Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nGjQFafnDlrD1PpLcq-pxQyQiAI.roa
File: nGjQFafnDlrD1PpLcq-pxQyQiAI.roa (raw, json)
Hash identifier: /sTnHD/FFezgTcV81Yyw1HGXeP5h+SeVb5Xj5gpgKEA=
Subject key identifier: 9C:68:D0:15:A7:E7:0E:5A:C3:D4:FA:4B:72:AF:A9:C5:0C:90:88:02
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0194410806E6E4926E6C3AE212EB855149C3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nGjQFafnDlrD1PpLcq-pxQyQiAI.roa
Signing time: Tue 07 Jan 2025 13:50:32 +0000
ROA not before: Tue 07 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49304
IP address blocks: 178.173.233.0/24 maxlen: 24
178.173.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 23:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:08:06:e6:e4:92:6e:6c:3a:e2:12:eb:85:51:49:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 7 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c68d015a7e70e5ac3d4fa4b72afa9c50c908802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:84:19:db:99:b2:76:ce:ea:e2:5c:96:46:
2a:9a:fc:eb:50:50:74:d3:df:46:c1:72:26:9e:01:
be:41:1b:53:0a:e4:0b:5d:8e:9d:35:4d:b8:48:f5:
b7:f3:1f:5a:e4:ec:35:db:be:38:24:cc:34:fe:6f:
85:71:09:07:87:ba:17:23:37:a6:d3:1d:d5:61:09:
1c:cf:cd:74:5b:a6:f5:bb:af:15:da:15:f6:fc:4b:
04:6f:49:d8:1e:31:6e:42:e1:da:c0:3e:ba:79:77:
10:ae:74:00:ee:fa:3f:28:be:28:b4:dd:f9:f5:00:
7d:c6:55:90:6e:9d:4a:ae:b8:41:de:b9:ea:96:e8:
41:40:fd:55:36:5c:26:41:4b:e7:ff:1c:82:0f:ac:
a6:d7:ba:8b:13:7f:39:c4:07:77:a1:8d:c6:97:de:
e0:f8:a9:32:30:53:f6:b0:5a:96:07:1e:2c:41:6f:
56:af:f2:25:7d:da:e2:75:69:89:71:d1:01:db:b8:
79:1d:ff:9c:3c:e9:19:e0:94:56:1f:28:e1:ac:34:
2d:99:33:90:da:1a:b7:76:e1:f2:27:e1:7a:bf:06:
69:a8:ae:30:62:26:c8:33:2b:0e:75:05:bc:aa:8a:
4e:79:4a:94:d7:60:05:3b:ad:7d:39:80:70:aa:9e:
2f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:68:D0:15:A7:E7:0E:5A:C3:D4:FA:4B:72:AF:A9:C5:0C:90:88:02
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nGjQFafnDlrD1PpLcq-pxQyQiAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.233.0/24
178.173.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ee:43:2f:ef:0a:b6:46:9e:03:ae:17:8e:be:e7:41:87:8a:
24:08:73:99:4a:61:ba:41:4e:4d:23:fa:45:cd:c6:23:7d:c0:
2f:e0:c4:5d:02:4d:fa:db:7c:d4:cd:27:52:72:af:0a:0b:3e:
15:59:69:0c:bb:f4:54:ec:13:d9:57:18:96:72:01:ac:24:48:
e9:4e:e2:a2:a9:d6:56:f3:3d:40:7e:ee:37:af:93:e8:0d:43:
e8:52:27:08:0a:67:60:b7:f1:6b:d2:21:80:51:67:5c:b2:fc:
3a:74:2c:73:9b:bf:39:bd:c2:1e:b1:ea:83:e5:fc:2b:86:30:
e5:2b:dc:f9:54:a2:e4:37:b2:61:07:8f:15:db:01:67:9f:d8:
22:fe:b1:1d:f0:ad:82:a8:94:1c:56:25:1f:08:25:dd:12:be:
c9:8d:b7:ad:95:b8:1b:17:92:e6:98:dd:3e:8b:64:a5:eb:70:
13:5a:50:45:6b:97:45:32:e6:4c:18:8c:2d:20:ce:66:60:71:
1b:fc:4a:17:0c:af:bc:42:48:83:35:40:a5:91:1a:cf:ea:77:
7a:4e:c8:8d:0a:d2:2b:e9:50:b1:99:01:e8:ed:b1:92:e2:1a:
a8:69:51:72:29:bf:84:f5:10:51:5e:06:2a:8c:a8:d3:b9:00:
a3:e6:db:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRBCAbm5JJubDriEuuFUUnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTA3MTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY4ZDAxNWE3ZTcwZTVhYzNkNGZhNGI3MmFmYTljNTBjOTA4ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8KEGduZsnbO6uJclkYqmvzrUFB0
099GwXImngG+QRtTCuQLXY6dNU24SPW38x9a5Ow12744JMw0/m+FcQkHh7oXIzem
0x3VYQkcz810W6b1u68V2hX2/EsEb0nYHjFuQuHawD66eXcQrnQA7vo/KL4otN35
9QB9xlWQbp1KrrhB3rnqluhBQP1VNlwmQUvn/xyCD6ym17qLE385xAd3oY3Gl97g
+KkyMFP2sFqWBx4sQW9Wr/IlfdridWmJcdEB27h5Hf+cPOkZ4JRWHyjhrDQtmTOQ
2hq3duHyJ+F6vwZpqK4wYibIMysOdQW8qopOeUqU12AFO619OYBwqp4vJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxo0BWn5w5aw9T6S3KvqcUMkIgCMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbkdqUUZhZm5EbHJEMVBwTGNxLXB4UXlRaUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsq3pAwQA
sq3rMA0GCSqGSIb3DQEBCwUAA4IBAQCj7kMv7wq2Rp4DrheOvudBh4okCHOZSmG6
QU5NI/pFzcYjfcAv4MRdAk3623zUzSdScq8KCz4VWWkMu/RU7BPZVxiWcgGsJEjp
TuKiqdZW8z1Afu43r5PoDUPoUicICmdgt/Fr0iGAUWdcsvw6dCxzm785vcIeseqD
5fwrhjDlK9z5VKLkN7JhB48V2wFnn9gi/rEd8K2CqJQcViUfCCXdEr7Jjbetlbgb
F5LmmN0+i2Sl63ATWlBFa5dFMuZMGIwtIM5mYHEb/EoXDK+8QkiDNUClkRrP6nd6
TsiNCtIr6VCxmQHo7bGS4hqoaVFyKb+E9RBRXgYqjKjTuQCj5tsF
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:45:30 2025 by rpki-client