Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/n1qwQls3A9HSMwtM8C9rG7tv80k.roa
File: n1qwQls3A9HSMwtM8C9rG7tv80k.roa (raw, json)
Hash identifier: XXmtwVlfR7iCglxvAovrQsUhS29XX+PZONfP0y/MgX4=
Subject key identifier: 9F:5A:B0:42:5B:37:03:D1:D2:33:0B:4C:F0:2F:6B:1B:BB:6F:F3:49
Certificate issuer: /CN=d695cb86586cbfd2462afa052c96a25c162830a8
Certificate serial: 018CC5DCBD1C4F27495DE8AFC6BEF8B45B81
Authority key identifier: D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/n1qwQls3A9HSMwtM8C9rG7tv80k.roa
Signing time: Mon 01 Jan 2024 16:30:26 +0000
ROA not before: Mon 01 Jan 2024 16:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210834
IP address blocks: 188.93.173.0/24 maxlen: 24
188.93.174.0/24 maxlen: 24
188.93.175.0/24 maxlen: 24
185.215.68.0/22 maxlen: 24
188.93.172.0/24 maxlen: 24
188.93.168.0/21 maxlen: 21
188.93.168.0/24 maxlen: 24
2a0b:880:4::/48 maxlen: 48
2a0b:880:5::/48 maxlen: 48
2a0b:880::/32 maxlen: 32
2a0b:880::/36 maxlen: 36
2a0b:880:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Mar 2024 09:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:bd:1c:4f:27:49:5d:e8:af:c6:be:f8:b4:5b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d695cb86586cbfd2462afa052c96a25c162830a8
Validity
Not Before: Jan 1 16:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f5ab0425b3703d1d2330b4cf02f6b1bbb6ff349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:dc:3b:08:a7:23:fe:56:5d:d1:2a:4a:79:08:
e5:05:45:46:49:ee:7b:b0:6d:d2:88:3b:ed:17:dc:
ec:fd:22:f0:40:89:1d:1e:82:96:36:69:c2:1b:4e:
27:27:8b:3c:48:2d:4f:d1:39:45:a8:18:84:87:57:
29:1c:dd:aa:53:eb:b4:cf:b5:47:8d:7a:20:9f:88:
ee:86:29:a2:c1:26:40:5a:05:60:9a:91:0d:55:a5:
4f:7b:19:7a:cc:97:e8:5c:de:19:86:11:d6:7d:93:
eb:d7:d4:70:13:58:a0:e2:bd:22:51:4b:03:de:77:
26:13:bd:f3:5f:b9:ef:10:2a:a1:e7:6c:e6:ff:1c:
45:21:82:89:3d:45:80:14:17:d4:73:81:0b:35:63:
3a:30:d1:b2:5d:e6:ef:0a:99:87:84:50:50:7c:1f:
4e:75:ee:c4:bd:dc:c6:b6:65:86:a8:a8:1a:b0:ef:
9a:24:25:cb:5c:d4:b5:89:ec:70:f9:56:11:6b:d1:
5e:45:bd:36:1b:9c:d5:e9:95:a1:01:8c:81:63:73:
dd:fe:95:af:ef:9e:00:c9:ad:96:44:f2:2a:50:1e:
65:84:a0:8f:00:d0:78:95:f7:7a:9b:53:b2:4c:36:
1a:3c:cc:6e:ed:98:a3:48:27:95:67:ef:ee:72:75:
a4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5A:B0:42:5B:37:03:D1:D2:33:0B:4C:F0:2F:6B:1B:BB:6F:F3:49
X509v3 Authority Key Identifier:
keyid:D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/n1qwQls3A9HSMwtM8C9rG7tv80k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/1pXLhlhsv9JGKvoFLJaiXBYoMKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.68.0/22
188.93.168.0/21
IPv6:
2a0b:880::/32
Signature Algorithm: sha256WithRSAEncryption
02:10:e8:5b:c6:0c:d7:7a:5f:97:78:e9:01:89:1f:b0:94:a3:
4d:04:ef:27:21:ba:a5:15:65:b1:39:64:ee:02:6f:63:25:6e:
da:99:2b:87:e2:d3:9c:ff:c0:66:16:a7:ad:3d:d0:fb:14:0e:
88:15:ee:bd:9d:b0:72:5c:cb:df:89:46:e0:ae:b4:66:f1:74:
61:59:b9:02:8a:7c:0c:30:28:d2:1d:84:69:0f:2e:11:cd:47:
38:08:a5:27:c0:9a:d4:76:cf:3c:e7:57:61:0d:a9:7a:80:ea:
87:25:c2:bf:88:92:c5:95:69:ac:a4:62:9a:7f:9e:05:b4:88:
da:d1:7c:5e:66:a5:7a:f5:36:38:a9:f0:47:b1:02:ae:8f:cd:
cc:0c:94:8d:b6:07:de:ad:86:87:14:f2:ec:a8:42:de:68:63:
fc:fb:4c:44:cd:4d:6b:79:e4:fe:4d:37:e0:48:05:76:38:eb:
c0:ce:16:cd:7e:6a:16:c3:21:bf:e9:78:d4:d5:a6:59:29:6a:
5a:ca:52:bb:e1:4a:a5:c9:79:d0:43:c9:81:45:d0:7c:ce:ee:
01:b8:95:08:91:cb:c4:80:a5:51:bc:89:be:85:ef:cb:e9:67:
98:d0:9c:04:88:55:f9:cb:de:06:03:1e:79:a3:3f:d8:28:38:
9a:d7:c3:7a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3L0cTydJXeivxr74tFuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTVjYjg2NTg2Y2JmZDI0NjJhZmEwNTJjOTZhMjVjMTYy
ODMwYTgwHhcNMjQwMTAxMTYzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjVhYjA0MjViMzcwM2QxZDIzMzBiNGNmMDJmNmIxYmJiNmZmMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNw7CKcj/lZd0SpKeQjlBUVGSe57
sG3SiDvtF9zs/SLwQIkdHoKWNmnCG04nJ4s8SC1P0TlFqBiEh1cpHN2qU+u0z7VH
jXogn4juhimiwSZAWgVgmpENVaVPexl6zJfoXN4ZhhHWfZPr19RwE1ig4r0iUUsD
3ncmE73zX7nvECqh52zm/xxFIYKJPUWAFBfUc4ELNWM6MNGyXebvCpmHhFBQfB9O
de7EvdzGtmWGqKgasO+aJCXLXNS1iexw+VYRa9FeRb02G5zV6ZWhAYyBY3Pd/pWv
754Aya2WRPIqUB5lhKCPANB4lfd6m1OyTDYaPMxu7ZijSCeVZ+/ucnWkzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ9asEJbNwPR0jMLTPAvaxu7b/NJMB8GA1UdIwQY
MBaAFNaVy4ZYbL/SRir6BSyWolwWKDCoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTkt
YTVjZDgxYjVlMDBiLzEvbjFxd1FsczNBOUhTTXd0TThDOXJHN3R2ODBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTktYTVjZDgxYjVlMDBi
LzEvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuddEAwQD
vF2oMA0EAgACMAcDBQAqCwiAMA0GCSqGSIb3DQEBCwUAA4IBAQACEOhbxgzXel+X
eOkBiR+wlKNNBO8nIbqlFWWxOWTuAm9jJW7amSuH4tOc/8BmFqetPdD7FA6IFe69
nbByXMvfiUbgrrRm8XRhWbkCinwMMCjSHYRpDy4RzUc4CKUnwJrUds8851dhDal6
gOqHJcK/iJLFlWmspGKaf54FtIja0XxeZqV69TY4qfBHsQKuj83MDJSNtgferYaH
FPLsqELeaGP8+0xEzU1reeT+TTfgSAV2OOvAzhbNfmoWwyG/6XjU1aZZKWpaylK7
4UqlyXnQQ8mBRdB8zu4BuJUIkcvEgKVRvIm+he/L6WeY0JwEiFX5y94GAx55oz/Y
KDia18N6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:13 2024 by rpki-client on console-fra.rpki-client.org