Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/nIbMwEmdKCqLIAEqzIlHxBQgeNo.roa
File: nIbMwEmdKCqLIAEqzIlHxBQgeNo.roa (raw, json)
Hash identifier: zOZYTuyYPSoAC79m/cJzePdiQg69d8M5ml77GPXAtIg=
Subject key identifier: 9C:86:CC:C0:49:9D:28:2A:8B:20:01:2A:CC:89:47:C4:14:20:78:DA
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018DA75FFBECBB7DCB5A090FDD501B4EDF73
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/nIbMwEmdKCqLIAEqzIlHxBQgeNo.roa
Signing time: Wed 14 Feb 2024 11:28:21 +0000
ROA not before: Wed 14 Feb 2024 11:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 14 Feb 2024 13:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:5f:fb:ec:bb:7d:cb:5a:09:0f:dd:50:1b:4e:df:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 14 11:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c86ccc0499d282a8b20012acc8947c4142078da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4f:e0:d3:d5:87:13:60:db:05:99:f3:13:fd:
52:3f:0f:c7:fd:70:1e:c1:46:64:71:71:23:c5:2c:
36:94:6b:0a:f0:4f:1c:88:6f:85:61:93:ac:23:10:
32:8c:70:d7:c4:38:97:cb:dd:71:c9:7e:19:df:bf:
c1:ff:7c:9b:ae:1e:db:0a:db:1a:2d:2c:37:05:8f:
2d:da:4c:ef:f7:ef:4a:bb:1e:05:ac:9c:07:b4:dc:
d1:b6:54:93:be:69:e6:68:cf:68:0c:c8:49:88:4e:
bb:ad:7c:d3:dd:01:77:5f:e7:1d:0e:56:d2:5b:f4:
d8:04:c8:40:31:c5:69:2c:60:fe:02:7c:c4:c6:7f:
6d:44:0e:61:7f:1d:c4:3b:c2:e0:0f:71:87:b3:99:
4d:58:01:88:c5:db:ff:0f:1f:6e:28:a5:5e:ea:a7:
5f:3f:5e:86:69:83:1e:86:74:6e:40:ca:5b:ad:64:
98:7c:f7:f6:fc:97:57:e5:10:ca:b0:05:04:b4:a6:
37:63:48:ca:05:b4:49:f2:bc:cb:a7:5f:89:fe:f7:
a6:52:ab:0f:8d:df:68:d3:e8:b0:64:e4:a3:0f:fe:
0f:75:b3:c2:72:e2:f8:14:5f:66:79:7d:32:bf:2d:
a2:5a:32:e8:6c:71:63:9d:b7:08:30:aa:a8:d5:a6:
9c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:86:CC:C0:49:9D:28:2A:8B:20:01:2A:CC:89:47:C4:14:20:78:DA
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/nIbMwEmdKCqLIAEqzIlHxBQgeNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
Signature Algorithm: sha256WithRSAEncryption
4a:8c:88:ca:b6:a4:51:1c:7a:5e:3f:a9:34:4f:6e:3d:bf:c4:
f6:08:b0:32:8b:fd:e4:33:39:35:ae:9f:c8:e6:8c:88:57:1b:
11:2d:57:9f:78:b6:e1:5e:9d:d7:e4:d5:b7:ef:a6:e9:dc:6a:
73:f9:8e:0b:b6:ad:b0:11:e4:9d:13:52:6e:4d:43:29:8a:3e:
61:17:e2:ea:fa:48:90:ab:18:70:3b:2d:67:fb:64:a2:28:e1:
96:1a:0e:ce:24:75:04:dd:89:0d:2b:bd:f8:f3:25:53:eb:85:
71:30:b9:a7:a1:6c:0a:9a:50:ca:29:ee:32:69:b2:13:ac:3a:
5b:ef:6e:7d:93:59:8b:b5:bf:94:21:8b:aa:78:ec:99:85:aa:
e1:0f:83:1c:46:25:cb:a8:7d:81:95:c0:b7:48:9c:bd:c7:5b:
f0:11:4c:81:8d:b6:4a:1d:fc:70:be:b9:24:39:fb:ea:51:0a:
b4:ce:dd:e9:61:97:ac:5b:d9:5c:8a:fa:b4:41:06:49:c0:19:
a8:6f:4e:93:d8:45:bf:f5:68:8f:16:1d:35:f4:d6:73:39:8f:
c8:02:63:32:af:8f:2b:ac:40:6d:64:0c:05:c7:f9:79:fc:89:
87:e0:f1:de:bd:38:cd:78:6e:09:00:68:f9:9a:52:b8:68:c4:
9d:53:09:1e
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAY2nX/vsu33LWgkP3VAbTt9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjE0MTEyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg2Y2NjMDQ5OWQyODJhOGIyMDAxMmFjYzg5NDdjNDE0MjA3OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0/g09WHE2DbBZnzE/1SPw/H/XAe
wUZkcXEjxSw2lGsK8E8ciG+FYZOsIxAyjHDXxDiXy91xyX4Z37/B/3ybrh7bCtsa
LSw3BY8t2kzv9+9Kux4FrJwHtNzRtlSTvmnmaM9oDMhJiE67rXzT3QF3X+cdDlbS
W/TYBMhAMcVpLGD+AnzExn9tRA5hfx3EO8LgD3GHs5lNWAGIxdv/Dx9uKKVe6qdf
P16GaYMehnRuQMpbrWSYfPf2/JdX5RDKsAUEtKY3Y0jKBbRJ8rzLp1+J/vemUqsP
jd9o0+iwZOSjD/4PdbPCcuL4FF9meX0yvy2iWjLobHFjnbcIMKqo1aacCQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFJyGzMBJnSgqiyABKsyJR8QUIHjaMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvbkliTXdFbWRLQ3FMSUFFcXpJbEh4QlFnZU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBkwQCAAEwgYwDBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAF68iAMEAF68igME
AF68jDAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABevKkDBABevK8DBAFe
vLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAMEAF68yAMEAV688jAaBAIAAjAU
AwgEKgIjuAACAAMIACoCI7gaAAAwDQYJKoZIhvcNAQELBQADggEBAEqMiMq2pFEc
el4/qTRPbj2/xPYIsDKL/eQzOTWun8jmjIhXGxEtV594tuFendfk1bfvpuncanP5
jgu2rbAR5J0TUm5NQymKPmEX4ur6SJCrGHA7LWf7ZKIo4ZYaDs4kdQTdiQ0rvfjz
JVPrhXEwuaehbAqaUMop7jJpshOsOlvvbn2TWYu1v5Qhi6p47JmFquEPgxxGJcuo
fYGVwLdInL3HW/ARTIGNtkod/HC+uSQ5++pRCrTO3elhl6xb2VyK+rRBBknAGahv
TpPYRb/1aI8WHTX01nM5j8gCYzKvjyusQG1kDAXH+Xn8iYfg8d69OM14bgkAaPma
UrhoxJ1TCR4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:51 2025 by rpki-client