Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/NqTb9l-6EdqsnaYRLNUFlc8MiEk.roa
File: NqTb9l-6EdqsnaYRLNUFlc8MiEk.roa (raw, json)
Hash identifier: LRZFULwBCWPRWoosnH8LkBgH8BKx1MzWC4GexlthweM=
Subject key identifier: 36:A4:DB:F6:5F:BA:11:DA:AC:9D:A6:11:2C:D5:05:95:CF:0C:88:49
Certificate issuer: /CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Certificate serial: 018BA9603ADAA68BAD5D268BA1E516E960E2
Authority key identifier: 4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/NqTb9l-6EdqsnaYRLNUFlc8MiEk.roa
Signing time: Tue 07 Nov 2023 10:42:17 +0000
ROA not before: Tue 07 Nov 2023 10:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207503
IP address blocks: 212.110.240.0/21 maxlen: 21
185.102.242.0/23 maxlen: 23
134.101.32.0/21 maxlen: 21
134.101.40.0/21 maxlen: 21
134.101.56.0/21 maxlen: 21
212.110.232.0/21 maxlen: 21
185.102.240.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:60:3a:da:a6:8b:ad:5d:26:8b:a1:e5:16:e9:60:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Validity
Not Before: Nov 7 10:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36a4dbf65fba11daac9da6112cd50595cf0c8849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:79:23:6e:c8:3f:27:48:ed:19:54:a4:ab:
6c:58:74:99:95:04:dd:60:fe:b6:6f:48:ce:80:3f:
6f:29:3e:33:99:0b:ee:c7:25:b0:23:03:53:d1:15:
ae:70:d4:d1:b6:0e:4c:91:bf:d8:88:65:0b:ed:52:
ac:bd:e9:60:02:e6:78:62:e0:a1:58:7a:de:60:7f:
6e:b2:30:8c:b2:6f:8b:ad:e3:93:d1:5d:8c:02:f5:
25:b6:66:1c:c8:22:81:35:5d:23:87:ec:41:9e:2a:
b0:e0:4e:66:1f:7e:fe:c3:95:a0:40:f4:ff:af:5b:
bb:31:be:d3:ac:b8:1c:24:a3:8f:b4:37:d7:aa:6e:
d7:87:a3:c0:bc:f0:2a:ae:fc:c2:f2:4a:0d:1e:e9:
25:1b:89:87:0b:b9:d9:55:d6:c9:95:6b:f9:f5:9b:
3f:2f:83:87:5f:d9:be:d7:ff:26:b2:62:80:f8:16:
d5:47:61:a0:a2:aa:ae:ba:69:2a:c6:68:a0:69:06:
25:e6:69:6c:58:4e:59:78:95:b5:ce:da:08:d1:0f:
31:ff:76:21:e3:ef:81:2f:3d:79:4b:3d:e8:b2:83:
ff:d1:3e:b3:c1:22:b2:1f:79:48:a1:81:61:92:f0:
ba:e5:9f:5a:d8:6e:4e:e2:f8:0d:78:a7:c4:dd:30:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A4:DB:F6:5F:BA:11:DA:AC:9D:A6:11:2C:D5:05:95:CF:0C:88:49
X509v3 Authority Key Identifier:
keyid:4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/NqTb9l-6EdqsnaYRLNUFlc8MiEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/SornhxUlvi6k0N_9rk86i_83JJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.101.32.0/20
134.101.56.0/21
185.102.240.0/22
212.110.232.0-212.110.247.255
Signature Algorithm: sha256WithRSAEncryption
31:30:2b:f4:ce:e7:ce:9d:e8:7f:2a:c0:51:10:02:02:bc:8d:
64:8a:95:65:6a:8c:d0:ea:e2:a7:34:88:44:29:98:2a:23:6e:
1a:04:56:cd:7d:ce:39:e5:d5:ac:11:c4:33:c2:0a:05:2b:00:
d0:96:a9:71:bd:e7:77:fd:f2:4f:20:81:75:f3:3e:30:5b:ab:
be:94:92:d5:45:dc:c9:85:04:50:8c:b4:fb:b0:f5:2f:7d:8f:
e0:30:a2:18:d3:65:af:23:01:dc:01:ef:7d:06:ad:00:2d:4d:
78:d5:4f:ee:85:07:d3:a1:55:cc:f3:76:13:b0:d3:28:d8:f5:
5f:47:59:52:97:50:87:95:31:71:a8:c0:47:80:97:56:aa:a4:
4f:9e:1b:62:ab:d8:31:91:40:78:7d:58:37:a8:e6:91:38:b9:
ce:ce:78:34:ad:51:53:ae:4e:89:38:af:c6:77:4f:e8:8e:0c:
f8:8e:c2:09:42:da:23:d5:61:e1:9c:4a:e8:27:40:f3:28:ee:
3a:3c:4c:c0:37:e8:eb:09:b7:65:83:d4:58:8e:15:d4:80:5d:
5a:22:18:9e:64:a1:a6:3d:e1:e6:2e:13:7f:d4:63:01:ff:1c:
40:80:de:0c:76:cc:7e:68:ff:75:d5:e0:8d:4d:61:54:ea:b8:
9c:1d:45:53
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYupYDrapoutXSaLoeUW6WDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGFlNzg3MTUyNWJlMmVhNGQwZGZmZGFlNGYzYThiZmYz
NzI0OTYwHhcNMjMxMTA3MTA0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmE0ZGJmNjVmYmExMWRhYWM5ZGE2MTEyY2Q1MDU5NWNmMGM4ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeZ5I27IPydI7RlUpKtsWHSZlQTd
YP62b0jOgD9vKT4zmQvuxyWwIwNT0RWucNTRtg5Mkb/YiGUL7VKsvelgAuZ4YuCh
WHreYH9usjCMsm+LreOT0V2MAvUltmYcyCKBNV0jh+xBniqw4E5mH37+w5WgQPT/
r1u7Mb7TrLgcJKOPtDfXqm7Xh6PAvPAqrvzC8koNHuklG4mHC7nZVdbJlWv59Zs/
L4OHX9m+1/8msmKA+BbVR2GgoqquumkqxmigaQYl5mlsWE5ZeJW1ztoI0Q8x/3Yh
4++BLz15Sz3osoP/0T6zwSKyH3lIoYFhkvC65Z9a2G5O4vgNeKfE3TASSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDak2/ZfuhHarJ2mESzVBZXPDIhJMB8GA1UdIwQY
MBaAFEqK54cVJb4upNDf/a5POov/NySWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQt
OThmNzQ1NGJhNmNlLzEvTnFUYjlsLTZFZHFzbmFZUkxOVUZsYzhNaUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQtOThmNzQ1NGJhNmNl
LzEvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEhmUgAwQD
hmU4AwQCuWbwMAwDBAPUbugDBAPUbvAwDQYJKoZIhvcNAQELBQADggEBADEwK/TO
586d6H8qwFEQAgK8jWSKlWVqjNDq4qc0iEQpmCojbhoEVs19zjnl1awRxDPCCgUr
ANCWqXG953f98k8ggXXzPjBbq76UktVF3MmFBFCMtPuw9S99j+AwohjTZa8jAdwB
730GrQAtTXjVT+6FB9OhVczzdhOw0yjY9V9HWVKXUIeVMXGowEeAl1aqpE+eG2Kr
2DGRQHh9WDeo5pE4uc7OeDStUVOuTok4r8Z3T+iODPiOwglC2iPVYeGcSugnQPMo
7jo8TMA36OsJt2WD1FiOFdSAXVoiGJ5koaY94eYuE3/UYwH/HECA3gx2zH5o/3XV
4I1NYVTquJwdRVM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:14 2024 by rpki-client on console.sobornost.net