Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/NehAi5yOqNR5lfxTQOremQp7cM8.roa
File: NehAi5yOqNR5lfxTQOremQp7cM8.roa (raw, json)
Hash identifier: Y2QzhRIp/8XkYPu66fSK1r29kRMeZUjA5lqa/ucXqjU=
Subject key identifier: 35:E8:40:8B:9C:8E:A8:D4:79:95:FC:53:40:EA:DE:99:0A:7B:70:CF
Certificate issuer: /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial: 01857170A655C1718B66002984E56F8D9533
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/NehAi5yOqNR5lfxTQOremQp7cM8.roa
Signing time: Mon 02 Jan 2023 07:44:45 +0000
ROA not before: Mon 02 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.49.132.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:a6:55:c1:71:8b:66:00:29:84:e5:6f:8d:95:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af935603e52e831537716d458b360192f99a3689
Validity
Not Before: Jan 2 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35e8408b9c8ea8d47995fc5340eade990a7b70cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:67:00:a1:36:44:3f:74:3e:96:f4:a2:6d:
19:b6:98:38:79:55:35:52:71:80:7f:2f:04:1c:dd:
d1:d1:87:7d:1d:44:b8:22:55:3d:0d:9a:e1:b1:a5:
90:c4:18:ba:7b:72:d3:30:03:41:3a:f9:c7:91:a2:
01:a7:08:be:ca:22:a2:63:89:3d:68:c2:6e:ea:4f:
0d:45:92:73:dc:ef:3d:90:fc:42:6c:03:ac:dc:39:
78:0b:6b:1f:a5:72:2d:d2:74:a9:5c:17:79:f4:44:
b3:f2:7d:3f:6a:74:9a:ce:18:c1:a8:e8:62:31:27:
ae:d2:c1:e4:3f:55:44:a2:2a:0b:03:26:67:f5:fe:
7e:bf:bc:61:dc:68:14:45:7e:9e:f9:d9:fc:02:0f:
de:8c:2b:ab:e3:5a:42:de:ea:02:a7:08:21:c9:76:
31:bd:f0:cf:09:41:26:95:77:c3:85:b9:57:bb:be:
ae:6c:a4:cc:2d:9b:72:f3:eb:a5:6d:54:8b:4c:03:
fd:9d:4a:cf:8e:c8:07:75:ff:d6:dc:21:72:82:1f:
51:9e:58:ca:00:8e:81:6d:8a:4e:24:ed:c8:88:17:
37:40:71:11:ff:49:65:0b:e7:8d:cc:e0:5b:5f:f7:
5d:9a:c4:a3:6e:8c:eb:0b:3e:0f:9f:8d:ac:7f:b7:
1b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E8:40:8B:9C:8E:A8:D4:79:95:FC:53:40:EA:DE:99:0A:7B:70:CF
X509v3 Authority Key Identifier:
keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/NehAi5yOqNR5lfxTQOremQp7cM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.132.0/23
Signature Algorithm: sha256WithRSAEncryption
39:59:5f:7c:1e:ad:56:2a:21:8f:de:ee:26:c6:b0:ec:49:39:
20:ac:30:b9:dc:53:ab:5f:49:e7:54:af:f7:28:50:c9:65:24:
a6:a6:68:05:57:4f:5e:a7:d3:c2:3e:ac:49:cb:94:a9:e1:d3:
73:ed:cd:83:42:77:a2:a1:73:17:35:59:c2:cb:34:cd:9c:e9:
9a:ff:59:85:6c:e6:18:2d:f0:f3:7a:08:dc:b6:06:c3:66:5d:
7b:3c:a8:a8:59:ee:26:3e:5b:a3:8b:a3:10:b8:bb:72:86:7c:
55:dd:39:e7:62:63:15:ec:0d:a9:0b:b1:45:67:c3:6b:a1:24:
71:fd:c0:04:08:62:e5:3c:61:58:98:0c:88:16:d1:8e:59:24:
8c:6c:46:1b:24:80:21:86:cb:fd:7c:c1:46:a5:ab:48:eb:6a:
f3:27:7e:d7:71:ad:a5:05:5d:77:cb:9a:2f:7f:73:d6:19:e1:
83:1f:93:9c:11:a8:75:e9:8c:b5:70:eb:bb:1a:b4:48:d1:48:
8b:84:2d:82:57:5e:74:8c:20:d4:ef:e8:3e:2e:fb:75:62:4a:
3e:01:4b:60:67:0b:eb:8f:a8:86:e5:61:1a:14:01:a0:bb:83:
2a:71:31:7c:65:5c:f1:1a:90:57:a4:a6:31:a9:66:85:78:1d:
15:7d:38:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKZVwXGLZgAphOVvjZUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjMwMTAyMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU4NDA4YjljOGVhOGQ0Nzk5NWZjNTM0MGVhZGU5OTBhN2I3MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusNnAKE2RD90Ppb0om0Ztpg4eVU1
UnGAfy8EHN3R0Yd9HUS4IlU9DZrhsaWQxBi6e3LTMANBOvnHkaIBpwi+yiKiY4k9
aMJu6k8NRZJz3O89kPxCbAOs3Dl4C2sfpXIt0nSpXBd59ESz8n0/anSazhjBqOhi
MSeu0sHkP1VEoioLAyZn9f5+v7xh3GgURX6e+dn8Ag/ejCur41pC3uoCpwghyXYx
vfDPCUEmlXfDhblXu76ubKTMLZty8+ulbVSLTAP9nUrPjsgHdf/W3CFygh9RnljK
AI6BbYpOJO3IiBc3QHER/0llC+eNzOBbX/ddmsSjbozrCz4Pn42sf7cbQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXoQIucjqjUeZX8U0Dq3pkKe3DPMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvTmVoQWk1eU9xTlI1bGZ4VFFPcmVtUXA3Y004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQA5WV98Hq1WKiGP3u4mxrDsSTkgrDC53FOrX0nnVK/3
KFDJZSSmpmgFV09ep9PCPqxJy5Sp4dNz7c2DQneioXMXNVnCyzTNnOma/1mFbOYY
LfDzegjctgbDZl17PKioWe4mPluji6MQuLtyhnxV3TnnYmMV7A2pC7FFZ8NroSRx
/cAECGLlPGFYmAyIFtGOWSSMbEYbJIAhhsv9fMFGpatI62rzJ37Xca2lBV13y5ov
f3PWGeGDH5OcEah16Yy1cOu7GrRI0UiLhC2CV150jCDU7+g+Lvt1Yko+AUtgZwvr
j6iG5WEaFAGgu4MqcTF8ZVzxGpBXpKYxqWaFeB0VfTiy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:51 2023 by rpki-client on console-fra.rpki-client.org