Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nHPCV378Skgti4p4erg2o8N_FBQ.roa
File: nHPCV378Skgti4p4erg2o8N_FBQ.roa (raw, json)
Hash identifier: HHEdtU8bk6vc4ZlgStiGb/TVdngCLqlpKZ88YbYwnRw=
Subject key identifier: 9C:73:C2:57:7E:FC:4A:48:2D:8B:8A:78:7A:B8:36:A3:C3:7F:14:14
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CF34825782484398B9067B936D92E040D
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nHPCV378Skgti4p4erg2o8N_FBQ.roa
Signing time: Wed 10 Jan 2024 12:10:40 +0000
ROA not before: Wed 10 Jan 2024 12:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48715
IP address blocks: 188.212.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 07:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:48:25:78:24:84:39:8b:90:67:b9:36:d9:2e:04:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 10 12:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c73c2577efc4a482d8b8a787ab836a3c37f1414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8d:16:a9:4d:af:73:52:40:c1:80:66:4f:06:
99:f3:b4:ea:b0:11:73:4a:4c:d0:72:8a:a2:2b:43:
e7:2d:a0:8a:96:e6:6e:90:a8:e4:30:d0:7f:6b:34:
61:16:c3:d8:35:21:5d:ae:aa:30:18:21:6b:4a:eb:
c8:b5:d2:86:b8:92:56:8b:2d:d2:b7:39:7a:10:12:
95:ea:9d:65:8f:bb:c5:b9:bb:e5:22:9f:7f:cd:e0:
22:04:c2:ae:14:ab:31:7a:db:a1:d5:8a:cb:b3:a2:
f4:9d:95:0a:cf:f3:c0:fb:d3:4d:49:80:e1:5d:00:
61:6d:dc:d8:8d:38:1e:cc:99:ea:47:7a:99:e7:18:
28:01:5a:a2:4b:d6:a8:bb:72:03:78:75:de:20:02:
6e:72:0f:88:ad:13:3a:16:9f:2c:6d:f6:5d:9b:24:
39:a6:ae:94:6e:7c:c9:25:96:44:56:f6:04:ee:a5:
ed:23:b5:fc:f0:34:15:bf:81:d1:bb:a7:07:37:74:
cb:dc:83:59:fa:48:dd:02:cc:dc:0a:4d:c8:2a:2c:
12:0f:07:8c:f2:0c:2d:9a:ee:b3:07:58:4f:67:69:
4b:87:81:3c:98:43:1e:09:b9:c7:cf:c8:3f:56:8f:
58:e1:6b:c5:2a:d5:a6:3b:da:c3:8d:4f:35:48:47:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:73:C2:57:7E:FC:4A:48:2D:8B:8A:78:7A:B8:36:A3:C3:7F:14:14
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nHPCV378Skgti4p4erg2o8N_FBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:fb:60:6a:11:4c:9e:6c:1d:4e:2e:2b:95:78:11:c0:2a:04:
8d:01:74:3a:77:1d:d3:52:5f:ec:36:7a:0f:63:60:61:79:34:
a0:fb:2c:d5:f9:e8:88:86:5b:2c:13:3d:21:3a:39:21:cd:61:
b0:f9:52:b5:d1:83:c3:34:e2:76:06:0c:98:b7:64:3a:bf:bc:
b4:1a:1c:42:d6:ca:bd:3d:3b:14:ae:4f:d3:1d:96:c5:d6:28:
88:a8:d2:32:23:14:47:b0:a7:01:76:6e:83:93:af:e4:e0:e4:
b0:f7:c5:f5:8e:3e:e1:86:65:12:b1:c6:63:df:17:27:8b:f6:
a5:ba:83:cf:42:f7:29:db:c2:86:1f:4d:e7:c2:c0:07:52:73:
92:83:e6:03:27:51:bd:96:3c:08:5f:ed:c0:e2:1b:73:34:28:
a5:e9:fd:d3:be:c5:2f:7e:5c:62:47:b5:86:d6:10:1a:b0:26:
9f:14:44:f5:74:81:f3:79:b1:57:30:45:55:0d:bf:24:0b:68:
0e:3f:80:ff:dc:97:ef:03:80:5d:ff:6e:f1:09:34:ce:62:0a:
b0:94:d9:fd:73:58:a1:72:1d:e0:7a:6e:b5:e3:78:32:1a:03:
ca:bf:1c:9a:d2:76:51:9d:28:0f:62:e5:5d:88:a4:df:16:57:
02:c1:dd:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzzSCV4JIQ5i5BnuTbZLgQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTEwMTIxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzczYzI1NzdlZmM0YTQ4MmQ4YjhhNzg3YWI4MzZhM2MzN2YxNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o0WqU2vc1JAwYBmTwaZ87TqsBFz
SkzQcoqiK0PnLaCKluZukKjkMNB/azRhFsPYNSFdrqowGCFrSuvItdKGuJJWiy3S
tzl6EBKV6p1lj7vFubvlIp9/zeAiBMKuFKsxetuh1YrLs6L0nZUKz/PA+9NNSYDh
XQBhbdzYjTgezJnqR3qZ5xgoAVqiS9aou3IDeHXeIAJucg+IrRM6Fp8sbfZdmyQ5
pq6UbnzJJZZEVvYE7qXtI7X88DQVv4HRu6cHN3TL3INZ+kjdAszcCk3IKiwSDweM
8gwtmu6zB1hPZ2lLh4E8mEMeCbnHz8g/Vo9Y4WvFKtWmO9rDjU81SEcyuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxzwld+/EpILYuKeHq4NqPDfxQUMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvbkhQQ1YzNzhTa2d0aTRwNGVyZzJvOE5fRkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNRgMA0G
CSqGSIb3DQEBCwUAA4IBAQCu+2BqEUyebB1OLiuVeBHAKgSNAXQ6dx3TUl/sNnoP
Y2BheTSg+yzV+eiIhlssEz0hOjkhzWGw+VK10YPDNOJ2BgyYt2Q6v7y0GhxC1sq9
PTsUrk/THZbF1iiIqNIyIxRHsKcBdm6Dk6/k4OSw98X1jj7hhmUSscZj3xcni/al
uoPPQvcp28KGH03nwsAHUnOSg+YDJ1G9ljwIX+3A4htzNCil6f3TvsUvflxiR7WG
1hAasCafFET1dIHzebFXMEVVDb8kC2gOP4D/3JfvA4Bd/27xCTTOYgqwlNn9c1ih
ch3gem6143gyGgPKvxya0nZRnSgPYuVdiKTfFlcCwd2g
-----END CERTIFICATE-----
Generated at Thu Jan 11 12:13:19 2024 by rpki-client on console-fra.rpki-client.org