Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Nt18szL5BzLHfREBWzrM7b891ZA.roa
File: Nt18szL5BzLHfREBWzrM7b891ZA.roa (raw, json)
Hash identifier: 4E/DxIuOBxZ2HJdKjTM5Dc410sWUDqQn8qZfk/CWcCU=
Subject key identifier: 36:DD:7C:B3:32:F9:07:32:C7:7D:11:01:5B:3A:CC:ED:BF:3D:D5:90
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC794A12C2A847CFBC0DF41F1EB7EA80E
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Nt18szL5BzLHfREBWzrM7b891ZA.roa
Signing time: Tue 02 Jan 2024 00:30:55 +0000
ROA not before: Tue 02 Jan 2024 00:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57841
IP address blocks: 171.25.218.236/30 maxlen: 30
91.90.231.0/24 maxlen: 24
171.25.219.1/32 maxlen: 32
176.106.160.0/20 maxlen: 20
194.9.212.0/22 maxlen: 22
171.25.218.0/23 maxlen: 30
176.106.176.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 29 Oct 2024 10:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a1:2c:2a:84:7c:fb:c0:df:41:f1:eb:7e:a8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36dd7cb332f90732c77d11015b3accedbf3dd590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:cb:d6:c9:10:6f:e1:e2:26:b2:64:05:a0:
e8:32:4e:17:08:05:1a:91:a5:70:f7:41:66:08:5b:
d6:6e:d5:0a:f9:59:2c:23:77:12:54:d0:3b:13:90:
82:58:5c:84:24:86:f3:9d:7c:5c:b8:6a:17:76:21:
61:2c:e1:9e:b8:4c:07:ee:a6:b0:b3:9e:1e:77:02:
17:93:79:3f:57:4b:d1:1b:48:ea:5a:f5:0a:a5:35:
fa:b4:34:98:87:24:01:cf:b3:89:d8:b7:58:a5:bf:
6a:e9:02:15:df:82:d3:4f:64:3b:fc:1f:d5:2b:5c:
db:aa:f8:82:3b:99:ce:a7:b2:14:5d:2f:94:6f:cf:
60:31:3c:e3:80:a3:fb:3f:78:55:8f:6a:92:f3:b2:
73:90:33:c9:81:12:36:fc:e9:da:b7:45:42:63:1a:
27:56:db:e6:45:b2:8b:47:a5:0a:61:b0:94:85:41:
dc:9d:2e:ec:52:c8:fb:e4:29:e2:8e:5b:d7:ff:5b:
b8:0a:50:55:2d:22:44:1e:4a:ca:be:ea:b6:41:d1:
6e:65:cc:e8:49:26:6d:3e:63:35:ca:fb:cf:fb:55:
ec:58:0a:92:f9:38:f5:4f:14:4b:b0:9e:f9:3f:31:
00:f0:aa:4d:cb:96:ca:a1:01:d2:16:96:65:dc:79:
7b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:7C:B3:32:F9:07:32:C7:7D:11:01:5B:3A:CC:ED:BF:3D:D5:90
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Nt18szL5BzLHfREBWzrM7b891ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.231.0/24
171.25.218.0/23
176.106.160.0-176.106.183.255
194.9.212.0/22
Signature Algorithm: sha256WithRSAEncryption
80:71:e2:f2:c1:f6:a2:5f:17:c0:f3:7b:7c:96:49:77:42:2d:
a3:91:33:89:68:c0:ab:e9:1e:b5:16:ff:ce:1f:df:25:c9:65:
ad:c1:da:a7:3f:93:fb:35:2a:a7:30:00:c7:bc:96:12:c5:29:
20:d5:d1:98:5f:e4:47:75:64:1b:63:9e:e1:79:e6:aa:02:33:
7a:e7:98:bd:4c:c3:3e:41:c5:25:9b:b5:f0:87:ca:bd:32:70:
54:1e:2a:79:68:59:5e:42:d1:14:84:5d:d5:55:fb:3a:e9:ed:
77:5a:7b:ed:bd:cc:80:51:05:86:f6:2a:71:0f:91:84:f4:f6:
fa:e6:6a:30:a2:21:d6:8f:02:35:64:5a:43:6f:12:fa:47:59:
44:9e:22:7a:c4:b9:84:b9:66:30:e2:1c:e1:39:31:e8:46:46:
65:c6:e6:42:f8:cb:59:10:7e:5b:6c:a6:7e:0a:11:a2:5a:dc:
63:22:07:99:d2:60:2f:1e:03:84:bd:c3:34:d1:6f:6e:56:af:
f3:b9:56:eb:7d:3a:44:ab:4e:e8:26:d7:79:39:0d:c5:ac:c4:
a0:d0:34:20:45:20:29:2f:67:01:6f:43:26:53:e1:6e:98:85:
c9:c9:13:0c:8d:e3:1e:45:6c:ac:83:f5:4f:3f:38:62:66:9e:
07:18:29:fc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHlKEsKoR8+8DfQfHrfqgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRkN2NiMzMyZjkwNzMyYzc3ZDExMDE1YjNhY2NlZGJmM2RkNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7jL1skQb+HiJrJkBaDoMk4XCAUa
kaVw90FmCFvWbtUK+VksI3cSVNA7E5CCWFyEJIbznXxcuGoXdiFhLOGeuEwH7qaw
s54edwIXk3k/V0vRG0jqWvUKpTX6tDSYhyQBz7OJ2LdYpb9q6QIV34LTT2Q7/B/V
K1zbqviCO5nOp7IUXS+Ub89gMTzjgKP7P3hVj2qS87JzkDPJgRI2/Onat0VCYxon
VtvmRbKLR6UKYbCUhUHcnS7sUsj75CnijlvX/1u4ClBVLSJEHkrKvuq2QdFuZczo
SSZtPmM1yvvP+1XsWAqS+Tj1TxRLsJ75PzEA8KpNy5bKoQHSFpZl3Hl7iQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDbdfLMy+Qcyx30RAVs6zO2/PdWQMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvTnQxOHN6TDVCekxIZlJFQld6ck03Yjg5MVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW1rnAwQB
qxnaMAwDBAWwaqADBAOwarADBALCCdQwDQYJKoZIhvcNAQELBQADggEBAIBx4vLB
9qJfF8Dze3yWSXdCLaORM4lowKvpHrUW/84f3yXJZa3B2qc/k/s1KqcwAMe8lhLF
KSDV0Zhf5Ed1ZBtjnuF55qoCM3rnmL1Mwz5BxSWbtfCHyr0ycFQeKnloWV5C0RSE
XdVV+zrp7Xdae+29zIBRBYb2KnEPkYT09vrmajCiIdaPAjVkWkNvEvpHWUSeInrE
uYS5ZjDiHOE5MehGRmXG5kL4y1kQfltspn4KEaJa3GMiB5nSYC8eA4S9wzTRb25W
r/O5Vut9OkSrTugm13k5DcWsxKDQNCBFICkvZwFvQyZT4W6YhcnJEwyN4x5FbKyD
9U8/OGJmngcYKfw=
-----END CERTIFICATE-----
Generated at Tue Oct 29 13:02:35 2024 by rpki-client on console-fra.rpki-client.org