Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/FgQR3Lcg7M6wnCnosol9jGs5BiI.roa
File: FgQR3Lcg7M6wnCnosol9jGs5BiI.roa (raw, json)
Hash identifier: SAIyB55XNVs+kJEb7YQrD6KOs9+bFaFlEkWrDHT4xjU=
Subject key identifier: 16:04:11:DC:B7:20:EC:CE:B0:9C:29:E8:B2:89:7D:8C:6B:39:06:22
Certificate issuer: /CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Certificate serial: 018DD66496CB2F6D912FFF0C4CBD90C2451C
Authority key identifier: 34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/FgQR3Lcg7M6wnCnosol9jGs5BiI.roa
Signing time: Fri 23 Feb 2024 14:35:32 +0000
ROA not before: Fri 23 Feb 2024 14:35:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216188
IP address blocks: 45.10.24.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
185.245.96.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
2a13:fd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 03 Sep 2024 10:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:64:96:cb:2f:6d:91:2f:ff:0c:4c:bd:90:c2:45:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Validity
Not Before: Feb 23 14:35:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=160411dcb720ecceb09c29e8b2897d8c6b390622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:10:3c:f3:49:36:0b:01:54:ff:bd:c0:f0:51:
3e:f2:d8:70:41:45:dd:e5:ab:e8:30:93:1f:85:d9:
0b:20:2d:cb:9d:3b:a5:66:6c:54:ca:8c:e3:cb:3b:
9d:2e:32:cf:16:88:d9:49:eb:b8:fd:ee:42:65:af:
55:53:c4:33:06:8e:a5:b1:c1:60:82:f0:8e:47:4a:
e5:7b:78:4d:67:cb:86:3e:b5:39:c2:0b:18:f1:ac:
94:81:1b:59:44:96:34:82:47:d6:73:e4:82:b1:03:
7b:30:12:96:db:71:27:fa:09:44:09:ae:c0:17:64:
03:68:a2:35:5b:30:9b:2f:07:66:35:14:0b:b3:26:
54:1a:e6:f0:09:44:7c:e4:43:90:18:a2:36:7b:3d:
70:cd:9d:72:a4:b3:c0:ef:41:f7:a6:b6:1a:34:46:
de:8d:47:d5:f5:c7:e5:c8:33:18:2d:78:f9:70:e5:
d3:6d:8e:ff:42:c4:41:84:4b:be:c0:4c:0a:64:93:
d7:bc:86:11:73:10:d8:12:2f:45:c6:a3:a9:23:19:
ee:6b:ee:1e:14:47:a1:a1:ad:07:54:fe:61:58:cd:
25:96:70:b8:13:29:1e:c3:c8:f3:93:96:9c:76:98:
54:7c:c2:12:7d:cf:c2:5d:23:39:28:0b:82:56:0d:
37:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:04:11:DC:B7:20:EC:CE:B0:9C:29:E8:B2:89:7D:8C:6B:39:06:22
X509v3 Authority Key Identifier:
keyid:34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/FgQR3Lcg7M6wnCnosol9jGs5BiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.24.0/24
45.133.9.0/24
88.218.227.0/24
91.210.224.0/24
152.89.239.0/24
185.245.96.0/24
185.248.140.0/24
IPv6:
2a13:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
74:2d:0f:52:f9:73:1a:a3:69:16:47:ea:7e:c6:ed:cb:36:19:
08:fc:9d:71:e8:0b:3b:d4:44:b2:d9:f5:ba:ba:12:c1:d2:a4:
c7:83:9e:62:d4:5d:f6:53:aa:62:f4:65:d6:96:a6:b2:62:ff:
a2:c4:eb:33:f9:19:76:1b:98:29:1a:7b:ef:94:c8:8a:e5:da:
83:ac:cc:f1:0e:15:2c:b1:46:2c:1c:91:5d:69:2a:f2:32:fb:
c2:0b:b3:5c:9c:b9:4b:5c:06:61:3f:84:8a:2d:e5:97:1f:14:
c5:9a:81:b1:1d:a0:57:58:e1:aa:52:90:a0:55:2b:76:da:5a:
e2:72:0a:86:f0:4d:9f:05:c2:fb:ba:f3:cb:db:f0:81:8a:92:
b6:2e:e9:e9:57:0f:73:e7:73:79:62:3f:d4:2f:0f:84:fd:51:
ba:72:1d:d2:ae:16:b3:ae:8b:d4:a5:c4:e2:05:6d:a0:68:19:
42:be:f7:d8:0d:32:18:98:48:43:ec:d7:45:a7:25:a1:b9:ca:
62:fb:b9:a9:86:d8:02:3b:36:b0:2c:1f:09:0f:6b:36:2d:50:
dd:04:a8:4f:16:25:80:20:13:e5:6e:51:93:88:78:78:bd:9d:
d8:7f:15:e6:df:65:94:dc:4b:95:35:31:11:e5:49:ed:0b:31:
be:11:36:b2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY3WZJbLL22RL/8MTL2QwkUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjBjNWE0MDNlMmRhZDNjNDdiNzkxZmRhMjA0MmNmNzE1
MDA5Y2YwHhcNMjQwMjIzMTQzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjA0MTFkY2I3MjBlY2NlYjA5YzI5ZThiMjg5N2Q4YzZiMzkwNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghA880k2CwFU/73A8FE+8thwQUXd
5avoMJMfhdkLIC3LnTulZmxUyozjyzudLjLPFojZSeu4/e5CZa9VU8QzBo6lscFg
gvCOR0rle3hNZ8uGPrU5wgsY8ayUgRtZRJY0gkfWc+SCsQN7MBKW23En+glECa7A
F2QDaKI1WzCbLwdmNRQLsyZUGubwCUR85EOQGKI2ez1wzZ1ypLPA70H3prYaNEbe
jUfV9cflyDMYLXj5cOXTbY7/QsRBhEu+wEwKZJPXvIYRcxDYEi9FxqOpIxnua+4e
FEehoa0HVP5hWM0llnC4Eykew8jzk5acdphUfMISfc/CXSM5KAuCVg037QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBYEEdy3IOzOsJwp6LKJfYxrOQYiMB8GA1UdIwQY
MBaAFDSwxaQD4trTxHt5H9ogQs9xUAnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUt
YWFhYjI1ODk0ZDVlLzEvRmdRUjNMY2c3TTZ3bkNub3NvbDlqR3M1QmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUtYWFhYjI1ODk0ZDVl
LzEvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALQoYAwQA
LYUJAwQAWNrjAwQAW9LgAwQAmFnvAwQAufVgAwQAufiMMA0EAgACMAcDBQMqE/1A
MA0GCSqGSIb3DQEBCwUAA4IBAQB0LQ9S+XMao2kWR+p+xu3LNhkI/J1x6As71ESy
2fW6uhLB0qTHg55i1F32U6pi9GXWlqayYv+ixOsz+Rl2G5gpGnvvlMiK5dqDrMzx
DhUssUYsHJFdaSryMvvCC7NcnLlLXAZhP4SKLeWXHxTFmoGxHaBXWOGqUpCgVSt2
2lricgqG8E2fBcL7uvPL2/CBipK2LunpVw9z53N5Yj/ULw+E/VG6ch3SrhazrovU
pcTiBW2gaBlCvvfYDTIYmEhD7NdFpyWhucpi+7mphtgCOzawLB8JD2s2LVDdBKhP
FiWAIBPlblGTiHh4vZ3YfxXm32WU3EuVNTER5UntCzG+ETay
-----END CERTIFICATE-----
Generated at Tue Sep 3 11:37:23 2024 by rpki-client on console-fra.rpki-client.org