Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/NBljwe3Q6paNL4Q_pQ3Y3jSXe9A.roa
File: NBljwe3Q6paNL4Q_pQ3Y3jSXe9A.roa (raw, json)
Hash identifier: DSJyfaR0wnYl301M+pwuK5ixiLbZuXj/d/Ides4Q3NM=
Subject key identifier: 34:19:63:C1:ED:D0:EA:96:8D:2F:84:3F:A5:0D:D8:DE:34:97:7B:D0
Certificate issuer: /CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Certificate serial: 0189BA8AFBAED722F610A9C1406A633F0302
Authority key identifier: FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/NBljwe3Q6paNL4Q_pQ3Y3jSXe9A.roa
Signing time: Thu 03 Aug 2023 08:36:57 +0000
ROA not before: Thu 03 Aug 2023 08:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25581
IP address blocks: 185.170.216.0/21 maxlen: 21
91.207.130.0/23 maxlen: 23
185.34.149.0/24 maxlen: 24
185.34.148.0/22 maxlen: 22
2a00:da60::/32 maxlen: 32
2a00:da60:b01::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:8a:fb:ae:d7:22:f6:10:a9:c1:40:6a:63:3f:03:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Validity
Not Before: Aug 3 08:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=341963c1edd0ea968d2f843fa50dd8de34977bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:13:c3:82:6d:7e:8b:22:08:e8:f3:f0:3e:
09:ab:3a:b1:62:97:a7:7b:cb:a7:01:fa:ed:9b:26:
a8:91:09:2a:58:8f:6c:d3:dc:b3:57:7f:61:bb:a1:
2d:65:a4:77:a2:df:a7:b5:6e:b3:7a:c5:a1:23:1b:
bf:53:fb:2f:c0:19:7e:76:5f:81:fd:da:5c:64:d7:
7b:fd:23:04:44:ed:6d:f6:4a:b8:a9:e0:a5:e5:b3:
ad:5b:38:5a:fc:40:38:a4:74:1d:eb:44:e2:76:79:
21:df:01:9f:28:8f:d2:81:15:29:d7:e7:d4:62:0d:
be:c7:7a:8f:8e:47:8e:42:85:40:e4:a4:46:42:29:
ad:4a:c8:88:3e:76:ae:66:c7:78:2a:c7:0f:0c:83:
04:0e:11:8a:92:02:5d:f4:13:5e:2a:b3:f8:73:5a:
14:1a:ca:88:fc:f1:53:67:fa:2e:6c:50:de:24:1e:
33:56:81:d9:ee:ec:18:bc:a5:2c:67:6f:cb:f8:49:
f2:93:a9:91:bb:bd:9a:f4:11:eb:87:16:09:e2:25:
dd:c9:c4:4b:5b:b2:f5:ff:6c:01:6f:cf:4e:fa:00:
1a:e7:e9:92:a1:d8:f3:ec:45:b1:00:1a:46:eb:8d:
b5:ab:f9:d9:86:cd:4c:6c:72:ef:d7:c5:43:a5:45:
e6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:19:63:C1:ED:D0:EA:96:8D:2F:84:3F:A5:0D:D8:DE:34:97:7B:D0
X509v3 Authority Key Identifier:
keyid:FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/NBljwe3Q6paNL4Q_pQ3Y3jSXe9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.130.0/23
185.34.148.0/22
185.170.216.0/21
IPv6:
2a00:da60::/32
Signature Algorithm: sha256WithRSAEncryption
4c:0c:e4:5f:0f:3e:99:5a:a4:80:ce:d2:df:86:bf:8f:70:fd:
21:ce:72:87:77:2a:02:54:53:2a:63:de:8e:aa:a0:0d:eb:05:
44:73:4c:ca:bc:df:90:19:d1:f0:ee:d1:ad:b5:53:10:37:11:
cf:36:05:7d:81:96:71:c3:b3:37:d1:a8:e8:96:8a:49:53:12:
86:cd:cd:d1:9e:77:c0:04:10:2c:05:d4:d7:71:06:f7:f2:91:
ec:97:0c:44:dc:f9:43:d5:0a:9d:8c:f6:28:5b:d3:32:db:5e:
4b:33:e2:10:da:9a:4a:0b:f8:32:9d:50:cb:ad:b0:9b:17:fe:
2e:d8:33:3a:8f:ba:50:86:c3:e4:a1:c6:2f:29:ea:91:33:ac:
52:9e:ff:e9:dd:44:28:07:62:36:2b:67:c2:c8:d9:75:78:40:
5a:10:c2:59:b2:1c:5c:5c:b1:98:f3:57:34:ab:65:e2:60:ec:
24:fe:b1:79:81:f2:42:db:10:17:52:cf:79:27:73:46:15:eb:
68:8f:38:45:54:06:b5:ff:6d:dd:64:4a:48:94:0b:29:5f:0d:
ee:27:0d:06:9f:6d:86:99:1d:78:10:6b:16:e8:20:be:3c:17:
e1:b1:00:e8:20:f0:0c:04:4b:9c:ff:32:fc:3f:30:86:47:8c:
50:18:60:2c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYm6ivuu1yL2EKnBQGpjPwMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2RkMTE3ZWFjNzU3YjZmOGYzOTQyODY1M2FlMTI1MDhj
YzY5ODkwHhcNMjMwODAzMDgzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE5NjNjMWVkZDBlYTk2OGQyZjg0M2ZhNTBkZDhkZTM0OTc3YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFUTw4JtfosiCOjz8D4JqzqxYpen
e8unAfrtmyaokQkqWI9s09yzV39hu6EtZaR3ot+ntW6zesWhIxu/U/svwBl+dl+B
/dpcZNd7/SMERO1t9kq4qeCl5bOtWzha/EA4pHQd60Tidnkh3wGfKI/SgRUp1+fU
Yg2+x3qPjkeOQoVA5KRGQimtSsiIPnauZsd4KscPDIMEDhGKkgJd9BNeKrP4c1oU
GsqI/PFTZ/oubFDeJB4zVoHZ7uwYvKUsZ2/L+Enyk6mRu72a9BHrhxYJ4iXdycRL
W7L1/2wBb89O+gAa5+mSodjz7EWxABpG6421q/nZhs1MbHLv18VDpUXm/QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDQZY8Ht0OqWjS+EP6UN2N40l3vQMB8GA1UdIwQY
MBaAFPvN0Rfqx1e2+POUKGU64SUIzGmJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04M1JGLXJIVjdiNDg1UW9aVHJoSlFqTWFZay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5
LTk2NDQyNWMxOGM2Zi8xL05CbGp3ZTNRNnBhTkw0UV9wUTNZM2pTWGU5QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5LTk2NDQyNWMxOGM2
Zi8xLzEtODNSRi1ySFY3YjQ4NVFvWlRyaEpRak1hWWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAFbz4ID
BAK5IpQDBAO5qtgwDQQCAAIwBwMFACoA2mAwDQYJKoZIhvcNAQELBQADggEBAEwM
5F8PPplapIDO0t+Gv49w/SHOcod3KgJUUypj3o6qoA3rBURzTMq835AZ0fDu0a21
UxA3Ec82BX2BlnHDszfRqOiWiklTEobNzdGed8AEECwF1NdxBvfykeyXDETc+UPV
Cp2M9ihb0zLbXksz4hDamkoL+DKdUMutsJsX/i7YMzqPulCGw+Shxi8p6pEzrFKe
/+ndRCgHYjYrZ8LI2XV4QFoQwlmyHFxcsZjzVzSrZeJg7CT+sXmB8kLbEBdSz3kn
c0YV62iPOEVUBrX/bd1kSkiUCylfDe4nDQafbYaZHXgQaxboIL48F+GxAOgg8AwE
S5z/Mvw/MIZHjFAYYCw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:00 2024 by rpki-client on console.sobornost.net