Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/NbNQCKXxKpkBFmzqs5FjRwwbSC4.roa
File: NbNQCKXxKpkBFmzqs5FjRwwbSC4.roa (raw, json)
Hash identifier: PwXD9NcweQtNXXwpQZGi0HiEqz/slsu2X0PrzGQmmIs=
Subject key identifier: 35:B3:50:08:A5:F1:2A:99:01:16:6C:EA:B3:91:63:47:0C:1B:48:2E
Certificate issuer: /CN=93fd26d3a0b693a029bc62dcb9dda9519e477640
Certificate serial: 018C6BA3807783F8887B9BD89A874039A83A
Authority key identifier: 93:FD:26:D3:A0:B6:93:A0:29:BC:62:DC:B9:DD:A9:51:9E:47:76:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k_0m06C2k6ApvGLcud2pUZ5HdkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/NbNQCKXxKpkBFmzqs5FjRwwbSC4.roa
Signing time: Fri 15 Dec 2023 04:02:06 +0000
ROA not before: Fri 15 Dec 2023 04:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60515
IP address blocks: 185.88.32.0/24 maxlen: 24
185.88.35.0/24 maxlen: 24
185.88.32.0/22 maxlen: 22
185.88.33.0/24 maxlen: 24
185.88.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6b:a3:80:77:83:f8:88:7b:9b:d8:9a:87:40:39:a8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93fd26d3a0b693a029bc62dcb9dda9519e477640
Validity
Not Before: Dec 15 04:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35b35008a5f12a9901166ceab39163470c1b482e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:02:6b:27:59:ce:fa:71:1e:ef:6f:7b:23:
b6:09:df:0d:df:91:d6:f3:db:2f:f1:dc:ea:39:d9:
aa:86:1d:82:45:60:c8:fe:c1:dd:19:ed:61:46:d3:
3d:91:6a:ed:28:4e:5b:47:b7:9a:c2:e2:f0:1a:a9:
85:2e:7a:81:41:67:39:b5:03:81:bb:d2:01:b9:70:
3a:1d:cc:df:9a:03:d3:3b:06:ab:5b:ea:ec:2b:37:
98:13:81:c4:0c:61:94:76:17:23:2f:99:50:7e:ed:
62:82:95:a8:78:2c:82:b2:f4:4c:77:8c:99:9d:ab:
5b:c4:af:34:ab:ca:f5:c7:99:b8:dc:38:0b:1b:2b:
04:05:1a:4f:5a:c9:ce:d1:fb:92:b7:48:56:2c:b6:
61:2d:ee:d5:54:1f:f1:69:9c:1f:7f:08:a3:19:e1:
02:67:2e:f2:bf:6f:72:f3:49:c8:37:59:74:84:13:
c4:bc:f3:65:07:31:8f:41:e1:63:91:0e:cd:a7:b3:
cb:62:75:b4:9e:9d:05:d4:9b:ad:e5:25:9a:00:36:
b4:cc:45:93:d5:9c:3e:c6:97:77:df:a6:18:d2:5d:
60:a3:a8:29:90:62:fe:dc:e5:dd:8e:8c:b6:b5:db:
b5:2b:a2:52:cd:d3:db:64:42:0a:2d:7f:38:3b:aa:
76:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B3:50:08:A5:F1:2A:99:01:16:6C:EA:B3:91:63:47:0C:1B:48:2E
X509v3 Authority Key Identifier:
keyid:93:FD:26:D3:A0:B6:93:A0:29:BC:62:DC:B9:DD:A9:51:9E:47:76:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k_0m06C2k6ApvGLcud2pUZ5HdkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/NbNQCKXxKpkBFmzqs5FjRwwbSC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/k_0m06C2k6ApvGLcud2pUZ5HdkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:11:46:ce:bf:02:e5:ab:69:b4:fd:74:ea:b2:93:39:61:7d:
6f:61:41:03:1e:09:78:8b:9e:ed:5a:ba:86:a5:f0:1d:e9:d9:
70:45:31:69:ed:f8:8f:a5:e4:d4:e5:5c:80:58:10:2f:a5:a1:
01:98:b0:b7:b8:99:05:d9:14:b8:7c:c7:b6:12:c8:57:71:1b:
d8:ca:f3:54:a1:da:44:48:18:17:5f:e0:cc:1a:94:4b:55:3e:
c1:54:cf:f5:95:70:57:21:85:51:12:73:16:8c:32:51:d2:4d:
95:46:70:2d:81:df:ed:16:d2:84:bd:bb:c2:9d:2a:52:d5:b8:
2a:f5:b3:15:ef:5c:31:04:68:6d:74:94:0e:ed:01:a8:41:a0:
b1:5d:1f:69:82:62:db:5f:2a:e5:7d:40:5a:49:ee:76:81:d9:
57:c2:7c:d8:d0:d0:26:89:69:90:fa:32:be:f2:89:4b:ef:4e:
6f:b8:e4:ae:8f:b5:75:16:3b:d2:fd:90:df:a9:f8:5b:e9:5c:
e5:78:c4:1c:da:c3:5f:c4:ea:43:95:6b:47:72:50:84:f2:b6:
9e:15:d6:5f:6b:6b:26:b1:22:e2:49:5b:04:45:cb:f2:e5:f0:
8b:d1:53:d3:f3:3a:8a:4f:53:bc:68:fb:5f:81:d5:98:fa:26:
2a:c5:4c:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxro4B3g/iIe5vYmodAOag6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZmQyNmQzYTBiNjkzYTAyOWJjNjJkY2I5ZGRhOTUxOWU0
Nzc2NDAwHhcNMjMxMjE1MDQwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIzNTAwOGE1ZjEyYTk5MDExNjZjZWFiMzkxNjM0NzBjMWI0ODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/QCaydZzvpxHu9veyO2Cd8N35HW
89sv8dzqOdmqhh2CRWDI/sHdGe1hRtM9kWrtKE5bR7eawuLwGqmFLnqBQWc5tQOB
u9IBuXA6HczfmgPTOwarW+rsKzeYE4HEDGGUdhcjL5lQfu1igpWoeCyCsvRMd4yZ
natbxK80q8r1x5m43DgLGysEBRpPWsnO0fuSt0hWLLZhLe7VVB/xaZwffwijGeEC
Zy7yv29y80nIN1l0hBPEvPNlBzGPQeFjkQ7Np7PLYnW0np0F1Jut5SWaADa0zEWT
1Zw+xpd336YY0l1go6gpkGL+3OXdjoy2tdu1K6JSzdPbZEIKLX84O6p2ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWzUAil8SqZARZs6rORY0cMG0guMB8GA1UdIwQY
MBaAFJP9JtOgtpOgKbxi3LndqVGeR3ZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva18wbTA2QzJrNkFwdkdMY3VkMnBVWjVIZGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wZGY5YWItMmU3OC00Yjk4LWE2ZWYt
NzNiYjkzMDBmNTc1LzEvTmJOUUNLWHhLcGtCRm16cXM1RmpSd3diU0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wZGY5YWItMmU3OC00Yjk4LWE2ZWYtNzNiYjkzMDBmNTc1
LzEva18wbTA2QzJrNkFwdkdMY3VkMnBVWjVIZGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVggMA0G
CSqGSIb3DQEBCwUAA4IBAQCwEUbOvwLlq2m0/XTqspM5YX1vYUEDHgl4i57tWrqG
pfAd6dlwRTFp7fiPpeTU5VyAWBAvpaEBmLC3uJkF2RS4fMe2EshXcRvYyvNUodpE
SBgXX+DMGpRLVT7BVM/1lXBXIYVREnMWjDJR0k2VRnAtgd/tFtKEvbvCnSpS1bgq
9bMV71wxBGhtdJQO7QGoQaCxXR9pgmLbXyrlfUBaSe52gdlXwnzY0NAmiWmQ+jK+
8olL705vuOSuj7V1FjvS/ZDfqfhb6VzleMQc2sNfxOpDlWtHclCE8raeFdZfa2sm
sSLiSVsERcvy5fCL0VPT8zqKT1O8aPtfgdWY+iYqxUya
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:16 2024 by rpki-client on console.sobornost.net