Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/nl_KhlVBHIWPnuV7HUAb2eH2XRM.roa
File: nl_KhlVBHIWPnuV7HUAb2eH2XRM.roa (raw, json)
Hash identifier: p7JPUMAGFNcEf+H2wcMROCWxoxyf3Ho238XBEVEtd54=
Subject key identifier: 9E:5F:CA:86:55:41:1C:85:8F:9E:E5:7B:1D:40:1B:D9:E1:F6:5D:13
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018D80199126B1117BEA386706DEF56A4DFA
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/nl_KhlVBHIWPnuV7HUAb2eH2XRM.roa
Signing time: Tue 06 Feb 2024 20:26:15 +0000
ROA not before: Tue 06 Feb 2024 20:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 45.139.8.0/23 maxlen: 23
45.139.8.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
91.243.119.0/24 maxlen: 24
185.217.39.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 12:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:80:19:91:26:b1:11:7b:ea:38:67:06:de:f5:6a:4d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Feb 6 20:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e5fca8655411c858f9ee57b1d401bd9e1f65d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a4:e3:68:a6:45:dc:17:66:6f:57:a9:82:9d:
ce:6e:42:f5:57:fb:40:aa:0b:c7:0d:30:1b:e4:08:
44:43:85:ca:80:13:e0:a3:4c:44:40:85:be:3d:7c:
96:21:13:b5:37:ac:52:69:a0:9c:cf:49:e1:03:23:
bc:f0:48:2b:ee:52:4b:c9:13:44:90:8f:4f:40:fc:
f0:80:48:7d:1c:12:40:45:2b:2f:d8:3e:47:81:25:
cf:15:0f:1b:41:c3:c5:40:b8:2f:ee:51:b2:e0:dd:
78:1f:8a:f9:98:c6:da:b2:a7:f3:31:24:91:2f:fd:
21:bb:e1:ab:9a:c9:ad:fa:e4:2a:92:2b:40:7d:dd:
49:18:d6:0c:10:39:2f:31:87:a5:5a:68:fb:47:c5:
b4:5e:36:e4:0c:ac:dd:63:0b:c8:03:09:06:a2:0c:
9a:bb:05:98:36:5a:15:fb:10:ef:e9:02:7e:e5:cb:
43:5e:fd:ab:1a:06:c4:d5:9d:af:f2:93:1b:fa:a3:
0c:41:41:62:c0:b9:81:68:97:56:74:79:54:d0:a8:
03:a1:04:03:8e:78:b9:df:31:9e:ca:f8:70:8e:0e:
b0:fc:fb:c7:38:4f:0b:5a:7d:bd:2d:ce:8d:a8:84:
82:51:dc:e2:b5:cd:4f:a5:77:9d:10:e1:d6:94:a2:
e4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5F:CA:86:55:41:1C:85:8F:9E:E5:7B:1D:40:1B:D9:E1:F6:5D:13
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/nl_KhlVBHIWPnuV7HUAb2eH2XRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/23
91.243.119.0/24
185.217.39.0/24
194.180.209.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b5:a1:fb:04:83:90:19:ef:3e:3c:9a:20:01:21:1c:65:0f:
1f:f7:cb:23:85:37:ea:8b:06:75:e6:d5:d2:bb:ec:b9:3a:98:
05:c1:63:92:ee:86:f8:2f:4f:9b:0e:29:14:47:23:45:af:6c:
95:54:da:df:b2:4f:79:d9:eb:08:01:34:53:9c:a7:15:52:d0:
ad:3e:c0:52:b8:72:5e:25:cf:dc:5a:f9:99:51:a3:8c:38:c3:
50:44:bd:fe:72:b6:d6:d1:ad:dc:a8:1a:93:27:17:c8:3d:bf:
0b:d8:72:1d:8f:dd:05:67:75:54:c7:5e:29:3a:5e:db:f5:d0:
cb:e7:19:31:38:4b:f7:af:5d:0e:da:78:21:f3:58:07:0f:f4:
67:0c:26:f7:f1:12:c6:f5:04:89:4d:96:f2:fd:7f:9e:5d:07:
31:20:7c:5a:32:66:68:e6:4a:9d:46:53:af:bb:44:a3:e6:1a:
76:21:42:1b:8d:54:cb:ff:5f:c6:6e:fb:0f:16:f2:4a:6b:38:
7a:28:b1:68:f5:29:15:2a:78:7e:d1:90:80:31:14:b3:fe:c0:
3e:9a:51:14:84:21:61:1e:83:be:77:a4:c1:2c:52:22:81:f3:
57:f8:e9:b1:30:03:ad:48:d7:77:c9:3c:1f:e4:d8:dd:d3:d4:
6c:15:26:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2AGZEmsRF76jhnBt71ak36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjA2MjAyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTVmY2E4NjU1NDExYzg1OGY5ZWU1N2IxZDQwMWJkOWUxZjY1ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6TjaKZF3Bdmb1epgp3ObkL1V/tA
qgvHDTAb5AhEQ4XKgBPgo0xEQIW+PXyWIRO1N6xSaaCcz0nhAyO88Egr7lJLyRNE
kI9PQPzwgEh9HBJARSsv2D5HgSXPFQ8bQcPFQLgv7lGy4N14H4r5mMbasqfzMSSR
L/0hu+Grmsmt+uQqkitAfd1JGNYMEDkvMYelWmj7R8W0XjbkDKzdYwvIAwkGogya
uwWYNloV+xDv6QJ+5ctDXv2rGgbE1Z2v8pMb+qMMQUFiwLmBaJdWdHlU0KgDoQQD
jni53zGeyvhwjg6w/PvHOE8LWn29Lc6NqISCUdzitc1PpXedEOHWlKLkJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ5fyoZVQRyFj57lex1AG9nh9l0TMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvbmxfS2hsVkJISVdQbnVWN0hVQWIyZUgyWFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYsIAwQA
W/N3AwQAudknAwQAwrTRMA0GCSqGSIb3DQEBCwUAA4IBAQBbtaH7BIOQGe8+PJog
ASEcZQ8f98sjhTfqiwZ15tXSu+y5OpgFwWOS7ob4L0+bDikURyNFr2yVVNrfsk95
2esIATRTnKcVUtCtPsBSuHJeJc/cWvmZUaOMOMNQRL3+crbW0a3cqBqTJxfIPb8L
2HIdj90FZ3VUx14pOl7b9dDL5xkxOEv3r10O2ngh81gHD/RnDCb38RLG9QSJTZby
/X+eXQcxIHxaMmZo5kqdRlOvu0Sj5hp2IUIbjVTL/1/GbvsPFvJKazh6KLFo9SkV
Knh+0ZCAMRSz/sA+mlEUhCFhHoO+d6TBLFIigfNX+OmxMAOtSNd3yTwf5Njd09Rs
FSb/
-----END CERTIFICATE-----
Generated at Mon Feb 12 18:07:07 2024 by rpki-client on console-fra.rpki-client.org