Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NqlIgk0NN6a-16YTAZCDpdH2jlU.roa
File: NqlIgk0NN6a-16YTAZCDpdH2jlU.roa (raw, json)
Hash identifier: n9TFrwEpYfVkO/WKr3dmgH7u4x2pb6DVPH48INFs+gQ=
Subject key identifier: 36:A9:48:82:4D:0D:37:A6:BE:D7:A6:13:01:90:83:A5:D1:F6:8E:55
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 018CC348918599A452986ABCE23E7B203A35
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NqlIgk0NN6a-16YTAZCDpdH2jlU.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49190
IP address blocks: 87.239.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:91:85:99:a4:52:98:6a:bc:e2:3e:7b:20:3a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36a948824d0d37a6bed7a613019083a5d1f68e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:58:26:77:f4:77:d5:3d:b3:7c:59:0b:81:8f:
3d:9b:46:5d:2f:cf:a3:9f:8e:28:a1:ac:a7:08:ab:
fe:0a:4e:4b:7a:74:44:ca:6c:5d:39:de:a0:56:d6:
7a:d6:30:a1:81:86:11:25:43:8d:63:b8:8f:82:84:
1c:6b:00:5a:4b:2d:8c:1a:6b:82:4f:a8:48:e8:41:
51:4c:70:1d:4a:df:1e:ad:36:38:bf:22:c5:3f:0f:
ed:4c:33:c5:13:24:d8:ec:e6:a7:dd:8d:22:e8:b7:
66:02:fe:29:10:1d:e3:e6:30:54:f2:0d:33:d0:fc:
0d:b8:55:f5:12:ca:29:86:c9:74:3a:fb:4e:a1:e0:
54:ea:5c:8e:08:38:46:f3:0a:07:31:ff:11:f5:bc:
dd:c1:f8:8b:9b:eb:b7:fa:02:21:f5:be:e3:ef:f7:
18:de:a2:aa:19:fe:ff:f9:4e:ba:77:58:7e:14:3d:
0b:ac:f8:f3:77:5d:0d:58:80:e6:e2:16:77:c7:ed:
e5:7c:9e:01:12:c5:f6:11:cf:07:14:07:67:d3:fe:
55:23:2a:21:33:91:80:2a:f7:18:ca:34:31:2a:18:
0b:70:2e:bd:6f:0a:f5:2a:32:c0:35:a0:e4:61:e2:
af:fa:12:45:90:b4:c6:08:f6:19:b6:90:89:7f:47:
f5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A9:48:82:4D:0D:37:A6:BE:D7:A6:13:01:90:83:A5:D1:F6:8E:55
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/NqlIgk0NN6a-16YTAZCDpdH2jlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.199.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f1:36:d4:f8:fc:23:c3:9e:dc:cc:b6:e9:e0:fe:9e:d1:63:
35:bd:f2:96:8a:7b:0d:99:14:8d:e4:59:4d:02:e9:58:17:d7:
f1:f6:ba:0f:84:32:af:1d:88:87:5c:0f:20:60:c1:04:cf:67:
d8:32:e3:94:0b:46:75:62:a2:bd:a9:56:63:f0:4a:a1:83:e5:
86:8e:9f:ac:12:43:67:b5:f3:0b:a8:c8:ff:0c:e6:0d:0a:59:
ae:3a:5a:95:e8:fd:18:96:d0:5b:25:6d:f5:ea:60:af:15:b9:
05:36:b2:bc:50:6e:06:75:05:f0:ac:44:44:96:44:d9:e8:f7:
ca:38:c2:18:70:41:7a:63:b0:eb:c3:89:32:e1:52:45:3d:27:
1a:e9:94:6d:6b:67:02:11:96:39:e8:45:7c:ac:79:a9:e3:03:
fc:32:e6:4b:e3:4b:1c:d2:c1:a7:bd:dc:3e:46:57:01:01:d3:
7b:51:61:63:0b:86:23:52:37:87:3a:1d:57:f1:a0:1c:ed:f4:
3e:23:28:6f:a4:9e:dd:a4:15:9d:c8:a4:80:80:ac:22:be:1c:
c7:ac:34:2c:3f:47:17:95:37:cf:30:92:6d:a0:48:d8:c5:df:
f0:f9:7e:cd:42:d2:e4:c5:7e:c4:ca:94:e6:ca:58:b9:bd:b6:
ea:7c:2e:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJGFmaRSmGq84j57IDo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmE5NDg4MjRkMGQzN2E2YmVkN2E2MTMwMTkwODNhNWQxZjY4ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlgmd/R31T2zfFkLgY89m0ZdL8+j
n44ooaynCKv+Ck5LenREymxdOd6gVtZ61jChgYYRJUONY7iPgoQcawBaSy2MGmuC
T6hI6EFRTHAdSt8erTY4vyLFPw/tTDPFEyTY7Oan3Y0i6LdmAv4pEB3j5jBU8g0z
0PwNuFX1Esophsl0OvtOoeBU6lyOCDhG8woHMf8R9bzdwfiLm+u3+gIh9b7j7/cY
3qKqGf7/+U66d1h+FD0LrPjzd10NWIDm4hZ3x+3lfJ4BEsX2Ec8HFAdn0/5VIyoh
M5GAKvcYyjQxKhgLcC69bwr1KjLANaDkYeKv+hJFkLTGCPYZtpCJf0f1YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDapSIJNDTemvtemEwGQg6XR9o5VMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvTnFsSWdrME5ONmEtMTZZVEFaQ0RwZEgyamxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+/HMA0G
CSqGSIb3DQEBCwUAA4IBAQB28TbU+Pwjw57czLbp4P6e0WM1vfKWinsNmRSN5FlN
AulYF9fx9roPhDKvHYiHXA8gYMEEz2fYMuOUC0Z1YqK9qVZj8Eqhg+WGjp+sEkNn
tfMLqMj/DOYNClmuOlqV6P0YltBbJW316mCvFbkFNrK8UG4GdQXwrERElkTZ6PfK
OMIYcEF6Y7Drw4ky4VJFPSca6ZRta2cCEZY56EV8rHmp4wP8MuZL40sc0sGnvdw+
RlcBAdN7UWFjC4YjUjeHOh1X8aAc7fQ+IyhvpJ7dpBWdyKSAgKwivhzHrDQsP0cX
lTfPMJJtoEjYxd/w+X7NQtLkxX7EypTmyli5vbbqfC5n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:24 2025 by rpki-client