Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NSkPRAfY-WZrhrbDoHd4ICEL5mw.roa
File: NSkPRAfY-WZrhrbDoHd4ICEL5mw.roa (raw, json)
Hash identifier: 5FCXCXLwulvIuxs1Dz5c/mEd16Agajsstm8j0eFGnBY=
Subject key identifier: 35:29:0F:44:07:D8:F9:66:6B:86:B6:C3:A0:77:78:20:21:0B:E6:6C
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 019363BBC379011B2F383C14DD2C16E2BDF4
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NSkPRAfY-WZrhrbDoHd4ICEL5mw.roa
Signing time: Mon 25 Nov 2024 14:31:09 +0000
ROA not before: Mon 25 Nov 2024 14:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29551
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
193.24.208.0/22 maxlen: 22
194.24.160.0/23 maxlen: 23
2001:67c:2c58::/48 maxlen: 48
2a00:1910::/29 maxlen: 29
2a00:1910::/32 maxlen: 32
2a00:1911::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Nov 2024 19:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:bb:c3:79:01:1b:2f:38:3c:14:dd:2c:16:e2:bd:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Nov 25 14:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35290f4407d8f9666b86b6c3a0777820210be66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:8d:99:a4:48:6b:03:51:2f:92:5d:32:93:
38:d0:82:70:18:80:fc:14:ef:b9:45:08:f5:38:f4:
9f:74:a5:e3:69:fb:15:d1:91:7e:bc:e5:bd:3b:5b:
12:b5:1e:8f:a7:33:0d:13:ba:e5:33:d2:f9:76:d2:
87:b2:2a:16:2d:61:c4:a2:85:2f:db:f8:1a:f4:c4:
01:6c:a7:07:f0:ad:7d:81:67:83:42:a5:a2:bc:bd:
9c:15:8f:eb:fa:21:e6:32:d1:a3:18:c8:79:c3:50:
97:52:70:46:b2:e5:44:f4:91:56:32:5e:41:82:35:
40:ae:2c:2e:3b:b2:79:ec:0b:9f:eb:ad:13:bb:93:
23:1c:86:85:31:b5:77:4b:3a:03:db:4a:b2:8a:34:
1b:25:1e:6c:f3:3a:1f:66:00:44:69:bd:b3:80:0d:
f1:06:a4:5c:60:60:e4:f3:27:a6:45:4e:2c:43:7d:
a8:39:b8:00:c5:db:e8:11:47:8b:4c:5b:b0:2b:0f:
b0:62:bb:91:ee:70:38:47:3e:7c:b2:0a:aa:c0:7f:
71:ce:d4:52:a2:68:f1:b6:01:1d:aa:05:e4:56:51:
93:1a:32:d3:ff:27:33:4d:9a:ad:fd:15:1c:0b:4c:
19:0c:2b:77:f8:39:1c:64:a6:96:d8:6c:a9:0e:92:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:0F:44:07:D8:F9:66:6B:86:B6:C3:A0:77:78:20:21:0B:E6:6C
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NSkPRAfY-WZrhrbDoHd4ICEL5mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
193.24.208.0/22
194.24.160.0/23
IPv6:
2001:67c:2c58::/48
2a00:1910::/29
Signature Algorithm: sha256WithRSAEncryption
49:5f:5d:da:8f:f8:c3:cb:6e:87:2f:cd:9d:76:35:bb:61:35:
a0:19:be:a0:0e:e5:10:36:71:ec:02:40:67:b0:85:7b:a0:ea:
a0:2f:78:6b:b7:a4:56:83:2a:f1:c2:f2:d4:fb:cf:33:7f:c4:
20:4a:33:88:62:1b:fd:b2:83:87:b3:47:fe:eb:6d:fb:90:d6:
52:5a:80:99:52:62:08:9d:c4:9b:82:80:f1:92:9c:f2:75:e5:
1a:93:8d:07:33:6a:01:e4:4e:df:55:91:53:2b:b1:6c:4d:9b:
53:3c:24:22:0e:5c:88:8e:93:65:ad:40:92:48:2a:cb:db:1c:
98:4e:82:ca:5a:12:da:25:4f:5e:e2:05:2f:13:06:87:e0:1a:
bc:68:4d:90:54:13:ed:64:35:fa:f8:ed:86:85:1a:2a:30:ae:
24:61:a9:4e:d6:0e:1c:00:06:38:ee:5b:27:d4:95:44:7d:8a:
ba:01:d7:15:cc:6a:97:54:41:13:e6:37:f1:db:7a:bf:14:56:
cd:71:d6:4f:8c:70:f4:70:de:d5:88:47:d0:0e:79:5a:3c:27:
9c:79:03:cc:ea:d2:c1:36:aa:27:6d:08:bc:c3:63:b4:7e:98:
37:f3:51:70:97:18:1b:0e:f5:14:ca:38:48:5f:36:fc:b9:58:
c5:21:d6:b1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZNju8N5ARsvODwU3SwW4r30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQxMTI1MTQzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI5MGY0NDA3ZDhmOTY2NmI4NmI2YzNhMDc3NzgyMDIxMGJlNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4CNmaRIawNRL5JdMpM40IJwGID8
FO+5RQj1OPSfdKXjafsV0ZF+vOW9O1sStR6PpzMNE7rlM9L5dtKHsioWLWHEooUv
2/ga9MQBbKcH8K19gWeDQqWivL2cFY/r+iHmMtGjGMh5w1CXUnBGsuVE9JFWMl5B
gjVAriwuO7J57Auf660Tu5MjHIaFMbV3SzoD20qyijQbJR5s8zofZgBEab2zgA3x
BqRcYGDk8yemRU4sQ32oObgAxdvoEUeLTFuwKw+wYruR7nA4Rz58sgqqwH9xztRS
omjxtgEdqgXkVlGTGjLT/yczTZqt/RUcC0wZDCt3+DkcZKaW2GypDpKv2QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDUpD0QH2Plma4a2w6B3eCAhC+ZsMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvTlNrUFJBZlktV1pyaHJiRG9IZDRJQ0VMNW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQAWNYZAwQA
W+RlAwQCwRjQAwQBwhigMBYEAgACMBADBwAgAQZ8LFgDBQMqABkQMA0GCSqGSIb3
DQEBCwUAA4IBAQBJX13aj/jDy26HL82ddjW7YTWgGb6gDuUQNnHsAkBnsIV7oOqg
L3hrt6RWgyrxwvLU+88zf8QgSjOIYhv9soOHs0f+6237kNZSWoCZUmIIncSbgoDx
kpzydeUak40HM2oB5E7fVZFTK7FsTZtTPCQiDlyIjpNlrUCSSCrL2xyYToLKWhLa
JU9e4gUvEwaH4Bq8aE2QVBPtZDX6+O2GhRoqMK4kYalO1g4cAAY47lsn1JVEfYq6
AdcVzGqXVEET5jfx23q/FFbNcdZPjHD0cN7ViEfQDnlaPCeceQPM6tLBNqonbQi8
w2O0fpg381FwlxgbDvUUyjhIXzb8uVjFIdax
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:18 2025 by rpki-client