Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/NFZ13Lo8tIRbQo6ZoyUpMrQ4NNw.roa
File: NFZ13Lo8tIRbQo6ZoyUpMrQ4NNw.roa (raw, json)
Hash identifier: P3AEfpN+HtuHaP54rrI+Mu6ZCS6DWtSLrSnYHNThFbo=
Subject key identifier: 34:56:75:DC:BA:3C:B4:84:5B:42:8E:99:A3:25:29:32:B4:38:34:DC
Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Certificate serial: 018CCA99DB1ABCF594C6568FB31AC6BC3D97
Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/NFZ13Lo8tIRbQo6ZoyUpMrQ4NNw.roa
Signing time: Tue 02 Jan 2024 14:35:29 +0000
ROA not before: Tue 02 Jan 2024 14:35:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207227
IP address blocks: 185.74.36.0/22 maxlen: 22
2a05:48c0::/29 maxlen: 29
2a13:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 18 Jan 2024 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:db:1a:bc:f5:94:c6:56:8f:b3:1a:c6:bc:3d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Validity
Not Before: Jan 2 14:35:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=345675dcba3cb4845b428e99a3252932b43834dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:c0:86:5d:72:e1:4e:0f:f3:6f:cf:17:4e:
bd:42:36:6e:03:78:f1:f6:7d:95:b6:9a:55:f0:30:
2e:64:e8:72:a8:7e:f8:47:aa:d1:85:41:f1:9b:bd:
c2:44:a1:b8:b8:cd:a9:0b:16:e1:36:63:01:50:7a:
89:aa:43:50:cb:ec:ba:b4:f6:70:45:7a:14:d4:32:
23:b8:f2:bc:00:40:04:1d:95:74:90:0f:6b:42:32:
2f:4b:11:12:8e:5c:a7:cb:2d:fa:a7:98:60:b8:5a:
43:92:fd:ac:d3:d7:0e:83:61:99:ae:09:bb:dd:b4:
48:fa:39:ff:f1:16:5f:e0:68:3d:2d:91:72:31:aa:
42:33:77:be:a5:4a:18:50:bc:0b:3c:33:d9:57:35:
af:fc:31:39:4a:17:9b:db:de:66:c2:e7:35:95:96:
f1:dc:6c:88:5a:44:64:76:f1:fa:7f:44:34:ae:a9:
a2:ed:06:72:de:50:af:06:4f:47:bd:e9:7f:fb:bc:
11:4d:43:1a:cf:fd:76:10:5a:27:99:57:d5:df:c5:
a3:5c:c1:13:bb:5a:c3:23:03:d1:29:6d:5e:eb:b1:
de:c8:09:9d:a1:c6:c0:cd:1b:ab:d2:8f:c9:8e:88:
19:01:b9:ad:e5:ef:3c:6e:fa:20:6d:e1:75:ea:45:
00:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:56:75:DC:BA:3C:B4:84:5B:42:8E:99:A3:25:29:32:B4:38:34:DC
X509v3 Authority Key Identifier:
keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/NFZ13Lo8tIRbQo6ZoyUpMrQ4NNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.36.0/22
IPv6:
2a05:48c0::/29
2a13:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
25:ca:ae:1f:6d:89:20:a5:7f:42:dc:ed:fb:b0:88:d9:f8:50:
bc:48:c7:51:f1:32:82:1f:d0:2e:c9:55:0f:2e:5e:f0:1f:e2:
55:c4:d7:c8:bf:f6:39:08:4b:55:4b:68:7b:dc:55:a7:53:21:
1b:cf:2b:25:e2:dd:22:e3:5b:e3:5a:51:5c:c2:96:6a:19:85:
17:49:9c:84:a8:89:d1:ec:4d:40:83:b4:a7:2f:4c:c8:de:7a:
76:b6:55:ee:e7:3e:95:a3:de:dc:26:a9:e6:d4:30:15:68:ca:
5c:d6:99:a7:11:63:35:79:8a:fe:a8:a0:88:3f:30:e1:ea:68:
9e:b7:16:0e:c4:86:33:25:8e:d9:e6:71:76:ec:7c:78:73:ce:
12:fc:41:b4:2b:81:4d:75:05:9a:92:a0:27:b4:18:a3:ae:9c:
58:ec:5b:51:d4:e2:ad:9d:6e:bb:b9:52:31:a5:04:33:c7:ae:
78:1e:99:ce:1b:72:1f:f3:83:1c:59:2e:a6:b2:b4:bc:20:78:
4c:18:7b:73:11:ac:04:59:24:39:86:90:30:9b:05:88:65:d0:
00:fb:e6:60:68:d4:a3:c6:3e:b2:ff:47:88:06:61:33:eb:0d:
5d:82:f3:ee:c1:72:d3:c3:2e:bd:4a:92:72:fb:37:66:9a:69:
2c:82:42:cd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzKmdsavPWUxlaPsxrGvD2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl
NGMzOWUwHhcNMjQwMTAyMTQzNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU2NzVkY2JhM2NiNDg0NWI0MjhlOTlhMzI1MjkzMmI0MzgzNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzzAhl1y4U4P82/PF069QjZuA3jx
9n2VtppV8DAuZOhyqH74R6rRhUHxm73CRKG4uM2pCxbhNmMBUHqJqkNQy+y6tPZw
RXoU1DIjuPK8AEAEHZV0kA9rQjIvSxESjlynyy36p5hguFpDkv2s09cOg2GZrgm7
3bRI+jn/8RZf4Gg9LZFyMapCM3e+pUoYULwLPDPZVzWv/DE5Sheb295mwuc1lZbx
3GyIWkRkdvH6f0Q0rqmi7QZy3lCvBk9Hvel/+7wRTUMaz/12EFonmVfV38WjXMET
u1rDIwPRKW1e67HeyAmdocbAzRur0o/JjogZAbmt5e88bvogbeF16kUA9wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDRWddy6PLSEW0KOmaMlKTK0ODTcMB8GA1UdIwQY
MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt
MWIxZmM3OWQwNTUxLzEvTkZaMTNMbzh0SVJiUW82Wm95VXBNclE0Tk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx
LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuUokMBQE
AgACMA4DBQMqBUjAAwUDKhMfQDANBgkqhkiG9w0BAQsFAAOCAQEAJcquH22JIKV/
Qtzt+7CI2fhQvEjHUfEygh/QLslVDy5e8B/iVcTXyL/2OQhLVUtoe9xVp1MhG88r
JeLdIuNb41pRXMKWahmFF0mchKiJ0exNQIO0py9MyN56drZV7uc+laPe3Cap5tQw
FWjKXNaZpxFjNXmK/qigiD8w4eponrcWDsSGMyWO2eZxdux8eHPOEvxBtCuBTXUF
mpKgJ7QYo66cWOxbUdTirZ1uu7lSMaUEM8eueB6ZzhtyH/ODHFkuprK0vCB4TBh7
cxGsBFkkOYaQMJsFiGXQAPvmYGjUo8Y+sv9HiAZhM+sNXYLz7sFy08MuvUqScvs3
ZpppLIJCzQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:33 2024 by rpki-client on console.sobornost.net