Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/NnHqNnmaA-Jc6ARLbKJIyv12ODo.roa
File: NnHqNnmaA-Jc6ARLbKJIyv12ODo.roa (raw, json)
Hash identifier: 2ujaabSIbsTpUINRe5ywB9WfxX40Rj/jxQr4m8Kljs8=
Subject key identifier: 36:71:EA:36:79:9A:03:E2:5C:E8:04:4B:6C:A2:48:CA:FD:76:38:3A
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 01917E1C8021ADC13F5AB4F958A78AD7AD68
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/NnHqNnmaA-Jc6ARLbKJIyv12ODo.roa
Signing time: Fri 23 Aug 2024 07:21:22 +0000
ROA not before: Fri 23 Aug 2024 07:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 91.239.43.0/24 maxlen: 24
195.191.65.0/24 maxlen: 24
213.109.76.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Sep 2024 08:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:1c:80:21:ad:c1:3f:5a:b4:f9:58:a7:8a:d7:ad:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Aug 23 07:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3671ea36799a03e25ce8044b6ca248cafd76383a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:3b:07:01:5e:a9:5a:e4:0d:f3:83:bf:18:
89:12:30:b4:56:34:64:10:d2:f5:17:4c:6c:ad:b8:
f5:4d:aa:f2:bb:7b:f7:9f:d6:b2:a9:e3:32:f7:b2:
2a:2e:bc:10:5e:72:53:7d:b4:71:0a:c7:96:ed:26:
a3:af:44:c9:39:56:4e:b8:8a:6c:06:9c:55:11:3d:
a1:b7:26:83:54:7d:be:b5:e1:37:77:83:23:25:c8:
f2:65:ea:bc:72:cb:b8:91:b3:3d:51:5c:32:2c:e5:
c3:f4:ad:07:09:55:70:eb:16:fe:a9:44:cc:b8:13:
33:c3:70:32:9e:1f:e4:20:2b:02:b5:d1:d5:13:d4:
61:bc:31:f9:65:b9:33:35:ac:15:3a:24:8e:b7:3a:
c5:84:56:fb:67:d9:25:d5:ac:3d:87:28:d1:13:37:
d2:90:15:43:aa:be:ca:08:e7:6d:3a:d8:d5:32:1e:
be:0a:d9:8d:8d:29:49:07:2c:3b:be:f9:20:ad:28:
af:fa:15:59:80:68:a1:e6:94:a2:a1:75:05:2f:0d:
0e:b2:49:5e:1c:f3:c2:e9:77:67:b6:08:75:a9:58:
eb:94:0f:59:e9:18:16:9f:02:df:37:45:d4:5a:77:
ed:35:11:ae:f6:e9:7e:e0:b0:df:f9:a9:2c:49:8f:
1a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:71:EA:36:79:9A:03:E2:5C:E8:04:4B:6C:A2:48:CA:FD:76:38:3A
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/NnHqNnmaA-Jc6ARLbKJIyv12ODo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.43.0/24
195.191.65.0/24
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
85:87:2d:e6:e9:b8:97:c1:fa:5b:14:84:78:b6:4b:f9:98:9a:
1f:a8:69:e3:63:32:0d:87:64:65:a7:a2:7f:82:7e:9a:cb:eb:
e5:88:45:0f:a5:28:37:d1:12:c7:5d:15:23:4a:67:33:c3:62:
cd:6f:c3:21:f6:45:4a:18:ed:01:1b:e4:1b:c3:13:44:13:a1:
94:5a:32:62:fa:c8:e1:ef:9f:c4:00:2f:f8:9a:6c:70:ba:84:
a8:fb:32:e1:99:bf:3a:ae:b6:83:44:a9:f1:a2:c6:c1:8e:f4:
2f:66:9b:a6:c7:a0:09:5d:6a:e6:87:9b:ce:11:79:d4:9c:ff:
ff:ae:5e:1e:50:cc:ee:2f:bf:6c:00:58:b5:72:c0:5c:2a:29:
9e:c1:23:ac:89:75:e0:ac:19:4b:a3:51:9b:6c:f4:06:bb:38:
ab:5c:9c:4f:99:69:dc:8a:77:d6:8b:fb:d0:84:6d:d6:24:ea:
b2:e1:79:36:5a:36:cb:78:b8:b7:ce:9a:02:b0:42:a9:f3:ee:
42:05:de:1f:01:d8:f5:dc:69:7a:ab:ae:53:c3:e4:4a:18:aa:
14:70:98:12:c6:3d:22:09:15:4b:fd:14:59:6f:3b:03:72:b8:
3a:dd:f0:61:42:a6:09:ec:af:bc:44:a8:35:24:8f:4a:bb:5c:
82:60:2d:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF+HIAhrcE/WrT5WKeK161oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQwODIzMDcyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjcxZWEzNjc5OWEwM2UyNWNlODA0NGI2Y2EyNDhjYWZkNzYzODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzg7BwFeqVrkDfODvxiJEjC0VjRk
ENL1F0xsrbj1Taryu3v3n9ayqeMy97IqLrwQXnJTfbRxCseW7Sajr0TJOVZOuIps
BpxVET2htyaDVH2+teE3d4MjJcjyZeq8csu4kbM9UVwyLOXD9K0HCVVw6xb+qUTM
uBMzw3Aynh/kICsCtdHVE9RhvDH5ZbkzNawVOiSOtzrFhFb7Z9kl1aw9hyjREzfS
kBVDqr7KCOdtOtjVMh6+CtmNjSlJByw7vvkgrSiv+hVZgGih5pSioXUFLw0Oskle
HPPC6Xdntgh1qVjrlA9Z6RgWnwLfN0XUWnftNRGu9ul+4LDf+aksSY8aOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZx6jZ5mgPiXOgES2yiSMr9djg6MB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvTm5IcU5ubWFBLUpjNkFSTGJLSkl5djEyT0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+8rAwQA
w79BAwQB1W1MMA0GCSqGSIb3DQEBCwUAA4IBAQCFhy3m6biXwfpbFIR4tkv5mJof
qGnjYzINh2Rlp6J/gn6ay+vliEUPpSg30RLHXRUjSmczw2LNb8Mh9kVKGO0BG+Qb
wxNEE6GUWjJi+sjh75/EAC/4mmxwuoSo+zLhmb86rraDRKnxosbBjvQvZpumx6AJ
XWrmh5vOEXnUnP//rl4eUMzuL79sAFi1csBcKimewSOsiXXgrBlLo1GbbPQGuzir
XJxPmWncinfWi/vQhG3WJOqy4Xk2WjbLeLi3zpoCsEKp8+5CBd4fAdj13Gl6q65T
w+RKGKoUcJgSxj0iCRVL/RRZbzsDcrg63fBhQqYJ7K+8RKg1JI9Ku1yCYC3l
-----END CERTIFICATE-----
Generated at Mon Sep 2 09:32:15 2024 by rpki-client on console-fra.rpki-client.org