Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nbpQPQ9qAqZMOEpNwZ2dUSkQa_I.roa
File: nbpQPQ9qAqZMOEpNwZ2dUSkQa_I.roa (raw, json)
Hash identifier: xLueKlUhJD5dirscRvnVaDAjpWe7AWpLygOLdbBe/3s=
Subject key identifier: 9D:BA:50:3D:0F:6A:02:A6:4C:38:4A:4D:C1:9D:9D:51:29:10:6B:F2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018DE70A9A57DB8EAEE3E94EE9DACCF35E4E
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nbpQPQ9qAqZMOEpNwZ2dUSkQa_I.roa
Signing time: Mon 26 Feb 2024 20:10:48 +0000
ROA not before: Mon 26 Feb 2024 20:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215567
IP address blocks: 5.178.106.0/24 maxlen: 24
5.178.107.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 19:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e7:0a:9a:57:db:8e:ae:e3:e9:4e:e9:da:cc:f3:5e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Feb 26 20:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dba503d0f6a02a64c384a4dc19d9d5129106bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ea:ed:85:0d:b2:a7:94:7c:bd:ec:66:6c:6d:
77:56:84:d8:21:4d:c0:04:b5:55:23:e6:cf:3f:f6:
2c:f2:7e:61:8c:6a:58:fe:3c:1b:cd:a9:2b:1c:35:
43:01:45:80:73:fd:a1:38:a9:e7:9a:71:90:7d:8c:
a6:1e:69:39:20:85:e6:ba:f2:94:ec:b6:3d:be:3f:
b3:bd:30:1a:64:dc:c0:a4:dc:16:ed:fb:62:5b:cd:
a5:f7:52:73:d4:bb:82:78:83:50:1c:03:d0:ef:bd:
7a:de:e8:6f:c2:74:b8:d5:21:93:1e:51:8f:d5:96:
fc:18:0e:2e:2a:a0:a1:75:69:1a:22:bb:71:c5:08:
8d:2e:e1:65:29:56:96:6e:84:a5:51:a0:73:e3:d4:
1c:15:c8:36:bd:03:1f:a3:f7:5d:da:bd:19:c0:4b:
40:40:07:bf:8e:c1:e3:21:45:94:17:c2:42:9a:f7:
39:6f:97:9c:f2:fe:0a:43:12:d4:e1:63:5a:8e:21:
0e:81:63:50:be:da:0c:4d:ed:1d:ee:64:b4:66:fd:
b4:80:c1:74:38:11:f0:b9:6d:37:5c:d0:92:5a:7e:
b4:47:cf:d9:78:f5:47:60:b2:d1:93:84:b1:97:e5:
8d:21:a9:8b:75:1f:23:95:c9:91:f4:d1:47:5c:e2:
4e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BA:50:3D:0F:6A:02:A6:4C:38:4A:4D:C1:9D:9D:51:29:10:6B:F2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/nbpQPQ9qAqZMOEpNwZ2dUSkQa_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.106.0/23
5.178.109.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:98:09:94:ed:34:25:3d:67:3b:8d:d9:16:74:c9:ee:82:52:
b8:b3:96:92:d5:e8:84:a5:4d:cc:93:c5:3e:02:f7:31:30:bf:
84:df:37:f8:c4:a8:7d:cc:3b:0f:02:f7:a8:32:aa:82:61:52:
06:f1:3c:cc:72:41:40:e5:82:7f:fd:e6:21:51:c0:06:cc:66:
67:b5:7e:13:4e:64:03:ed:b8:5f:b6:52:3d:08:a1:9b:f5:27:
6c:31:b4:4f:dc:dd:37:24:1b:0f:ac:67:62:98:58:5a:2c:9b:
c1:ce:06:5e:55:35:6b:c5:56:06:5e:bb:a8:30:1e:86:47:30:
f2:ba:dd:f5:cc:44:20:23:4d:ed:23:81:33:20:59:3b:98:6b:
ae:83:d3:f8:87:6d:5a:6d:3d:0c:4e:7a:5c:42:40:9a:2c:95:
72:78:be:f6:a1:ff:81:d3:58:c3:ca:6b:e5:50:29:9b:f7:d5:
fa:bc:c2:c4:f4:20:33:de:16:b8:68:40:f3:2e:0d:2b:0b:6c:
25:98:fd:2a:8d:09:79:fe:a6:80:99:21:49:3e:21:34:51:aa:
77:dd:25:98:cd:db:20:aa:80:6d:95:25:69:57:36:47:84:85:
ae:01:7e:63:9a:a0:76:14:57:9c:05:4c:1d:1f:fb:68:55:ea:
69:1c:66:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3nCppX246u4+lO6drM815OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMjI2MjAxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGJhNTAzZDBmNmEwMmE2NGMzODRhNGRjMTlkOWQ1MTI5MTA2YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhurthQ2yp5R8vexmbG13VoTYIU3A
BLVVI+bPP/Ys8n5hjGpY/jwbzakrHDVDAUWAc/2hOKnnmnGQfYymHmk5IIXmuvKU
7LY9vj+zvTAaZNzApNwW7ftiW82l91Jz1LuCeINQHAPQ77163uhvwnS41SGTHlGP
1Zb8GA4uKqChdWkaIrtxxQiNLuFlKVaWboSlUaBz49QcFcg2vQMfo/dd2r0ZwEtA
QAe/jsHjIUWUF8JCmvc5b5ec8v4KQxLU4WNajiEOgWNQvtoMTe0d7mS0Zv20gMF0
OBHwuW03XNCSWn60R8/ZePVHYLLRk4Sxl+WNIamLdR8jlcmR9NFHXOJOCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ26UD0PagKmTDhKTcGdnVEpEGvyMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbmJwUVBROXFBcVpNT0VwTndaMmRVU2tRYV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbJqAwQA
BbJtMA0GCSqGSIb3DQEBCwUAA4IBAQBMmAmU7TQlPWc7jdkWdMnuglK4s5aS1eiE
pU3Mk8U+AvcxML+E3zf4xKh9zDsPAveoMqqCYVIG8TzMckFA5YJ//eYhUcAGzGZn
tX4TTmQD7bhftlI9CKGb9SdsMbRP3N03JBsPrGdimFhaLJvBzgZeVTVrxVYGXruo
MB6GRzDyut31zEQgI03tI4EzIFk7mGuug9P4h21abT0MTnpcQkCaLJVyeL72of+B
01jDymvlUCmb99X6vMLE9CAz3ha4aEDzLg0rC2wlmP0qjQl5/qaAmSFJPiE0Uap3
3SWYzdsgqoBtlSVpVzZHhIWuAX5jmqB2FFecBUwdH/toVeppHGaG
-----END CERTIFICATE-----
Generated at Mon Mar 18 22:01:04 2024 by rpki-client on console-fra.rpki-client.org