Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NFsldV3Oo3numLXNTrQ7jbpDpUI.roa
File: NFsldV3Oo3numLXNTrQ7jbpDpUI.roa (raw, json)
Hash identifier: g1DopMTj/G3gF9Do/2YJP+zpwIHgITWXQdk99dPS2i8=
Subject key identifier: 34:5B:25:75:5D:CE:A3:79:EE:98:B5:CD:4E:B4:3B:8D:BA:43:A5:42
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DF37D8E78D330CA950976B71288F84E52
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NFsldV3Oo3numLXNTrQ7jbpDpUI.roa
Signing time: Thu 29 Feb 2024 06:11:48 +0000
ROA not before: Thu 29 Feb 2024 06:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 188.209.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 06:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:7d:8e:78:d3:30:ca:95:09:76:b7:12:88:f8:4e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 29 06:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=345b25755dcea379ee98b5cd4eb43b8dba43a542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:29:9b:1c:be:92:2a:5d:b9:b9:df:e6:f9:9e:
a8:ee:b2:d6:46:33:85:5e:12:74:62:4d:d8:3f:0d:
28:55:0c:39:0f:43:22:97:48:67:91:ba:44:7d:af:
68:af:33:e4:c9:63:0b:7e:a6:e8:2a:37:ef:2a:da:
0c:14:16:a9:20:30:45:ba:27:ff:6c:7a:3d:69:17:
2a:e7:4b:54:67:bd:24:93:bc:54:5e:d6:ee:e6:04:
e5:0e:d8:1c:80:6e:5c:a5:2e:52:b3:51:b4:15:1c:
4a:21:e6:bb:0a:23:11:29:fb:2d:5f:68:24:06:e4:
6e:16:e0:9a:f7:0b:7d:14:7c:e1:36:96:b2:90:cb:
69:28:34:9b:ec:34:19:77:07:bc:a7:62:e5:4f:ef:
5c:81:97:13:14:46:5a:1d:54:17:cd:66:66:53:e5:
ad:17:7e:9b:06:ce:dd:b3:0a:a4:a7:c9:34:57:01:
d7:05:30:05:2f:19:86:b7:c8:a5:89:dc:48:e6:8c:
26:c4:7c:37:1e:6d:2c:dd:eb:03:34:fd:0b:a6:ea:
59:5d:06:bd:4e:14:ce:4a:47:bf:bc:77:b5:3b:01:
7a:10:0c:91:65:51:43:5f:9c:82:92:1c:34:bd:f1:
e7:21:e1:97:e7:1d:40:11:b6:3f:f9:c8:0b:b9:ef:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5B:25:75:5D:CE:A3:79:EE:98:B5:CD:4E:B4:3B:8D:BA:43:A5:42
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NFsldV3Oo3numLXNTrQ7jbpDpUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:72:25:75:ca:9f:dc:df:24:00:db:23:40:d6:68:2f:07:35:
39:e9:d8:11:93:1e:86:46:d6:8f:db:23:71:65:2e:96:bf:fb:
83:56:1f:d3:14:c3:8a:51:b1:f1:a5:9e:91:18:96:fe:30:62:
55:40:be:91:15:41:6c:db:c1:de:23:51:e1:15:39:ae:10:56:
23:00:7a:8b:85:4e:8b:42:be:74:89:58:5e:1d:74:ef:9a:6e:
2e:a9:31:75:df:16:3e:7c:48:1b:70:2e:5a:15:d8:37:7e:45:
cf:27:ca:41:ae:6b:5d:9f:e4:7f:d5:01:a7:2e:66:6a:42:df:
5b:2e:2a:36:0d:74:2d:9d:5f:15:2b:36:d6:b3:33:f4:29:b0:
5f:b3:3e:b9:54:1b:90:97:f8:53:27:77:d4:75:f5:2f:bb:e0:
e9:e1:92:1c:41:a3:02:55:db:f8:91:93:b0:7c:a9:f3:fe:2c:
23:d0:cc:c3:1a:85:f9:48:8b:c7:8f:03:17:c2:f8:69:69:46:
5c:55:90:38:6c:bb:e8:02:8d:ef:3a:bd:cf:1e:e4:dc:5f:5c:
0c:fc:ae:ba:46:b3:0a:81:40:57:13:fe:79:a9:eb:67:ce:e6:
15:06:e8:d4:84:51:40:ec:e3:d9:73:fb:43:1a:17:7c:50:1c:
7b:46:9a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3zfY540zDKlQl2txKI+E5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjI5MDYxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDViMjU3NTVkY2VhMzc5ZWU5OGI1Y2Q0ZWI0M2I4ZGJhNDNhNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoimbHL6SKl25ud/m+Z6o7rLWRjOF
XhJ0Yk3YPw0oVQw5D0Mil0hnkbpEfa9orzPkyWMLfqboKjfvKtoMFBapIDBFuif/
bHo9aRcq50tUZ70kk7xUXtbu5gTlDtgcgG5cpS5Ss1G0FRxKIea7CiMRKfstX2gk
BuRuFuCa9wt9FHzhNpaykMtpKDSb7DQZdwe8p2LlT+9cgZcTFEZaHVQXzWZmU+Wt
F36bBs7dswqkp8k0VwHXBTAFLxmGt8ilidxI5owmxHw3Hm0s3esDNP0LpupZXQa9
ThTOSke/vHe1OwF6EAyRZVFDX5yCkhw0vfHnIeGX5x1AEbY/+cgLue8zlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRbJXVdzqN57pi1zU60O426Q6VCMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTkZzbGRWM09vM251bUxYTlRyUTdqYnBEcFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGHMA0G
CSqGSIb3DQEBCwUAA4IBAQCgciV1yp/c3yQA2yNA1mgvBzU56dgRkx6GRtaP2yNx
ZS6Wv/uDVh/TFMOKUbHxpZ6RGJb+MGJVQL6RFUFs28HeI1HhFTmuEFYjAHqLhU6L
Qr50iVheHXTvmm4uqTF13xY+fEgbcC5aFdg3fkXPJ8pBrmtdn+R/1QGnLmZqQt9b
Lio2DXQtnV8VKzbWszP0KbBfsz65VBuQl/hTJ3fUdfUvu+Dp4ZIcQaMCVdv4kZOw
fKnz/iwj0MzDGoX5SIvHjwMXwvhpaUZcVZA4bLvoAo3vOr3PHuTcX1wM/K66RrMK
gUBXE/55qetnzuYVBujUhFFA7OPZc/tDGhd8UBx7RpqN
-----END CERTIFICATE-----
Generated at Tue Oct 1 09:28:06 2024 by rpki-client on console-ams.rpki-client.org