Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/nQpP7Ciof-y9YfzBLq7nA-ptDJY.roa
File: nQpP7Ciof-y9YfzBLq7nA-ptDJY.roa (raw, json)
Hash identifier: Fbktqyk10OtPkab5pHeSgNqnWHqxDgryerpZvuX7H9A=
Subject key identifier: 9D:0A:4F:EC:28:A8:7F:EC:BD:61:FC:C1:2E:AE:E7:03:EA:6D:0C:96
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 018697462F6236F241F5E082D88F874364D2
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/nQpP7Ciof-y9YfzBLq7nA-ptDJY.roa
Signing time: Tue 28 Feb 2023 09:06:44 +0000
ROA not before: Tue 28 Feb 2023 09:06:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 141.93.16.0/24 maxlen: 24
141.93.16.0/22 maxlen: 24
141.93.17.0/24 maxlen: 24
141.93.12.0/24 maxlen: 24
141.93.18.0/24 maxlen: 24
141.93.19.0/24 maxlen: 24
141.93.32.0/24 maxlen: 24
141.93.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 08:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:46:2f:62:36:f2:41:f5:e0:82:d8:8f:87:43:64:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Feb 28 09:06:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d0a4fec28a87fecbd61fcc12eaee703ea6d0c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:35:09:8e:0f:64:49:07:76:e1:5a:f1:fc:f2:
e4:9c:94:d7:d1:f8:d8:49:96:f4:f7:4c:bb:21:5d:
74:61:78:81:95:da:70:db:e0:28:f3:36:92:23:ee:
09:f5:8a:b3:8f:d6:9f:22:dc:ee:e3:6a:62:2e:d2:
aa:f6:33:69:01:d5:ca:8b:e9:1a:a2:dd:29:9b:db:
15:0f:5b:3b:39:41:53:4e:cf:ed:89:87:e8:e7:ac:
18:1a:46:57:6f:90:16:12:bf:5d:ec:d0:a1:4e:67:
67:b9:fc:47:33:13:38:14:a7:a1:bb:6e:17:27:d7:
58:82:f1:76:d4:ce:ac:85:2c:96:dd:88:30:5c:0f:
a7:93:b1:c6:87:c5:22:f4:d2:55:4d:f6:23:d9:cc:
5e:98:fc:e3:19:63:fa:5e:b5:8e:42:6e:52:d0:00:
d0:38:42:04:aa:ba:4b:ba:f3:a9:0d:bb:50:5c:48:
b0:81:07:74:c3:25:9c:7c:8f:89:5b:51:32:59:48:
89:45:a8:f6:61:c7:1e:44:73:30:42:0b:93:47:a4:
bb:69:68:60:f4:3a:99:bb:8b:db:e7:10:3a:e8:22:
4d:9f:e8:90:cc:45:87:2f:44:9c:a1:ab:0c:3e:09:
c7:c8:d9:7b:37:6d:f2:75:46:11:94:c2:ce:bb:e0:
cf:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:0A:4F:EC:28:A8:7F:EC:BD:61:FC:C1:2E:AE:E7:03:EA:6D:0C:96
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/nQpP7Ciof-y9YfzBLq7nA-ptDJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.12.0/24
141.93.16.0/22
141.93.32.0/24
141.93.35.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:a1:32:be:d2:78:de:bc:49:de:6f:b2:8f:98:72:09:9e:41:
dd:7c:a0:30:66:e4:04:92:07:73:35:9c:a5:73:ce:31:52:e8:
93:48:5d:41:d6:0c:95:5e:fb:a5:d4:99:eb:39:46:a0:c2:1f:
65:f0:7f:8e:b2:68:2b:3d:4e:41:32:fc:9a:7f:28:26:82:f2:
18:82:9f:54:8d:b9:1b:4e:0f:be:90:09:51:03:ec:5f:3c:6d:
ce:84:31:e2:d6:55:0a:08:37:dc:fc:de:bd:f9:a8:95:12:08:
1a:f6:77:a7:23:f5:73:a2:dc:2c:a5:ce:1b:ee:ae:ca:2b:6d:
29:0d:8c:21:25:9e:68:8d:56:d6:12:5c:7d:62:67:dd:d6:ab:
4d:91:f9:f6:a1:96:1b:36:0d:7d:0d:5f:0a:7e:9b:a8:05:ba:
59:63:d5:64:10:64:3a:53:b4:fc:db:fd:85:4b:df:44:e0:b2:
40:1e:22:56:f1:69:60:18:16:7c:f8:58:7e:d7:ca:5b:8e:48:
ec:66:d1:4d:2a:44:83:e3:0c:f5:4d:f9:e2:c9:bb:33:14:8b:
72:63:fd:83:68:f3:22:89:d8:49:05:a1:b6:ab:02:a3:fc:93:
04:58:97:9a:74:10:7a:f1:43:be:e8:3f:6a:b2:dc:b5:1f:7b:
73:8e:ca:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaXRi9iNvJB9eCC2I+HQ2TSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjMwMjI4MDkwNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDBhNGZlYzI4YTg3ZmVjYmQ2MWZjYzEyZWFlZTcwM2VhNmQwYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zUJjg9kSQd24Vrx/PLknJTX0fjY
SZb090y7IV10YXiBldpw2+Ao8zaSI+4J9Yqzj9afItzu42piLtKq9jNpAdXKi+ka
ot0pm9sVD1s7OUFTTs/tiYfo56wYGkZXb5AWEr9d7NChTmdnufxHMxM4FKehu24X
J9dYgvF21M6shSyW3YgwXA+nk7HGh8Ui9NJVTfYj2cxemPzjGWP6XrWOQm5S0ADQ
OEIEqrpLuvOpDbtQXEiwgQd0wyWcfI+JW1EyWUiJRaj2YcceRHMwQguTR6S7aWhg
9DqZu4vb5xA66CJNn+iQzEWHL0ScoasMPgnHyNl7N23ydUYRlMLOu+DPOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ0KT+woqH/svWH8wS6u5wPqbQyWMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEvblFwUDdDaW9mLXk5WWZ6QkxxN25BLXB0REpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjV0MAwQC
jV0QAwQAjV0gAwQAjV0jMA0GCSqGSIb3DQEBCwUAA4IBAQAcoTK+0njevEneb7KP
mHIJnkHdfKAwZuQEkgdzNZylc84xUuiTSF1B1gyVXvul1JnrOUagwh9l8H+Osmgr
PU5BMvyafygmgvIYgp9UjbkbTg++kAlRA+xfPG3OhDHi1lUKCDfc/N69+aiVEgga
9nenI/Vzotwspc4b7q7KK20pDYwhJZ5ojVbWElx9Ymfd1qtNkfn2oZYbNg19DV8K
fpuoBbpZY9VkEGQ6U7T82/2FS99E4LJAHiJW8WlgGBZ8+Fh+18pbjkjsZtFNKkSD
4wz1TfniybszFItyY/2DaPMiidhJBaG2qwKj/JMEWJeadBB68UO+6D9qsty1H3tz
jsp1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-fra.rpki-client.org