Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NGiHD5_0v2Hf1bsCeM_EqjQ_HDg.roa
File: NGiHD5_0v2Hf1bsCeM_EqjQ_HDg.roa (raw, json)
Hash identifier: uQevlzgqGtKtpUH4nboEtx0U2MQU+Pnz39QEoU4pR8g=
Subject key identifier: 34:68:87:0F:9F:F4:BF:61:DF:D5:BB:02:78:CF:C4:AA:34:3F:1C:38
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019001AAD96E1BE2120743E3D5FD27B9C1AB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NGiHD5_0v2Hf1bsCeM_EqjQ_HDg.roa
Signing time: Mon 10 Jun 2024 10:21:32 +0000
ROA not before: Mon 10 Jun 2024 10:21:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.251.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:aa:d9:6e:1b:e2:12:07:43:e3:d5:fd:27:b9:c1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 10 10:21:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3468870f9ff4bf61dfd5bb0278cfc4aa343f1c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:cf:9c:88:da:de:04:bb:c9:79:d6:2d:34:
96:c9:95:13:6f:76:bf:30:33:b7:32:8f:27:5e:d0:
73:ab:f9:50:55:de:bf:ad:94:65:e7:53:50:58:48:
ef:70:1d:ea:e2:64:21:1b:9f:f6:b4:a8:08:e2:ae:
c9:69:45:8d:9d:38:55:c5:19:8d:46:f3:89:9b:9b:
28:79:8c:b0:31:f7:03:b5:f6:bd:52:89:2e:cb:7e:
dc:fd:ca:a9:eb:91:60:64:b3:c1:f9:58:80:51:34:
e6:cd:c7:42:1d:d7:3d:5a:c5:9e:c7:a0:d3:e3:e1:
69:22:6a:d8:33:c2:8f:0e:66:08:65:2a:52:a1:0f:
1e:6b:86:c4:ee:49:39:75:55:ac:01:3c:95:ac:d3:
3c:54:2a:18:a7:fc:ec:12:ce:e1:ba:f9:e5:bd:8c:
5e:39:16:28:31:c6:46:54:7b:3a:6b:1c:08:fb:31:
71:62:f1:5d:6b:a3:5f:13:e6:4e:29:aa:c7:04:6d:
71:f3:76:fa:00:87:3f:31:dd:a8:bf:75:aa:e8:67:
68:9d:44:ed:2f:5f:83:d2:83:35:36:f3:e8:f8:65:
8a:79:57:63:e4:6a:e5:ae:62:22:97:10:bc:b9:5d:
bd:1d:11:26:2e:f2:7e:d2:3d:2d:78:22:d6:68:7d:
da:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:68:87:0F:9F:F4:BF:61:DF:D5:BB:02:78:CF:C4:AA:34:3F:1C:38
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NGiHD5_0v2Hf1bsCeM_EqjQ_HDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ef:ef:97:83:c3:32:07:e9:bc:e4:f5:c9:c1:32:fb:cc:0d:
a1:41:88:7e:1b:26:e2:fd:6b:44:d2:6a:db:b3:a6:eb:07:6c:
63:c0:bf:45:b1:a0:df:3c:04:cb:63:bd:0f:a3:5d:81:46:a0:
93:e8:03:12:b8:8a:a0:90:cd:7f:c6:c4:bf:5d:37:08:32:9c:
3c:e1:ef:97:de:46:c6:bf:86:d3:07:7f:6a:db:a7:76:b9:ee:
e6:fb:90:ad:33:02:8c:d8:85:10:f8:7c:dc:ce:b6:04:b1:f2:
2c:fb:b4:8c:33:4a:d8:9c:78:f1:fb:12:ac:bd:ab:52:55:17:
aa:28:7d:a7:21:6b:71:69:b3:54:0a:b8:cb:c9:19:fd:fb:97:
a6:e6:81:cb:73:48:d3:42:88:32:24:93:eb:ee:87:19:cd:0a:
c5:6a:89:55:3e:fb:f7:e3:1f:77:88:8b:7d:7b:7a:35:b9:d0:
b0:47:66:b9:c4:39:1a:0b:42:3c:46:77:5c:cf:68:51:7c:3c:
f7:70:42:46:2f:17:5f:1d:c6:cf:49:5f:8f:c8:ea:c7:93:b7:
61:ee:01:0b:31:e0:8e:27:27:19:b4:0d:4c:b9:09:35:ef:e3:
41:37:fb:ea:c8:04:f1:92:41:6b:ac:75:f0:f7:7c:a1:ef:b5:
20:a7:b1:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZABqtluG+ISB0Pj1f0nucGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjEwMTAyMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY4ODcwZjlmZjRiZjYxZGZkNWJiMDI3OGNmYzRhYTM0M2YxYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbjPnIja3gS7yXnWLTSWyZUTb3a/
MDO3Mo8nXtBzq/lQVd6/rZRl51NQWEjvcB3q4mQhG5/2tKgI4q7JaUWNnThVxRmN
RvOJm5soeYywMfcDtfa9Uokuy37c/cqp65FgZLPB+ViAUTTmzcdCHdc9WsWex6DT
4+FpImrYM8KPDmYIZSpSoQ8ea4bE7kk5dVWsATyVrNM8VCoYp/zsEs7huvnlvYxe
ORYoMcZGVHs6axwI+zFxYvFda6NfE+ZOKarHBG1x83b6AIc/Md2ov3Wq6GdonUTt
L1+D0oM1NvPo+GWKeVdj5GrlrmIilxC8uV29HREmLvJ+0j0teCLWaH3aAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRohw+f9L9h39W7AnjPxKo0Pxw4MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTkdpSEQ1XzB2MkhmMWJzQ2VNX0VxalFfSERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsWMA0G
CSqGSIb3DQEBCwUAA4IBAQAc7++Xg8MyB+m85PXJwTL7zA2hQYh+Gybi/WtE0mrb
s6brB2xjwL9FsaDfPATLY70Po12BRqCT6AMSuIqgkM1/xsS/XTcIMpw84e+X3kbG
v4bTB39q26d2ue7m+5CtMwKM2IUQ+HzczrYEsfIs+7SMM0rYnHjx+xKsvatSVReq
KH2nIWtxabNUCrjLyRn9+5em5oHLc0jTQogyJJPr7ocZzQrFaolVPvv34x93iIt9
e3o1udCwR2a5xDkaC0I8Rndcz2hRfDz3cEJGLxdfHcbPSV+PyOrHk7dh7gELMeCO
JycZtA1MuQk17+NBN/vqyATxkkFrrHXw93yh77Ugp7Hu
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:46:30 2024 by rpki-client on console-fra.rpki-client.org