Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NQjVE-sAjYjcLtnzYXv6xYfD_OE.roa
File: NQjVE-sAjYjcLtnzYXv6xYfD_OE.roa (raw, json)
Hash identifier: EVxTBdeUNagdf9lnSOT+CXU0mj3PlIVR8Dhska2JJqk=
Subject key identifier: 35:08:D5:13:EB:00:8D:88:DC:2E:D9:F3:61:7B:FA:C5:87:C3:FC:E1
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 0186A0EBCAB5DDD3E625EE550CDC62D28621
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NQjVE-sAjYjcLtnzYXv6xYfD_OE.roa
Signing time: Thu 02 Mar 2023 06:04:12 +0000
ROA not before: Thu 02 Mar 2023 06:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39593
IP address blocks: 136.169.210.0/24 maxlen: 24
136.169.210.0/23 maxlen: 23
136.169.208.0/24 maxlen: 24
136.169.208.0/23 maxlen: 23
136.169.211.0/24 maxlen: 24
136.169.208.0/22 maxlen: 22
136.169.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:eb:ca:b5:dd:d3:e6:25:ee:55:0c:dc:62:d2:86:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Mar 2 06:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3508d513eb008d88dc2ed9f3617bfac587c3fce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:e4:39:39:a5:b9:e4:b9:1c:65:a6:c7:1a:
f6:8f:70:eb:ea:72:78:65:67:ba:1d:51:0c:5e:9b:
c9:e8:2f:23:e5:76:eb:f3:dd:d9:55:89:a1:21:4e:
e8:5a:2a:4c:e5:84:28:35:a6:bb:58:99:06:c1:30:
ac:15:da:41:a4:f0:47:8a:71:74:f8:8a:b4:22:2e:
9c:2e:df:fc:4e:9c:7f:28:ad:4f:4f:c3:cc:c4:07:
6a:01:5e:22:fb:49:4a:91:de:ec:09:60:96:f6:f4:
d9:81:de:07:11:a2:71:18:f3:ea:2e:97:e4:c7:1f:
8c:d9:bc:76:82:57:79:6a:2d:ca:82:be:6a:60:17:
ba:74:bc:56:4f:38:7c:f7:cf:22:25:46:83:9c:5b:
91:d1:5e:ab:10:df:2e:2f:fa:7e:93:dc:6f:33:63:
bc:2b:70:1a:36:72:f8:35:8a:41:83:40:84:30:e1:
4d:fa:fa:73:45:5d:df:97:2d:3b:4e:0a:6f:57:ee:
ef:39:30:c4:eb:a8:a0:ef:c9:f1:63:84:2c:f8:bc:
1c:93:98:a5:0d:f7:36:1e:5f:94:95:83:d4:94:a4:
d7:9f:95:b1:89:70:36:ba:54:3c:f7:2a:d9:00:49:
c1:b9:fd:cc:03:0b:7e:ad:74:24:a2:2d:84:34:5c:
77:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:08:D5:13:EB:00:8D:88:DC:2E:D9:F3:61:7B:FA:C5:87:C3:FC:E1
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NQjVE-sAjYjcLtnzYXv6xYfD_OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.169.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:17:8e:2f:47:1a:69:71:36:88:5a:a9:f3:c2:35:46:d7:c5:
27:ec:d4:ab:6b:1a:32:ea:00:23:42:96:fa:94:e7:9f:36:3f:
45:ef:01:cc:82:90:02:a5:46:96:05:33:38:ab:45:53:3b:8d:
1b:44:34:0a:11:cc:4b:c7:a8:6f:9c:02:27:a6:7b:d0:0f:46:
91:1a:bf:d6:19:04:cd:b4:01:69:cd:4a:54:3c:f5:af:0b:83:
ab:da:c6:f9:32:c3:a4:44:ef:a7:a0:d9:00:ac:a7:1e:07:61:
27:ee:07:1a:53:d2:20:a5:45:b0:7d:6d:fb:b6:99:72:89:b2:
ec:0f:da:ec:aa:fc:4c:3b:8a:79:1f:23:71:78:ff:be:77:7e:
ff:07:4e:16:f9:c8:56:ed:e9:2d:1e:a0:a3:59:5c:75:34:4a:
91:90:db:e3:2c:4c:dd:d4:01:66:ef:21:e8:d5:28:6c:88:60:
11:ad:97:ae:44:b8:49:7e:71:ed:5e:e4:e3:1f:a5:67:4d:09:
5d:75:30:21:38:24:25:a7:15:e9:e5:ba:29:27:e6:11:a2:b0:
25:90:e3:d5:5d:00:aa:18:97:7c:e1:7a:77:f5:96:f3:1b:21:
00:fb:7e:75:98:40:fa:ca:cb:36:ed:38:2a:55:61:be:57:97:
69:19:e0:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYag68q13dPmJe5VDNxi0oYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjMwMzAyMDYwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTA4ZDUxM2ViMDA4ZDg4ZGMyZWQ5ZjM2MTdiZmFjNTg3YzNmY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofrkOTmlueS5HGWmxxr2j3Dr6nJ4
ZWe6HVEMXpvJ6C8j5Xbr893ZVYmhIU7oWipM5YQoNaa7WJkGwTCsFdpBpPBHinF0
+Iq0Ii6cLt/8Tpx/KK1PT8PMxAdqAV4i+0lKkd7sCWCW9vTZgd4HEaJxGPPqLpfk
xx+M2bx2gld5ai3Kgr5qYBe6dLxWTzh8988iJUaDnFuR0V6rEN8uL/p+k9xvM2O8
K3AaNnL4NYpBg0CEMOFN+vpzRV3fly07TgpvV+7vOTDE66ig78nxY4Qs+Lwck5il
Dfc2Hl+UlYPUlKTXn5WxiXA2ulQ89yrZAEnBuf3MAwt+rXQkoi2ENFx34QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUI1RPrAI2I3C7Z82F7+sWHw/zhMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvTlFqVkUtc0FqWWpjTHRuellYdjZ4WWZEX09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCiKnQMA0G
CSqGSIb3DQEBCwUAA4IBAQArF44vRxppcTaIWqnzwjVG18Un7NSraxoy6gAjQpb6
lOefNj9F7wHMgpACpUaWBTM4q0VTO40bRDQKEcxLx6hvnAInpnvQD0aRGr/WGQTN
tAFpzUpUPPWvC4Or2sb5MsOkRO+noNkArKceB2En7gcaU9IgpUWwfW37tplyibLs
D9rsqvxMO4p5HyNxeP++d37/B04W+chW7ektHqCjWVx1NEqRkNvjLEzd1AFm7yHo
1ShsiGARrZeuRLhJfnHtXuTjH6VnTQlddTAhOCQlpxXp5bopJ+YRorAlkOPVXQCq
GJd84Xp39ZbzGyEA+351mED6yss27TgqVWG+V5dpGeBo
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:50 2023 by rpki-client on console.sobornost.net