Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/kRDjH8x50UoJSk1azdcsWz9xvF4.roa
File: kRDjH8x50UoJSk1azdcsWz9xvF4.roa (raw, json)
Hash identifier: 6IXuMMDOkkWSAyKXUuRok1jjoDPyeDZ+7waRAIF8+S0=
Subject key identifier: 91:10:E3:1F:CC:79:D1:4A:09:4A:4D:5A:CD:D7:2C:5B:3F:71:BC:5E
Certificate issuer: /CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Certificate serial: 018B4D612E1BA5885CBBFDD2D1695048C11C
Authority key identifier: 34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/kRDjH8x50UoJSk1azdcsWz9xvF4.roa
Signing time: Fri 20 Oct 2023 13:58:16 +0000
ROA not before: Fri 20 Oct 2023 13:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 193.135.10.0/24 maxlen: 24
185.245.96.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:61:2e:1b:a5:88:5c:bb:fd:d2:d1:69:50:48:c1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Validity
Not Before: Oct 20 13:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9110e31fcc79d14a094a4d5acdd72c5b3f71bc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2d:0d:b4:a3:db:75:b0:9d:c3:1d:67:cc:b6:
3a:75:65:9d:64:e9:e9:60:db:a7:90:33:59:0a:77:
8f:e6:ee:42:05:4d:5f:99:ad:c8:23:c6:f2:0f:01:
01:99:e2:07:a0:37:91:c3:45:2c:42:7e:4d:19:cc:
86:9d:d2:00:92:60:a1:fe:eb:cd:af:c5:db:a6:6c:
51:81:d1:70:02:87:19:57:6f:f4:39:85:dd:e3:01:
f9:9b:40:bd:06:dc:bf:91:91:96:de:eb:9d:55:8d:
e3:76:7a:57:5b:07:7c:de:0b:a4:dc:42:0e:cc:ba:
a3:c5:de:2e:90:a1:6d:2c:f6:38:d9:37:49:fb:46:
98:4e:d0:5c:86:74:0b:a0:82:ee:9c:77:c2:97:dc:
60:aa:70:20:e2:5b:62:0c:1a:6e:16:4d:a8:25:b2:
0b:73:55:e3:ff:a6:2e:7b:a8:16:1b:9d:b4:f3:11:
85:da:1b:e1:44:bb:3b:e5:f8:c3:90:8c:cc:29:ae:
a2:d3:d3:c8:d1:4f:15:c4:d9:82:ca:3b:f1:52:c4:
21:99:c3:19:89:55:e8:ea:44:38:a0:8a:06:d6:c7:
dd:d0:61:aa:46:72:30:a0:d1:3c:44:6e:ed:0a:da:
5b:e9:35:bf:f8:fb:fc:8a:a6:bd:a6:fe:e2:d0:88:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:10:E3:1F:CC:79:D1:4A:09:4A:4D:5A:CD:D7:2C:5B:3F:71:BC:5E
X509v3 Authority Key Identifier:
keyid:34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/kRDjH8x50UoJSk1azdcsWz9xvF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.227.0/24
91.210.224.0/24
185.245.96.0/24
185.248.140.0/24
193.135.10.0/24
Signature Algorithm: sha256WithRSAEncryption
28:02:53:84:32:54:83:66:5a:2a:81:a0:f1:fc:aa:0c:f5:63:
91:c2:3c:fc:47:e4:52:ea:aa:ab:b2:bc:93:9b:b6:32:9e:b0:
45:8d:39:d1:2c:52:6d:80:b9:19:82:c1:f3:58:aa:68:c2:fc:
c5:71:24:44:7d:32:77:1b:ec:44:8e:ab:19:99:56:41:87:df:
ff:7d:80:81:45:1b:b8:ff:e4:34:4b:0f:4e:37:31:17:b3:05:
13:2e:aa:ee:d4:7e:8e:0c:53:50:a7:98:40:ab:60:91:7d:69:
03:6b:a6:e1:2a:c1:0f:db:28:cd:1f:30:f9:76:59:dd:15:78:
26:a6:51:21:94:9e:95:99:47:0f:8e:4e:fd:af:ad:0d:16:3e:
47:93:2d:f0:10:94:62:d3:26:6b:6d:26:ab:06:a2:72:be:38:
88:74:18:f4:4a:2e:7f:d9:5a:51:e6:5b:e5:f1:ae:f5:d8:ae:
0f:bc:4f:74:d2:d1:73:89:4c:e0:56:33:e9:b7:39:a2:fe:17:
ea:27:e2:37:62:2e:fb:c1:fc:93:a2:b8:29:3b:10:c3:f7:7e:
98:32:f7:1a:a3:60:27:05:8d:f4:e9:62:a2:e5:dd:ba:45:a2:
bc:2f:2f:e9:17:aa:08:cd:83:2d:d6:93:88:56:cf:9f:a8:17:
e0:51:58:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtNYS4bpYhcu/3S0WlQSMEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjBjNWE0MDNlMmRhZDNjNDdiNzkxZmRhMjA0MmNmNzE1
MDA5Y2YwHhcNMjMxMDIwMTM1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEwZTMxZmNjNzlkMTRhMDk0YTRkNWFjZGQ3MmM1YjNmNzFiYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy0NtKPbdbCdwx1nzLY6dWWdZOnp
YNunkDNZCneP5u5CBU1fma3II8byDwEBmeIHoDeRw0UsQn5NGcyGndIAkmCh/uvN
r8XbpmxRgdFwAocZV2/0OYXd4wH5m0C9Bty/kZGW3uudVY3jdnpXWwd83guk3EIO
zLqjxd4ukKFtLPY42TdJ+0aYTtBchnQLoILunHfCl9xgqnAg4ltiDBpuFk2oJbIL
c1Xj/6Yue6gWG5208xGF2hvhRLs75fjDkIzMKa6i09PI0U8VxNmCyjvxUsQhmcMZ
iVXo6kQ4oIoG1sfd0GGqRnIwoNE8RG7tCtpb6TW/+Pv8iqa9pv7i0Ig18wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJEQ4x/MedFKCUpNWs3XLFs/cbxeMB8GA1UdIwQY
MBaAFDSwxaQD4trTxHt5H9ogQs9xUAnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUt
YWFhYjI1ODk0ZDVlLzEva1JEakg4eDUwVW9KU2sxYXpkY3NXejl4dkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUtYWFhYjI1ODk0ZDVl
LzEvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNrjAwQA
W9LgAwQAufVgAwQAufiMAwQAwYcKMA0GCSqGSIb3DQEBCwUAA4IBAQAoAlOEMlSD
ZloqgaDx/KoM9WORwjz8R+RS6qqrsryTm7YynrBFjTnRLFJtgLkZgsHzWKpowvzF
cSREfTJ3G+xEjqsZmVZBh9//fYCBRRu4/+Q0Sw9ONzEXswUTLqru1H6ODFNQp5hA
q2CRfWkDa6bhKsEP2yjNHzD5dlndFXgmplEhlJ6VmUcPjk79r60NFj5Hky3wEJRi
0yZrbSarBqJyvjiIdBj0Si5/2VpR5lvl8a712K4PvE900tFziUzgVjPptzmi/hfq
J+I3Yi77wfyTorgpOxDD936YMvcao2AnBY306WKi5d26RaK8Ly/pF6oIzYMt1pOI
Vs+fqBfgUVg/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org