Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9b1f86-0f30-4bb9-8309-9837bc22c705/1/nTMTmO8q6PxZ6gxmJw5lmmMm4nE.roa
File: nTMTmO8q6PxZ6gxmJw5lmmMm4nE.roa (raw, json)
Hash identifier: YKBwgJRIKLFkABpm4MP+4+gkflTJy7fv7iC5frsDXfY=
Subject key identifier: 9D:33:13:98:EF:2A:E8:FC:59:EA:0C:66:27:0E:65:9A:63:26:E2:71
Certificate issuer: /CN=b5ac699b54a02872a42f0c09926c4706e71e3203
Certificate serial: 018F7B787FE60A42A5C6D2AD6348B433384A
Authority key identifier: B5:AC:69:9B:54:A0:28:72:A4:2F:0C:09:92:6C:47:06:E7:1E:32:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/taxpm1SgKHKkLwwJkmxHBuceMgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9b1f86-0f30-4bb9-8309-9837bc22c705/1/nTMTmO8q6PxZ6gxmJw5lmmMm4nE.roa
Signing time: Wed 15 May 2024 08:57:25 +0000
ROA not before: Wed 15 May 2024 08:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197129
IP address blocks: 178.219.192.0/24 maxlen: 24
178.219.193.0/24 maxlen: 24
178.219.194.0/24 maxlen: 24
178.219.195.0/24 maxlen: 24
178.219.196.0/24 maxlen: 24
178.219.197.0/24 maxlen: 24
178.219.198.0/24 maxlen: 24
178.219.199.0/24 maxlen: 24
178.219.200.0/24 maxlen: 24
178.219.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 08:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:78:7f:e6:0a:42:a5:c6:d2:ad:63:48:b4:33:38:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5ac699b54a02872a42f0c09926c4706e71e3203
Validity
Not Before: May 15 08:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d331398ef2ae8fc59ea0c66270e659a6326e271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a3:67:1e:f7:9f:85:2e:87:64:f2:34:94:a2:
fc:38:ac:fb:6c:19:76:78:7f:5b:03:6d:bf:29:75:
b9:ac:c9:57:47:fd:af:cb:45:c3:9d:91:f2:e6:b4:
0b:9e:c6:6a:2d:b3:4c:27:14:19:7d:61:b0:b2:88:
46:d3:58:79:18:d2:44:66:9d:7a:59:df:81:6c:d2:
64:3a:74:f1:0a:56:ad:33:8f:61:99:43:3a:aa:f4:
b5:8f:03:b1:71:a3:d8:69:21:33:59:00:c6:b4:74:
c7:62:a8:b5:7e:cc:f5:c5:fe:ee:22:ef:20:cb:e8:
d5:78:4d:14:39:1b:2b:60:6c:95:70:94:36:5a:9d:
7b:75:16:45:3a:ed:6e:b6:2c:0f:3b:ef:16:d9:12:
e9:d8:20:e8:52:86:57:d0:5a:6b:82:7c:b4:38:25:
1c:a5:ee:5d:d4:69:85:60:ee:0c:ae:83:68:d2:18:
56:8d:df:72:7c:da:5a:a0:62:a5:65:ac:8e:a5:c8:
43:9b:57:7a:59:c0:c9:6b:31:81:04:57:be:22:70:
16:9e:c4:0f:02:4d:ca:72:1e:f5:73:1c:d3:74:87:
32:8b:19:13:f1:63:b3:e2:d6:70:22:65:b1:92:ad:
2c:33:89:fb:2d:9c:6e:91:a7:d8:b2:cd:63:db:be:
50:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:33:13:98:EF:2A:E8:FC:59:EA:0C:66:27:0E:65:9A:63:26:E2:71
X509v3 Authority Key Identifier:
keyid:B5:AC:69:9B:54:A0:28:72:A4:2F:0C:09:92:6C:47:06:E7:1E:32:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/taxpm1SgKHKkLwwJkmxHBuceMgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9b1f86-0f30-4bb9-8309-9837bc22c705/1/nTMTmO8q6PxZ6gxmJw5lmmMm4nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9b1f86-0f30-4bb9-8309-9837bc22c705/1/taxpm1SgKHKkLwwJkmxHBuceMgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.192.0-178.219.201.255
Signature Algorithm: sha256WithRSAEncryption
65:1f:c9:38:5f:2c:2a:9f:cb:bb:1f:e1:bf:f0:38:3a:14:1e:
5f:62:6c:f1:3b:33:96:77:37:4c:2c:99:97:86:7d:da:07:3d:
8e:ee:69:bf:0c:a2:78:82:b6:57:1d:5e:d1:60:82:db:fb:75:
0b:c9:eb:a1:3d:2b:73:60:51:4d:0c:a7:c6:7b:04:b1:49:a3:
27:19:d2:5c:8e:61:ed:73:17:a7:6d:55:1f:8b:ba:32:54:d5:
c7:30:c0:22:ec:d5:47:fd:b7:af:df:dd:17:52:56:72:a5:63:
c9:09:83:3b:a8:42:b5:d1:e5:04:ab:0d:0b:d0:db:d6:83:5d:
2f:81:2c:34:bc:9b:55:eb:a6:10:4d:22:6a:35:49:15:36:3e:
c5:71:ba:7f:5d:12:e5:c6:ad:9f:00:3a:c3:89:84:4b:01:71:
90:44:9e:db:7e:28:96:53:b9:53:ea:7f:6a:a8:27:25:c6:4d:
e0:85:81:07:a7:ca:55:ee:f8:af:c5:eb:33:d7:92:bc:cd:dc:
00:18:32:9b:55:05:9e:12:77:a3:6f:58:9c:cb:34:85:3d:61:
18:df:0f:91:07:9b:d5:f2:bd:48:f8:49:e2:24:7c:39:57:7b:
f3:94:39:6d:38:63:a2:be:e4:16:5e:00:2a:55:09:21:63:05:
08:83:fc:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY97eH/mCkKlxtKtY0i0MzhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWM2OTliNTRhMDI4NzJhNDJmMGMwOTkyNmM0NzA2ZTcx
ZTMyMDMwHhcNMjQwNTE1MDg1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMzMTM5OGVmMmFlOGZjNTllYTBjNjYyNzBlNjU5YTYzMjZlMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6NnHvefhS6HZPI0lKL8OKz7bBl2
eH9bA22/KXW5rMlXR/2vy0XDnZHy5rQLnsZqLbNMJxQZfWGwsohG01h5GNJEZp16
Wd+BbNJkOnTxClatM49hmUM6qvS1jwOxcaPYaSEzWQDGtHTHYqi1fsz1xf7uIu8g
y+jVeE0UORsrYGyVcJQ2Wp17dRZFOu1utiwPO+8W2RLp2CDoUoZX0Fprgny0OCUc
pe5d1GmFYO4MroNo0hhWjd9yfNpaoGKlZayOpchDm1d6WcDJazGBBFe+InAWnsQP
Ak3Kch71cxzTdIcyixkT8WOz4tZwImWxkq0sM4n7LZxukafYss1j275QtwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ0zE5jvKuj8WeoMZicOZZpjJuJxMB8GA1UdIwQY
MBaAFLWsaZtUoChypC8MCZJsRwbnHjIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGF4cG0xU2dLSEtrTHd3SmtteEhCdWNlTWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85YjFmODYtMGYzMC00YmI5LTgzMDkt
OTgzN2JjMjJjNzA1LzEvblRNVG1POHE2UHhaNmd4bUp3NWxtbU1tNG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85YjFmODYtMGYzMC00YmI5LTgzMDktOTgzN2JjMjJjNzA1
LzEvdGF4cG0xU2dLSEtrTHd3SmtteEhCdWNlTWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAay28AD
BAGy28gwDQYJKoZIhvcNAQELBQADggEBAGUfyThfLCqfy7sf4b/wODoUHl9ibPE7
M5Z3N0wsmZeGfdoHPY7uab8MoniCtlcdXtFggtv7dQvJ66E9K3NgUU0Mp8Z7BLFJ
oycZ0lyOYe1zF6dtVR+LujJU1ccwwCLs1Uf9t6/f3RdSVnKlY8kJgzuoQrXR5QSr
DQvQ29aDXS+BLDS8m1XrphBNImo1SRU2PsVxun9dEuXGrZ8AOsOJhEsBcZBEntt+
KJZTuVPqf2qoJyXGTeCFgQenylXu+K/F6zPXkrzN3AAYMptVBZ4Sd6NvWJzLNIU9
YRjfD5EHm9XyvUj4SeIkfDlXe/OUOW04Y6K+5BZeACpVCSFjBQiD/G4=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:16:59 2025 by rpki-client