Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n_nqK8qqFoFupQIBlT7t978MHN8.roa
File: n_nqK8qqFoFupQIBlT7t978MHN8.roa (raw, json)
Hash identifier: iN4FH/6Q/vxEDeW4SzIG2QO95i+VTXnNUQgAOJ88KzY=
Subject key identifier: 9F:F9:EA:2B:CA:AA:16:81:6E:A5:02:01:95:3E:ED:F7:BF:0C:1C:DF
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 018FBE7A13BB19C3911253A2A999EB2F3449
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n_nqK8qqFoFupQIBlT7t978MHN8.roa
Signing time: Tue 28 May 2024 09:13:42 +0000
ROA not before: Tue 28 May 2024 09:13:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214894
IP address blocks: 152.89.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 10:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:7a:13:bb:19:c3:91:12:53:a2:a9:99:eb:2f:34:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: May 28 09:13:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ff9ea2bcaaa16816ea50201953eedf7bf0c1cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8a:1d:c6:05:e9:11:95:dc:86:4e:4a:97:90:
0d:61:2f:fe:19:f8:8b:d6:b2:3f:77:69:02:da:4a:
8e:02:69:dc:7e:91:1a:b8:d3:1a:3a:ce:6f:72:dc:
8c:56:b0:14:be:02:7a:b8:a3:9d:94:fe:68:e2:1c:
eb:c2:0a:01:12:3e:f7:13:92:73:d3:82:d2:64:a8:
1e:10:67:f7:5f:1a:25:63:94:cc:98:34:c1:05:14:
1d:dc:bc:da:d7:90:cf:4e:36:a3:6f:a3:c2:e7:18:
8d:2a:1d:2a:26:a3:2b:d2:96:7e:94:6a:c0:fd:b5:
da:dd:85:97:39:05:45:90:91:d7:16:16:8b:a6:4d:
ce:45:e4:9c:7c:77:21:51:6f:e1:0f:b3:5f:cc:69:
5e:2c:0a:9e:0f:ab:76:3c:31:92:8c:ef:19:19:ff:
2d:73:88:00:86:e9:50:b5:24:66:2e:3a:84:88:f5:
04:76:57:45:6d:9f:a3:86:b2:1c:cb:35:7d:ff:1b:
bb:1b:86:8c:2e:39:b4:c8:7c:16:dd:bc:10:07:c9:
37:47:5f:5f:fe:b8:da:52:e9:a6:a0:a5:1d:ed:e8:
2f:af:0c:bf:20:fb:bb:1b:34:5f:13:85:10:cc:93:
00:28:e4:d2:7f:d1:84:70:5e:38:0b:0f:41:aa:49:
ae:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F9:EA:2B:CA:AA:16:81:6E:A5:02:01:95:3E:ED:F7:BF:0C:1C:DF
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n_nqK8qqFoFupQIBlT7t978MHN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:c2:aa:9d:2d:c2:cb:a1:18:bf:d5:82:42:15:b5:80:68:76:
fd:20:8c:fb:7d:0d:ef:82:3c:b8:22:41:1d:1a:7b:98:d2:59:
16:94:4e:42:c1:33:ea:e0:4d:44:3b:4b:da:c4:d5:a5:e4:d6:
eb:3b:98:12:fa:f1:b6:93:db:f8:2e:ce:ae:d5:e5:de:f5:13:
ac:e0:dc:72:3a:17:5c:e2:81:67:fa:18:d6:19:4b:00:08:05:
23:47:55:a7:58:ca:26:0a:3e:38:21:1e:4d:65:ac:60:57:09:
56:68:a7:8c:ab:d2:7c:85:b3:e2:9f:5b:bc:6c:72:db:59:ac:
86:be:52:d9:ae:36:db:d6:ca:42:83:fb:46:54:5c:7c:f1:fe:
9c:05:58:26:6b:67:8a:23:cd:dc:a5:a5:9e:0a:a9:05:3f:7f:
c3:70:87:9e:ff:19:00:af:95:11:58:73:d4:65:de:6b:11:83:
81:08:60:84:c4:92:22:7c:68:83:bf:fa:c2:57:de:0e:e2:8e:
75:da:ff:8c:44:13:e0:62:59:32:98:a3:49:47:9c:8f:d7:12:
ba:e8:17:e5:19:78:c3:d7:1d:52:c0:ae:26:70:d5:23:a0:66:
eb:ff:6f:72:8c:81:dc:2e:f1:4d:38:b1:d6:cb:25:74:20:a6:
5d:e3:15:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY++ehO7GcORElOiqZnrLzRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwNTI4MDkxMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmY5ZWEyYmNhYWExNjgxNmVhNTAyMDE5NTNlZWRmN2JmMGMxY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIodxgXpEZXchk5Kl5ANYS/+GfiL
1rI/d2kC2kqOAmncfpEauNMaOs5vctyMVrAUvgJ6uKOdlP5o4hzrwgoBEj73E5Jz
04LSZKgeEGf3XxolY5TMmDTBBRQd3Lza15DPTjajb6PC5xiNKh0qJqMr0pZ+lGrA
/bXa3YWXOQVFkJHXFhaLpk3OReScfHchUW/hD7NfzGleLAqeD6t2PDGSjO8ZGf8t
c4gAhulQtSRmLjqEiPUEdldFbZ+jhrIcyzV9/xu7G4aMLjm0yHwW3bwQB8k3R19f
/rjaUummoKUd7egvrwy/IPu7GzRfE4UQzJMAKOTSf9GEcF44Cw9BqkmuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/56ivKqhaBbqUCAZU+7fe/DBzfMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvbl9ucUs4cXFGb0Z1cFFJQmxUN3Q5NzhNSE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQArwqqdLcLLoRi/1YJCFbWAaHb9IIz7fQ3vgjy4IkEd
GnuY0lkWlE5CwTPq4E1EO0vaxNWl5NbrO5gS+vG2k9v4Ls6u1eXe9ROs4NxyOhdc
4oFn+hjWGUsACAUjR1WnWMomCj44IR5NZaxgVwlWaKeMq9J8hbPin1u8bHLbWayG
vlLZrjbb1spCg/tGVFx88f6cBVgma2eKI83cpaWeCqkFP3/DcIee/xkAr5URWHPU
Zd5rEYOBCGCExJIifGiDv/rCV94O4o512v+MRBPgYlkymKNJR5yP1xK66BflGXjD
1x1SwK4mcNUjoGbr/29yjIHcLvFNOLHWyyV0IKZd4xUR
-----END CERTIFICATE-----
Generated at Mon Nov 11 14:44:09 2024 by rpki-client on console-fra.rpki-client.org