Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQLlstyPz2ZcNo_9sn4bhvLfkzc.roa
File: NQLlstyPz2ZcNo_9sn4bhvLfkzc.roa (raw, json)
Hash identifier: G1BmW8pJOnZa+p7YyxfIiXGSy/R4BV5nCmdgBc0n0BA=
Subject key identifier: 35:02:E5:B2:DC:8F:CF:66:5C:36:8F:FD:B2:7E:1B:86:F2:DF:93:37
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018EC8A085557577A34938572823253056F3
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQLlstyPz2ZcNo_9sn4bhvLfkzc.roa
Signing time: Wed 10 Apr 2024 15:29:06 +0000
ROA not before: Wed 10 Apr 2024 15:29:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215238
IP address blocks: 188.209.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 21:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:a0:85:55:75:77:a3:49:38:57:28:23:25:30:56:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Apr 10 15:29:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3502e5b2dc8fcf665c368ffdb27e1b86f2df9337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:1d:e8:9d:8f:cf:3c:65:1e:93:dd:11:5e:
f4:e3:7b:c0:82:30:8b:6d:a1:1e:9b:46:65:a2:c6:
2b:90:6a:ba:1a:b2:19:67:9c:5b:39:8f:5c:9f:60:
5b:18:7c:1a:b8:39:30:bb:56:fd:61:41:3e:1d:af:
41:69:d5:83:65:5e:39:b1:d8:ba:97:a6:40:72:25:
88:35:8e:99:5d:9e:b8:6f:97:5a:54:36:77:a6:d8:
8e:0b:b9:99:c8:d7:85:21:92:c7:91:64:46:67:df:
8b:15:c7:59:9c:a0:25:6c:5a:f0:6a:a7:12:f6:14:
b9:a7:57:95:5c:01:72:08:a4:23:e2:dc:13:3a:06:
da:0d:c7:00:e7:7e:47:81:7f:e0:7b:b6:00:14:f0:
05:bb:dd:78:02:d5:4c:4d:bf:0b:75:90:b3:67:65:
a0:a5:e9:cc:51:ca:4c:ab:66:86:4a:c0:64:e9:36:
ef:69:c7:8f:5f:47:a2:97:c2:8f:d8:f9:0d:60:b1:
57:52:d7:6f:11:ef:e6:b5:bf:d0:ef:a6:0f:53:94:
2f:23:a9:cb:e5:e5:09:58:9f:08:b1:eb:70:54:59:
36:2e:9c:0f:fa:08:0a:5e:d8:ff:8b:06:5b:fa:3c:
f1:2a:ee:ae:7e:f8:d7:de:b8:97:1e:d5:1b:e1:91:
0d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:02:E5:B2:DC:8F:CF:66:5C:36:8F:FD:B2:7E:1B:86:F2:DF:93:37
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQLlstyPz2ZcNo_9sn4bhvLfkzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.133.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6e:8a:47:62:b9:47:fa:54:9e:06:a2:f9:15:90:10:f6:82:
ee:ce:1c:57:85:34:53:96:a1:86:4e:49:bb:ed:3d:d3:fa:3d:
bf:81:fb:df:3e:13:1c:d7:27:7d:75:6f:90:f8:73:14:a4:5e:
01:eb:4f:6b:bb:b8:48:43:f3:32:93:5a:6b:d6:74:de:f4:83:
65:8d:45:35:5c:82:35:a0:be:28:7c:c5:25:50:eb:47:de:cf:
35:ba:e4:38:72:5b:6b:f5:bb:d2:6c:92:29:1d:db:7f:c2:b9:
e8:eb:71:f9:a2:ee:76:20:03:5f:76:6b:32:9a:7a:be:cb:5e:
0d:b0:76:78:bb:65:0a:15:e9:a8:73:73:5b:bc:ce:36:b0:f7:
32:33:8c:c4:78:2d:ce:0b:6f:40:eb:fd:62:10:18:1f:47:b7:
8e:d5:ec:b0:ec:c8:7e:36:86:37:cb:54:7b:e9:7b:e2:ab:fc:
89:b2:61:d4:07:86:24:76:9d:7c:94:39:62:05:fb:83:12:71:
ad:d6:0e:4c:e8:4e:5a:99:dd:71:fa:94:dd:cd:ec:0c:2c:9c:
e8:42:9a:cc:8e:59:ee:db:c7:14:47:7f:a2:e2:3e:dd:4b:04:
06:9c:4e:7e:b5:a9:f0:81:4a:6a:34:a4:12:e3:75:2a:4a:89:
59:12:5e:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7IoIVVdXejSThXKCMlMFbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNDEwMTUyOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAyZTViMmRjOGZjZjY2NWMzNjhmZmRiMjdlMWI4NmYyZGY5MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0cd6J2PzzxlHpPdEV7043vAgjCL
baEem0ZlosYrkGq6GrIZZ5xbOY9cn2BbGHwauDkwu1b9YUE+Ha9BadWDZV45sdi6
l6ZAciWINY6ZXZ64b5daVDZ3ptiOC7mZyNeFIZLHkWRGZ9+LFcdZnKAlbFrwaqcS
9hS5p1eVXAFyCKQj4twTOgbaDccA535HgX/ge7YAFPAFu914AtVMTb8LdZCzZ2Wg
penMUcpMq2aGSsBk6TbvacePX0eil8KP2PkNYLFXUtdvEe/mtb/Q76YPU5QvI6nL
5eUJWJ8IsetwVFk2LpwP+ggKXtj/iwZb+jzxKu6ufvjX3riXHtUb4ZEN/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUC5bLcj89mXDaP/bJ+G4by35M3MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTlFMbHN0eVB6MlpjTm9fOXNuNGJodkxma3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGFMA0G
CSqGSIb3DQEBCwUAA4IBAQApbopHYrlH+lSeBqL5FZAQ9oLuzhxXhTRTlqGGTkm7
7T3T+j2/gfvfPhMc1yd9dW+Q+HMUpF4B609ru7hIQ/Myk1pr1nTe9INljUU1XII1
oL4ofMUlUOtH3s81uuQ4cltr9bvSbJIpHdt/wrno63H5ou52IANfdmsymnq+y14N
sHZ4u2UKFemoc3NbvM42sPcyM4zEeC3OC29A6/1iEBgfR7eO1eyw7Mh+NoY3y1R7
6Xviq/yJsmHUB4Ykdp18lDliBfuDEnGt1g5M6E5amd1x+pTdzewMLJzoQprMjlnu
28cUR3+i4j7dSwQGnE5+tanwgUpqNKQS43UqSolZEl4h
-----END CERTIFICATE-----
Generated at Fri May 3 21:55:01 2024 by rpki-client on console-fra.rpki-client.org