Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/NHXq5M1HD0mGvQ74z5RYgV-uGZ8.roa
File: NHXq5M1HD0mGvQ74z5RYgV-uGZ8.roa (raw, json)
Hash identifier: djP/p2KTl7qbyrNOjUjmjKVL0LEMXPw5amnBSVSTnpI=
Subject key identifier: 34:75:EA:E4:CD:47:0F:49:86:BD:0E:F8:CF:94:58:81:5F:AE:19:9F
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018DA97FCE4410B86C28596B976FFC429B93
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/NHXq5M1HD0mGvQ74z5RYgV-uGZ8.roa
Signing time: Wed 14 Feb 2024 21:22:21 +0000
ROA not before: Wed 14 Feb 2024 21:22:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199159
IP address blocks: 185.2.176.0/24 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a05:8900:36::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 12:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:7f:ce:44:10:b8:6c:28:59:6b:97:6f:fc:42:9b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Feb 14 21:22:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3475eae4cd470f4986bd0ef8cf9458815fae199f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:ae:20:11:d5:bc:5b:47:15:b1:ca:b3:81:
2f:7a:57:24:29:e1:61:ea:8d:6b:a9:b1:13:03:32:
03:fe:55:70:aa:79:56:8b:2a:56:33:76:7a:04:64:
f8:c3:56:17:81:8f:d5:e4:cc:b7:cd:0a:7a:97:f5:
0c:b1:e7:7e:f2:73:17:ab:96:71:9d:ac:2e:3b:99:
1f:78:53:d6:aa:91:4c:8a:06:8b:b2:82:a5:c6:63:
3b:9c:52:46:ef:38:79:e3:ec:f5:86:e1:cb:6b:20:
1a:48:62:12:74:0a:0c:e7:32:31:c5:7e:d0:a5:9f:
af:2f:1d:94:d9:93:34:98:fa:6c:1c:3a:68:30:a1:
3e:b2:4f:d4:40:fd:b3:de:f8:04:e8:cf:cf:a5:4b:
93:26:c9:4c:60:ea:56:5a:bc:3b:3d:17:e0:37:84:
d5:92:f7:f7:7d:12:07:e7:a5:4d:01:e4:22:d2:e7:
b0:39:94:49:ab:1f:30:c7:2e:dd:93:fe:9a:00:0f:
d1:ee:93:f0:e8:fd:75:56:dd:56:c9:59:af:66:78:
29:68:2d:65:6f:f1:c5:86:9c:16:86:99:eb:5f:c6:
61:7f:f0:28:3c:ef:fc:e4:c1:11:4c:2f:d0:af:72:
9d:0f:04:e0:e5:2f:87:ad:85:56:1d:b9:ea:14:7f:
15:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:75:EA:E4:CD:47:0F:49:86:BD:0E:F8:CF:94:58:81:5F:AE:19:9F
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/NHXq5M1HD0mGvQ74z5RYgV-uGZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.176.0/24
217.146.6.0/23
IPv6:
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
cc:95:03:96:41:77:7e:15:80:28:22:45:81:48:a1:6e:3c:20:
c2:25:fb:4b:15:5e:bb:68:ee:42:0b:28:95:bb:2c:65:7b:a8:
17:0a:d1:ba:2c:0e:bc:e5:1e:4e:85:7d:2b:13:2d:ba:e6:57:
03:c2:50:e1:1f:c2:bc:a4:ed:7c:31:95:32:67:8e:54:62:48:
5e:ca:f3:47:20:78:01:d0:76:dd:28:93:95:ab:90:e5:00:0c:
67:51:ee:92:5f:13:c1:6e:3c:18:45:3d:8a:2d:d1:44:95:4a:
cb:80:89:3f:aa:95:92:01:cd:d2:95:d9:f3:f0:12:38:3f:47:
12:2d:3a:b7:a0:6c:9a:4a:27:f8:4b:ee:f1:41:2f:cd:7c:fd:
97:11:31:bf:f9:3a:bf:e9:35:78:a8:4c:7c:d2:7e:52:de:80:
ba:17:3c:ee:95:22:5b:4a:a1:ba:d3:84:c1:8d:5b:83:31:84:
ee:97:8f:e1:90:ab:34:8b:c4:08:67:26:9c:c0:6e:c3:2c:c1:
fd:61:da:25:92:03:29:49:33:fd:6c:b0:a9:36:a3:06:83:53:
a2:e3:a0:ca:07:60:9f:48:a2:51:33:c8:23:5d:6c:9a:e5:eb:
67:44:55:84:cb:dd:79:09:4d:4f:60:b3:7c:0a:80:a3:10:ae:
33:37:82:d5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY2pf85EELhsKFlrl2/8QpuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMjE0MjEyMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDc1ZWFlNGNkNDcwZjQ5ODZiZDBlZjhjZjk0NTg4MTVmYWUxOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut6uIBHVvFtHFbHKs4EvelckKeFh
6o1rqbETAzID/lVwqnlWiypWM3Z6BGT4w1YXgY/V5My3zQp6l/UMsed+8nMXq5Zx
nawuO5kfeFPWqpFMigaLsoKlxmM7nFJG7zh54+z1huHLayAaSGISdAoM5zIxxX7Q
pZ+vLx2U2ZM0mPpsHDpoMKE+sk/UQP2z3vgE6M/PpUuTJslMYOpWWrw7PRfgN4TV
kvf3fRIH56VNAeQi0uewOZRJqx8wxy7dk/6aAA/R7pPw6P11Vt1WyVmvZngpaC1l
b/HFhpwWhpnrX8Zhf/AoPO/85MERTC/Qr3KdDwTg5S+HrYVWHbnqFH8VmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDR16uTNRw9Jhr0O+M+UWIFfrhmfMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvTkhYcTVNMUhEMG1HdlE3NHo1UllnVi11R1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuQKwAwQB
2ZIGMA8EAgACMAkDBwAqBYkAADYwDQYJKoZIhvcNAQELBQADggEBAMyVA5ZBd34V
gCgiRYFIoW48IMIl+0sVXrto7kILKJW7LGV7qBcK0bosDrzlHk6FfSsTLbrmVwPC
UOEfwryk7XwxlTJnjlRiSF7K80cgeAHQdt0ok5WrkOUADGdR7pJfE8FuPBhFPYot
0USVSsuAiT+qlZIBzdKV2fPwEjg/RxItOregbJpKJ/hL7vFBL818/ZcRMb/5Or/p
NXioTHzSflLegLoXPO6VIltKobrThMGNW4MxhO6Xj+GQqzSLxAhnJpzAbsMswf1h
2iWSAylJM/1ssKk2owaDU6LjoMoHYJ9IolEzyCNdbJrl62dEVYTL3XkJTU9gs3wK
gKMQrjM3gtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org