjMwMTAyMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFmNThiMjljZDZlNzkwMjFmZDY5N2JlNGJmNDMzOWFiZmNjYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEwLTAGbh/AuanGYAc+78nYwkZuv
6gNlRnBOSJ/MnXlxO9rZD03GP8Nqga5+wlzvmJM9g5yYqUP7jz/crFDO7FTxeTj4
m4dMRF9bREmiKSDvZFqMf3v6RxyqRzl9rM/Y8hlgD7mWgBRKMgrG9KXxS8qE0Uep
FQmH/3wOO9ztQhcFlAt6xsq/25vmHInquV2+QAgfL1YiD8xQ7TeagqPCJvVVD//A
rArXvfY8z7UChKcgE/11fIgACpeV7RNJBjpGYhrNEJLyPjzY2Jp+Y1JpuAaqhBRi
8RHTujPtZmvd5AnurqnsiK2dqDr9b3g4f+jBq6jeUilmXFm0TUJk/ZlnnQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDcfWLKc1ueQIf1pe+S/Qzmr/MvsMB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEvTng5WXNwelc1NUFoX1dsNzVMOURPYXY4eS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuSI8AwQC
uXiAAwQCxjQsMBQEAgACMA4DBQMqBF0AAwUDKgaagDANBgkqhkiG9w0BAQsFAAOC
AQEAGLE4omMg1iK2sfebjDt5LxibXLX/g/ymkCUr3aJ6vmQI9Tm/Hg+A5pgWOeNw
pkKPHaaKnuaXG1Ax0sh3+EhK8wLW4hYtEVJ8Ou0GOqhzDnKY3pjtOsR1MQaAWqCS
9HN+FlSO9hLfloxl8obchsJCRzmiyduAYJyYJKonhvAK+G4DY0XDXpKhOnUG3/SA
LPpyWdpAaUtjTKTaPgC2UH0Xs/2hokO9M8RafEd2okfy1Ni/HoW3MwUt1v3NaFAw
cfAXaS1cWKI5Lt56EdG210NnTZDndKNgfScTTKXFhOb1aT4oCVE7bVT4mbUSbUpd
ox2sdWx7OlIQ9YapQ1RUW/IXJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org