Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NqLeqLADqaqIs8jlGJ6e8HNnKsQ.roa
File: NqLeqLADqaqIs8jlGJ6e8HNnKsQ.roa (raw, json)
Hash identifier: OfPMQypUMtVkdflk9W5o3N2q+w5JSeFO39N29ziL9jI=
Subject key identifier: 36:A2:DE:A8:B0:03:A9:AA:88:B3:C8:E5:18:9E:9E:F0:73:67:2A:C4
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193F32A226D57280A4BE914BA6C80CDCD8B
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NqLeqLADqaqIs8jlGJ6e8HNnKsQ.roa
Signing time: Mon 23 Dec 2024 10:57:25 +0000
ROA not before: Mon 23 Dec 2024 10:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 213.18.244.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
217.180.17.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 11:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:2a:22:6d:57:28:0a:4b:e9:14:ba:6c:80:cd:cd:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 23 10:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36a2dea8b003a9aa88b3c8e5189e9ef073672ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4b:c3:1e:8a:cc:74:f2:c2:5d:0b:7e:06:c8:
21:7a:f4:a8:29:d3:f6:a4:32:22:23:32:2b:41:dc:
7c:5a:74:59:c5:95:74:6a:d7:8b:49:78:98:83:49:
5f:6c:14:0e:90:3a:51:6c:f7:b7:a9:bd:37:37:7f:
21:71:aa:c1:10:0b:6d:91:a5:c1:99:0b:08:c5:d5:
3b:0e:c2:63:e2:6f:fc:be:44:5c:22:bd:9d:5b:b0:
c4:c4:06:7f:63:1e:d2:d1:4b:62:55:86:c4:11:db:
d9:e7:df:e7:92:db:07:14:57:70:92:7e:87:75:27:
37:e3:1b:73:90:9a:33:96:10:47:45:13:35:68:99:
9a:eb:95:50:2e:f3:8d:2d:29:07:8f:77:00:96:30:
bf:68:8a:8f:29:9a:2c:cf:2e:df:59:e9:3b:f5:1a:
a8:d0:03:00:3e:10:3c:2e:50:c2:91:e7:e3:8d:67:
bc:70:2a:ce:b4:36:d9:80:9c:c5:fb:60:3d:bf:0e:
ce:cc:35:ff:5d:55:15:a1:c9:ef:7b:6d:40:d9:14:
0e:39:85:d5:c2:0a:41:c0:bc:41:76:6e:3c:7f:1a:
f7:f3:7a:d6:f3:56:d9:c9:9a:0e:b9:db:dd:be:53:
d2:3c:91:02:27:35:f6:45:a2:a4:85:28:ba:d9:97:
c7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A2:DE:A8:B0:03:A9:AA:88:B3:C8:E5:18:9E:9E:F0:73:67:2A:C4
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NqLeqLADqaqIs8jlGJ6e8HNnKsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.244.0/24
217.177.74.0/24
217.180.17.0/24
217.180.46.0/24
Signature Algorithm: sha256WithRSAEncryption
90:03:c1:62:8a:a1:36:db:10:f4:17:db:9c:33:fb:cd:0e:34:
f6:2d:df:6b:ff:fe:6d:63:b4:90:9d:98:5f:a8:08:7b:4c:ee:
36:35:83:27:71:29:e8:e1:e5:75:5b:a3:6f:e7:f4:bb:0d:46:
c1:0e:b0:d0:73:7b:17:52:e8:b6:2f:b2:49:48:41:6c:cb:a7:
38:ca:a2:80:31:b8:7b:59:9a:fd:9f:d9:fd:55:98:ac:a6:44:
46:76:3a:aa:f7:fe:86:fa:f1:0a:da:f1:ff:1a:73:9f:02:61:
6f:1d:c1:8a:cd:22:20:73:9f:c4:53:08:98:03:cd:28:09:94:
9f:72:d9:ab:6a:27:3e:08:54:7a:1d:bf:0d:2a:67:22:8f:48:
1a:bf:94:b7:5a:67:c7:6a:c0:06:d7:1a:a0:79:4b:06:04:ef:
4d:0c:4b:af:2b:d0:a4:2b:99:0c:02:67:76:7d:0a:fc:89:a6:
b7:80:6f:3c:dd:4f:74:64:9c:71:1f:4a:f4:da:57:24:f5:ee:
85:ca:b3:0e:2f:9c:c3:8c:6f:e5:30:83:49:8c:4a:94:61:99:
2e:b4:e8:c2:d5:dc:4e:1c:6b:9b:99:6c:4c:16:a5:3a:75:e0:
00:b4:90:1b:eb:a4:97:b4:10:62:c6:fb:af:bd:e1:ef:59:cb:
6f:3b:42:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZPzKiJtVygKS+kUumyAzc2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjIzMTA1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEyZGVhOGIwMDNhOWFhODhiM2M4ZTUxODllOWVmMDczNjcyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0vDHorMdPLCXQt+BsghevSoKdP2
pDIiIzIrQdx8WnRZxZV0ateLSXiYg0lfbBQOkDpRbPe3qb03N38hcarBEAttkaXB
mQsIxdU7DsJj4m/8vkRcIr2dW7DExAZ/Yx7S0UtiVYbEEdvZ59/nktsHFFdwkn6H
dSc34xtzkJozlhBHRRM1aJma65VQLvONLSkHj3cAljC/aIqPKZoszy7fWek79Rqo
0AMAPhA8LlDCkefjjWe8cCrOtDbZgJzF+2A9vw7OzDX/XVUVocnve21A2RQOOYXV
wgpBwLxBdm48fxr383rW81bZyZoOudvdvlPSPJECJzX2RaKkhSi62ZfHxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDai3qiwA6mqiLPI5RienvBzZyrEMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTnFMZXFMQURxYXFJczhqbEdKNmU4SE5uS3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1RL0AwQA
2bFKAwQA2bQRAwQA2bQuMA0GCSqGSIb3DQEBCwUAA4IBAQCQA8FiiqE22xD0F9uc
M/vNDjT2Ld9r//5tY7SQnZhfqAh7TO42NYMncSno4eV1W6Nv5/S7DUbBDrDQc3sX
Uui2L7JJSEFsy6c4yqKAMbh7WZr9n9n9VZispkRGdjqq9/6G+vEK2vH/GnOfAmFv
HcGKzSIgc5/EUwiYA80oCZSfctmraic+CFR6Hb8NKmcij0gav5S3WmfHasAG1xqg
eUsGBO9NDEuvK9CkK5kMAmd2fQr8iaa3gG883U90ZJxxH0r02lck9e6FyrMOL5zD
jG/lMINJjEqUYZkutOjC1dxOHGubmWxMFqU6deAAtJAb66SXtBBixvuvveHvWctv
O0Lp
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:09:21 2025 by rpki-client