Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/N-QkmTDaU80VleSeNbTlLaysEEE.roa
File: N-QkmTDaU80VleSeNbTlLaysEEE.roa (raw, json)
Hash identifier: t0CEk4wK9UqwvfRiwi5d2gUaeG0foeN9YKR7UEbr/lE=
Subject key identifier: 37:E4:24:99:30:DA:53:CD:15:95:E4:9E:35:B4:E5:2D:AC:AC:10:41
Certificate issuer: /CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Certificate serial: 01907831F598B25C1BCAE66C8F1B582954E9
Authority key identifier: A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/N-QkmTDaU80VleSeNbTlLaysEEE.roa
Signing time: Wed 03 Jul 2024 10:44:18 +0000
ROA not before: Wed 03 Jul 2024 10:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.28.100.0/22 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
2001:15e8::/32 maxlen: 127
Validation: Failed, certificate revoked on Wed 03 Jul 2024 11:41:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:31:f5:98:b2:5c:1b:ca:e6:6c:8f:1b:58:29:54:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Validity
Not Before: Jul 3 10:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37e4249930da53cd1595e49e35b4e52dacac1041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d0:be:48:e8:3a:59:b1:38:17:bd:bb:37:da:
a7:97:ab:77:94:f4:0b:ba:fd:ec:60:b1:1e:1f:2b:
34:a0:d7:d2:63:80:42:7a:0c:a8:20:42:e8:75:a7:
16:eb:c1:97:df:9f:76:51:e6:eb:df:b7:3e:b0:78:
1f:b2:f9:e3:da:6b:21:93:ef:95:2a:00:90:51:9f:
38:cc:6e:4e:ca:f4:2c:87:fc:56:c4:70:65:3e:0d:
28:8d:59:e0:ec:ff:cb:29:30:e4:2b:ac:c6:ac:ef:
32:1e:cf:52:8e:63:05:70:dc:81:4f:12:53:88:b6:
fd:be:12:f0:17:f5:d2:16:a9:04:e8:f9:c0:aa:3b:
ba:da:72:c6:cb:a0:e3:24:87:91:4c:9e:3d:64:eb:
a1:ce:3b:7b:1c:fd:03:5f:25:72:1d:81:3c:da:21:
cc:f4:07:c4:3e:be:ed:d2:21:5c:36:1c:20:e9:31:
6b:67:69:99:bd:c0:d4:54:99:4d:28:81:19:2b:48:
f0:ed:42:fa:e2:3d:5d:ce:bb:90:09:2e:da:3d:61:
3f:29:59:1c:c5:68:30:9b:7c:79:e1:a2:06:43:b3:
c3:28:90:18:f2:79:5b:e0:6b:43:23:1e:49:6d:75:
e7:c8:50:16:5b:a6:32:8d:a6:c9:46:6e:ca:88:a1:
3a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E4:24:99:30:DA:53:CD:15:95:E4:9E:35:B4:E5:2D:AC:AC:10:41
X509v3 Authority Key Identifier:
keyid:A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/N-QkmTDaU80VleSeNbTlLaysEEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/p1f4f4bpOyXvTAQzZku-ctqY-_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/32
Signature Algorithm: sha256WithRSAEncryption
54:39:c9:aa:92:e3:e7:a4:4c:42:cf:c7:3d:af:a2:8e:d3:f9:
64:6e:17:9d:9c:e5:73:d8:23:07:37:82:31:ff:b1:43:99:7c:
1d:ff:31:ef:ff:92:e1:76:ed:b8:f9:a8:3c:68:31:2b:b1:7b:
59:25:b1:1b:86:cc:e3:ab:8c:17:53:01:bf:1b:1d:d3:df:e4:
42:93:bf:06:dc:6a:52:88:9f:16:4d:9a:e5:30:fb:1b:42:81:
48:88:14:9e:4b:a0:ed:6e:dd:3d:3a:17:7e:55:5e:d7:a5:21:
b2:33:0b:92:b5:74:61:53:a0:02:57:52:c8:e1:f2:ca:ea:93:
09:24:be:cd:73:ca:17:26:1c:38:a5:21:cb:99:b6:35:48:a1:
c3:10:64:80:a6:fb:6e:94:8e:4c:85:5c:96:69:5d:d3:41:46:
31:d1:5b:e5:bf:4e:05:18:96:db:c5:c0:be:ec:f2:a2:65:6d:
f5:90:cc:84:3a:03:5c:66:c2:04:bf:12:b4:b2:73:58:b2:73:
41:f9:68:10:53:ab:c9:d2:c7:ab:2f:1d:4b:d8:2c:21:6b:57:
3a:89:5e:64:85:80:4d:5b:42:5b:64:17:49:67:47:1d:0a:31:
a6:f6:ed:3d:b2:ce:e7:40:92:a3:c7:27:36:d6:37:96:af:ad:
e1:75:3c:47
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZB4MfWYslwbyuZsjxtYKVTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NTdmODdmODZlOTNiMjVlZjRjMDQzMzY2NGJiZTcyZGE5
OGZiZmUwHhcNMjQwNzAzMTA0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2U0MjQ5OTMwZGE1M2NkMTU5NWU0OWUzNWI0ZTUyZGFjYWMxMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNC+SOg6WbE4F727N9qnl6t3lPQL
uv3sYLEeHys0oNfSY4BCegyoIELodacW68GX3592Uebr37c+sHgfsvnj2mshk++V
KgCQUZ84zG5OyvQsh/xWxHBlPg0ojVng7P/LKTDkK6zGrO8yHs9SjmMFcNyBTxJT
iLb9vhLwF/XSFqkE6PnAqju62nLGy6DjJIeRTJ49ZOuhzjt7HP0DXyVyHYE82iHM
9AfEPr7t0iFcNhwg6TFrZ2mZvcDUVJlNKIEZK0jw7UL64j1dzruQCS7aPWE/KVkc
xWgwm3x54aIGQ7PDKJAY8nlb4GtDIx5JbXXnyFAWW6YyjabJRm7KiKE68wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDfkJJkw2lPNFZXknjW05S2srBBBMB8GA1UdIwQY
MBaAFKdX+H+G6Tsl70wEM2ZLvnLamPv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUt
YTE3ODMzMjUzM2UwLzEvTi1Ra21URGFVODBWbGVTZU5iVGxMYXlzRUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUtYTE3ODMzMjUzM2Uw
LzEvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUQLAAwQC
uRxkAwQCuYGIAwQEw7XQMA0EAgACMAcDBQAgARXoMA0GCSqGSIb3DQEBCwUAA4IB
AQBUOcmqkuPnpExCz8c9r6KO0/lkbhednOVz2CMHN4Ix/7FDmXwd/zHv/5Lhdu24
+ag8aDErsXtZJbEbhszjq4wXUwG/Gx3T3+RCk78G3GpSiJ8WTZrlMPsbQoFIiBSe
S6Dtbt09Ohd+VV7XpSGyMwuStXRhU6ACV1LI4fLK6pMJJL7Nc8oXJhw4pSHLmbY1
SKHDEGSApvtulI5MhVyWaV3TQUYx0Vvlv04FGJbbxcC+7PKiZW31kMyEOgNcZsIE
vxK0snNYsnNB+WgQU6vJ0serLx1L2Cwha1c6iV5khYBNW0JbZBdJZ0cdCjGm9u09
ss7nQJKjxyc21jeWr63hdTxH
-----END CERTIFICATE-----
Generated at Wed Jul 3 13:36:47 2024 by rpki-client on console-fra.rpki-client.org