Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/NZck-355_azp87GN0YSKTICNN0Q.roa
File: NZck-355_azp87GN0YSKTICNN0Q.roa (raw, json)
Hash identifier: GexSk2rTXDwyhMhgx7ym7BQaCjx1EHLf39K6fPSIb6A=
Subject key identifier: 35:97:24:FB:7E:79:FD:AC:E9:F3:B1:8D:D1:84:8A:4C:80:8D:37:44
Certificate issuer: /CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Certificate serial: 018570026ECDCC255736FCD4B62920F5172A
Authority key identifier: 80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/NZck-355_azp87GN0YSKTICNN0Q.roa
Signing time: Mon 02 Jan 2023 01:04:45 +0000
ROA not before: Mon 02 Jan 2023 01:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40965
IP address blocks: 185.110.133.0/24 maxlen: 24
185.110.132.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:6e:cd:cc:25:57:36:fc:d4:b6:29:20:f5:17:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Validity
Not Before: Jan 2 01:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359724fb7e79fdace9f3b18dd1848a4c808d3744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c1:e6:ea:30:e9:32:11:e0:7a:8e:61:47:e8:
d7:00:18:9a:0f:ea:31:b8:df:3f:94:d6:12:44:19:
a4:63:64:60:ab:ef:dc:71:3c:73:9f:38:8f:28:a2:
c9:84:df:c1:e4:c7:bc:00:a3:82:c3:b0:05:74:18:
f0:29:f6:45:b6:dd:74:ea:14:90:8e:5e:c2:6d:bb:
b4:8f:ef:ab:4e:78:8d:ce:f3:e3:2c:6e:be:b4:45:
17:6f:9e:fc:d5:e5:3d:00:0d:7e:59:e2:48:b3:2e:
16:0a:98:ca:f1:c6:8f:d3:37:fc:a8:85:18:62:f3:
a5:bf:e3:69:54:1a:28:e9:cd:21:ca:4b:21:42:39:
de:8e:00:bb:88:5f:99:da:5d:23:ed:83:1d:af:ad:
6d:58:0b:1c:19:5f:ca:9f:32:68:d2:96:75:cc:d0:
b5:2d:10:73:56:ea:73:9c:b2:c1:05:6e:03:c5:57:
79:01:ab:c7:3d:b2:06:92:01:72:02:c3:7c:79:7b:
ff:ff:e9:7f:0c:16:74:96:78:9e:8e:6d:de:73:eb:
29:fa:e6:8e:60:bc:38:e0:01:14:4c:dd:f7:09:fb:
13:87:87:61:46:c1:6f:cc:61:d9:d3:48:97:a6:ab:
dc:e3:8d:20:aa:56:7e:ab:06:33:11:64:a5:ec:ca:
8d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:97:24:FB:7E:79:FD:AC:E9:F3:B1:8D:D1:84:8A:4C:80:8D:37:44
X509v3 Authority Key Identifier:
keyid:80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/NZck-355_azp87GN0YSKTICNN0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.132.0/23
Signature Algorithm: sha256WithRSAEncryption
15:36:d9:1a:75:07:b0:e3:23:b2:9c:c2:99:92:7f:fe:a8:62:
70:97:0d:d1:2f:21:9d:95:e7:87:2e:f2:a8:fd:48:bc:d5:ee:
9b:39:13:79:6f:61:ef:24:ae:85:1a:c3:85:b8:9a:dd:38:e2:
c2:2c:89:b4:3e:a6:bf:5a:02:52:69:e5:72:c9:a3:88:e7:d8:
9a:36:f3:56:50:7c:ec:f6:74:74:ac:86:2b:b1:59:34:05:cb:
e4:d4:31:18:45:b7:67:11:80:47:5b:44:6f:0e:d3:aa:db:91:
8d:f2:a0:70:23:4c:94:ec:7c:40:76:74:e7:56:22:80:97:be:
ba:d7:12:47:3d:3c:08:b3:e2:3b:d1:03:45:dc:67:4e:4a:81:
df:73:cd:96:b9:99:c8:04:36:ff:c8:d3:0e:76:f7:e6:7c:12:
a8:0c:30:30:c4:25:8c:4e:07:27:e3:3f:cb:0b:7f:93:73:88:
b3:25:e2:11:37:67:4a:7a:fb:a9:1c:5b:27:96:f7:1c:4e:d2:
d8:a8:31:ff:46:0c:22:64:67:16:dd:b0:b6:a0:26:ca:21:ea:
4e:f8:74:27:8a:9d:8b:c6:2d:2f:3a:4b:a2:1a:94:2a:df:7c:
3e:9e:10:ef:80:2d:97:d8:1f:b3:34:32:9b:26:ff:32:38:8c:
50:0d:65:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAm7NzCVXNvzUtikg9RcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYmQwMDgyOTUzNmQ0Nzc0NWY0N2RhOWQxYThhNzJmNmRk
NDYyZDQwHhcNMjMwMTAyMDEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk3MjRmYjdlNzlmZGFjZTlmM2IxOGRkMTg0OGE0YzgwOGQzNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MHm6jDpMhHgeo5hR+jXABiaD+ox
uN8/lNYSRBmkY2Rgq+/ccTxznziPKKLJhN/B5Me8AKOCw7AFdBjwKfZFtt106hSQ
jl7Cbbu0j++rTniNzvPjLG6+tEUXb5781eU9AA1+WeJIsy4WCpjK8caP0zf8qIUY
YvOlv+NpVBoo6c0hykshQjnejgC7iF+Z2l0j7YMdr61tWAscGV/KnzJo0pZ1zNC1
LRBzVupznLLBBW4DxVd5AavHPbIGkgFyAsN8eXv//+l/DBZ0lniejm3ec+sp+uaO
YLw44AEUTN33CfsTh4dhRsFvzGHZ00iXpqvc440gqlZ+qwYzEWSl7MqN1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWXJPt+ef2s6fOxjdGEikyAjTdEMB8GA1UdIwQY
MBaAFIC9AIKVNtR3RfR9qdGopy9t1GLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMt
MDliOTkyMGZlMDBmLzEvTlpjay0zNTVfYXpwODdHTjBZU0tUSUNOTjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMtMDliOTkyMGZlMDBm
LzEvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuW6EMA0G
CSqGSIb3DQEBCwUAA4IBAQAVNtkadQew4yOynMKZkn/+qGJwlw3RLyGdleeHLvKo
/Ui81e6bORN5b2HvJK6FGsOFuJrdOOLCLIm0Pqa/WgJSaeVyyaOI59iaNvNWUHzs
9nR0rIYrsVk0Bcvk1DEYRbdnEYBHW0RvDtOq25GN8qBwI0yU7HxAdnTnViKAl766
1xJHPTwIs+I70QNF3GdOSoHfc82WuZnIBDb/yNMOdvfmfBKoDDAwxCWMTgcn4z/L
C3+Tc4izJeIRN2dKevupHFsnlvccTtLYqDH/RgwiZGcW3bC2oCbKIepO+HQnip2L
xi0vOkuiGpQq33w+nhDvgC2X2B+zNDKbJv8yOIxQDWUB
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:00 2024 by rpki-client on console.sobornost.net