Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/npDjD_PCs3XNuPT6Neyh6Bl4Gwg.roa
File: npDjD_PCs3XNuPT6Neyh6Bl4Gwg.roa (raw, json)
Hash identifier: HjQ83QmocyLzcvv5IQKPRI10P3kG73F5/QX+0wy3ZuQ=
Subject key identifier: 9E:90:E3:0F:F3:C2:B3:75:CD:B8:F4:FA:35:EC:A1:E8:19:78:1B:08
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192F680D7C12847B13F005DC9EAFD2552A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/npDjD_PCs3XNuPT6Neyh6Bl4Gwg.roa
Signing time: Mon 04 Nov 2024 09:28:11 +0000
ROA not before: Mon 04 Nov 2024 09:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Nov 2024 19:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:80:d7:c1:28:47:b1:3f:00:5d:c9:ea:fd:25:52:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 4 09:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e90e30ff3c2b375cdb8f4fa35eca1e819781b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4e:71:ff:e2:12:b5:26:2c:ad:d1:68:8a:dc:
d8:66:45:97:a1:0f:f5:40:26:80:4e:c0:c9:f1:32:
b4:90:09:34:4a:d0:d8:e5:87:0e:73:3a:b9:f2:0a:
23:b2:9f:bc:6d:39:ff:e9:c7:bc:ad:24:98:58:22:
a4:7b:e1:b0:ba:6c:c9:9c:41:64:0b:34:99:28:a9:
17:aa:8a:59:4a:6a:3b:71:cc:3e:7c:d9:3f:ba:10:
a1:83:80:9e:50:e5:e5:7a:1f:c7:b0:cf:d4:45:ff:
07:b6:e1:17:5d:2b:24:5d:4c:fc:ac:c4:d9:e6:5d:
c9:32:03:2b:c1:18:e6:b2:71:71:3c:a6:6c:55:0f:
53:db:dd:a5:47:0a:74:56:5e:f6:c4:1f:8b:50:5f:
7e:99:ac:00:e4:8f:10:7b:dd:fa:30:5a:8e:be:6b:
c1:2a:94:52:90:0a:fe:ee:07:87:22:58:c3:44:50:
f1:68:eb:7e:30:09:a7:ff:55:ce:ac:17:44:41:77:
55:b3:d2:4e:7c:83:c2:c2:f8:05:29:a3:95:b0:06:
de:ce:de:89:da:93:34:3a:e7:60:c7:71:26:0d:ef:
ec:0e:54:fc:75:cf:4e:be:1b:92:75:78:38:49:28:
03:66:3c:e7:6c:49:d0:0a:a1:fa:e6:3e:83:9f:48:
fa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:90:E3:0F:F3:C2:B3:75:CD:B8:F4:FA:35:EC:A1:E8:19:78:1B:08
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/npDjD_PCs3XNuPT6Neyh6Bl4Gwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
89:70:da:b2:73:1e:b1:1c:a3:47:14:51:bd:a0:88:1b:9c:4f:
c7:ad:fc:b3:b4:88:35:3e:6e:61:66:34:ab:ce:c6:1e:fc:b7:
02:71:c2:a1:34:2d:47:0b:f3:1f:9d:ee:02:b1:38:ee:32:f3:
2c:c6:c7:ba:c5:91:6b:1b:49:da:c7:0f:a4:93:15:ff:aa:da:
e8:12:bb:93:77:c4:f7:0f:a0:0f:ef:8f:da:5d:2e:95:15:50:
1c:5b:a8:20:85:58:25:53:61:0c:2a:be:6f:41:a1:64:c9:01:
08:cf:b8:bd:c9:40:f6:fe:73:80:55:36:bf:48:1d:07:2a:d6:
54:74:29:20:a3:a6:d9:d8:00:25:b6:0b:15:88:ee:15:7a:05:
82:a0:5d:26:b4:73:3a:89:ca:35:09:4e:c3:33:db:f1:fc:6e:
9c:f4:b8:cb:08:06:76:61:52:59:93:bd:63:e2:eb:3e:18:47:
9d:ee:1a:2a:a6:e5:fd:29:15:6b:f0:7a:04:2a:29:9a:43:0d:
32:26:2e:e0:2a:64:32:a6:ae:30:b8:3e:df:dc:dd:f9:39:70:
f0:99:0d:63:cb:3e:3d:0f:99:a5:ca:d9:fb:60:c4:5f:3f:27:
29:5d:5d:bf:f3:2c:59:94:f0:bd:35:26:07:93:dc:69:0e:8f:
ea:91:6f:91
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZL2gNfBKEexPwBdyer9JVKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA0MDkyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkwZTMwZmYzYzJiMzc1Y2RiOGY0ZmEzNWVjYTFlODE5NzgxYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk5x/+IStSYsrdFoitzYZkWXoQ/1
QCaATsDJ8TK0kAk0StDY5YcOczq58gojsp+8bTn/6ce8rSSYWCKke+GwumzJnEFk
CzSZKKkXqopZSmo7ccw+fNk/uhChg4CeUOXleh/HsM/URf8HtuEXXSskXUz8rMTZ
5l3JMgMrwRjmsnFxPKZsVQ9T292lRwp0Vl72xB+LUF9+mawA5I8Qe936MFqOvmvB
KpRSkAr+7geHIljDRFDxaOt+MAmn/1XOrBdEQXdVs9JOfIPCwvgFKaOVsAbezt6J
2pM0Oudgx3EmDe/sDlT8dc9OvhuSdXg4SSgDZjznbEnQCqH65j6Dn0j6GQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFJ6Q4w/zwrN1zbj0+jXsoegZeBsIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbnBEakRfUENzM1hOdVBUNk5leWg2Qmw0R3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQAwHy0AwQA
wjqbAwQAwlepAwQAwleyAwQAwlfgAwQAwochAwQBw4UYAwQBw4UoAwQBw4UyAwQB
w4VcAwQA1MABAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0B
AQsFAAOCAQEAiXDasnMesRyjRxRRvaCIG5xPx638s7SINT5uYWY0q87GHvy3AnHC
oTQtRwvzH53uArE47jLzLMbHusWRaxtJ2scPpJMV/6ra6BK7k3fE9w+gD++P2l0u
lRVQHFuoIIVYJVNhDCq+b0GhZMkBCM+4vclA9v5zgFU2v0gdByrWVHQpIKOm2dgA
JbYLFYjuFXoFgqBdJrRzOonKNQlOwzPb8fxunPS4ywgGdmFSWZO9Y+LrPhhHne4a
Kqbl/SkVa/B6BCopmkMNMiYu4CpkMqauMLg+39zd+Tlw8JkNY8s+PQ+ZpcrZ+2DE
Xz8nKV1dv/MsWZTwvTUmB5PcaQ6P6pFvkQ==
-----END CERTIFICATE-----
Generated at Tue Nov 5 00:43:16 2024 by rpki-client on console-fra.rpki-client.org