Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/NUfMRzYwWc8nTMANkhg50PIUFmg.roa
File: NUfMRzYwWc8nTMANkhg50PIUFmg.roa (raw, json)
Hash identifier: xt4SGWHGdn/mTJX7n0rue9ot6tHK+Ny9PMpWzr+glhk=
Subject key identifier: 35:47:CC:47:36:30:59:CF:27:4C:C0:0D:92:18:39:D0:F2:14:16:68
Certificate issuer: /CN=1319f052bc9e7284888074390c9d0bc127606692
Certificate serial: 018DA8939A483F1B65CB61AE22442244ED00
Authority key identifier: 13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/NUfMRzYwWc8nTMANkhg50PIUFmg.roa
Signing time: Wed 14 Feb 2024 17:04:21 +0000
ROA not before: Wed 14 Feb 2024 17:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1897
IP address blocks: 88.157.0.0/16 maxlen: 16
88.157.0.0/18 maxlen: 18
88.157.64.0/18 maxlen: 18
88.157.128.0/18 maxlen: 18
88.157.192.0/18 maxlen: 18
193.126.0.0/16 maxlen: 16
194.79.64.0/19 maxlen: 19
195.23.0.0/16 maxlen: 16
212.0.160.0/19 maxlen: 19
213.205.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 19 Feb 2024 10:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:93:9a:48:3f:1b:65:cb:61:ae:22:44:22:44:ed:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1319f052bc9e7284888074390c9d0bc127606692
Validity
Not Before: Feb 14 17:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3547cc47363059cf274cc00d921839d0f2141668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:24:ec:4b:8a:fc:6a:da:63:da:9a:10:a4:
88:58:db:30:1a:f2:f0:42:48:ed:0c:4a:fc:8c:1d:
3f:16:df:2d:29:6b:78:cd:63:e4:00:87:b6:f3:8a:
74:2b:89:40:5f:d3:20:72:43:79:94:70:ef:00:00:
2b:8b:69:9b:64:32:b9:16:d6:64:0c:09:47:a2:9d:
c8:6a:44:3c:3d:04:a0:1b:46:88:26:e5:bf:8d:56:
68:5c:a9:e8:16:23:61:81:69:14:7d:fc:99:bd:6e:
93:c1:d6:75:76:aa:d5:b4:ad:19:c2:7b:0a:09:44:
93:30:18:54:da:ce:d1:3d:83:47:fe:d7:2a:db:a8:
91:fe:3a:b3:01:af:00:ed:c9:c5:e0:96:2d:65:ac:
d0:b1:1d:03:64:10:b7:1b:e9:30:06:94:ee:07:ce:
f4:c7:b4:03:0d:82:29:1d:84:68:14:b1:09:fa:4c:
e6:c2:d9:70:47:76:2f:48:ef:4d:3f:d5:ed:db:d7:
f6:1f:68:9b:77:68:f1:da:cd:30:8f:04:d7:e1:7f:
c9:94:6a:ea:49:96:8d:35:9b:b7:79:e1:9c:2c:17:
d0:4f:eb:83:12:66:43:3b:81:cf:c7:ce:94:3b:a1:
a7:91:6c:98:70:41:76:d2:cf:37:70:04:c9:07:0c:
c2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:47:CC:47:36:30:59:CF:27:4C:C0:0D:92:18:39:D0:F2:14:16:68
X509v3 Authority Key Identifier:
keyid:13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/NUfMRzYwWc8nTMANkhg50PIUFmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/ExnwUryecoSIgHQ5DJ0LwSdgZpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.157.0.0/16
193.126.0.0/16
194.79.64.0/19
195.23.0.0/16
212.0.160.0/19
213.205.64.0/19
Signature Algorithm: sha256WithRSAEncryption
8d:74:26:32:f8:4c:38:08:bc:6c:71:3e:fd:14:81:9a:5e:87:
d5:83:ea:73:45:62:a5:58:f8:4f:b5:6a:35:de:45:1c:20:ca:
72:29:8e:c2:90:5f:c9:6b:01:12:2e:28:a3:ea:2b:10:c1:b0:
98:e5:00:83:ec:a7:fe:27:aa:4d:30:a8:f9:0f:14:69:e3:27:
f7:7b:b7:bb:94:ad:ba:1a:50:0a:0b:dd:1c:fe:20:9f:dd:54:
74:67:bd:29:c2:31:95:80:26:f8:58:4e:c0:72:74:85:02:01:
3c:fe:26:2a:10:f5:75:c0:0d:59:51:b8:f3:3a:49:3c:1c:5f:
39:da:80:bd:32:c9:dd:5c:d8:65:9e:47:b2:b3:de:49:32:e7:
17:86:af:df:05:96:e6:b6:0d:55:e6:3c:98:b6:51:3e:6a:ca:
ec:13:e0:26:08:4f:9d:09:3c:ea:5d:7b:c4:5e:a1:b6:bf:13:
2a:5e:01:77:f7:28:b6:2f:eb:10:58:62:3d:06:a7:57:a5:ca:
fd:87:2c:0f:ae:49:ef:e4:d7:03:5d:04:71:80:10:db:9b:55:
3c:ae:fa:0c:a9:e1:73:a2:bb:04:d9:14:88:7d:51:bd:a8:90:
07:5c:2d:f4:35:16:93:a3:95:30:9a:6a:93:47:26:e2:8c:56:
79:36:62:46
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY2ok5pIPxtly2GuIkQiRO0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTlmMDUyYmM5ZTcyODQ4ODgwNzQzOTBjOWQwYmMxMjc2
MDY2OTIwHhcNMjQwMjE0MTcwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ3Y2M0NzM2MzA1OWNmMjc0Y2MwMGQ5MjE4MzlkMGYyMTQxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNUk7EuK/GraY9qaEKSIWNswGvLw
QkjtDEr8jB0/Ft8tKWt4zWPkAIe284p0K4lAX9MgckN5lHDvAAAri2mbZDK5FtZk
DAlHop3IakQ8PQSgG0aIJuW/jVZoXKnoFiNhgWkUffyZvW6TwdZ1dqrVtK0ZwnsK
CUSTMBhU2s7RPYNH/tcq26iR/jqzAa8A7cnF4JYtZazQsR0DZBC3G+kwBpTuB870
x7QDDYIpHYRoFLEJ+kzmwtlwR3YvSO9NP9Xt29f2H2ibd2jx2s0wjwTX4X/JlGrq
SZaNNZu3eeGcLBfQT+uDEmZDO4HPx86UO6GnkWyYcEF20s83cATJBwzCiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDVHzEc2MFnPJ0zADZIYOdDyFBZoMB8GA1UdIwQY
MBaAFBMZ8FK8nnKEiIB0OQydC8EnYGaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUt
MmMxYTc3MzBiZDI1LzEvTlVmTVJ6WXdXYzhuVE1BTmtoZzUwUElVRm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUtMmMxYTc3MzBiZDI1
LzEvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMAWJ0DAwDB
fgMEBcJPQAMDAMMXAwQF1ACgAwQF1c1AMA0GCSqGSIb3DQEBCwUAA4IBAQCNdCYy
+Ew4CLxscT79FIGaXofVg+pzRWKlWPhPtWo13kUcIMpyKY7CkF/JawESLiij6isQ
wbCY5QCD7Kf+J6pNMKj5DxRp4yf3e7e7lK26GlAKC90c/iCf3VR0Z70pwjGVgCb4
WE7AcnSFAgE8/iYqEPV1wA1ZUbjzOkk8HF852oC9MsndXNhlnkeys95JMucXhq/f
BZbmtg1V5jyYtlE+asrsE+AmCE+dCTzqXXvEXqG2vxMqXgF39yi2L+sQWGI9BqdX
pcr9hywPrknv5NcDXQRxgBDbm1U8rvoMqeFzorsE2RSIfVG9qJAHXC30NRaTo5Uw
mmqTRybijFZ5NmJG
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:21:39 2024 by rpki-client on console-fra.rpki-client.org