Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/nIVJ0OGN-0OdPCKW3kjOtCvQ3VQ.roa
File: nIVJ0OGN-0OdPCKW3kjOtCvQ3VQ.roa (raw, json)
Hash identifier: 0T2YBWBb5+mCS6xVHckEjXBiM0tHc/Wdf5Bc3SQZwNM=
Subject key identifier: 9C:85:49:D0:E1:8D:FB:43:9D:3C:22:96:DE:48:CE:B4:2B:D0:DD:54
Certificate issuer: /CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Certificate serial: 018CC7267DCB2122B0FA285CF4F1DE5FA4BD
Authority key identifier: BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/nIVJ0OGN-0OdPCKW3kjOtCvQ3VQ.roa
Signing time: Mon 01 Jan 2024 22:30:37 +0000
ROA not before: Mon 01 Jan 2024 22:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6831
IP address blocks: 188.94.190.0/24 maxlen: 24
195.178.28.0/23 maxlen: 24
193.238.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:7d:cb:21:22:b0:fa:28:5c:f4:f1:de:5f:a4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Validity
Not Before: Jan 1 22:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c8549d0e18dfb439d3c2296de48ceb42bd0dd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:b1:4a:a2:9f:b5:38:a0:87:f7:0b:ab:91:
d6:c3:2e:cc:6d:b0:c1:0c:d7:f4:5b:96:63:54:4e:
df:58:48:4f:49:0a:ff:45:c0:41:f6:f2:f2:fa:ff:
eb:28:0d:74:73:7f:ce:09:19:e2:2b:4e:32:33:a3:
da:4f:5b:04:ed:67:f7:87:b5:d4:3c:98:2b:bf:eb:
8b:47:e0:1e:c0:85:75:f6:4e:09:60:7b:94:6b:d4:
41:f8:fe:62:64:ae:a9:a7:95:4b:5b:81:2b:91:ba:
6e:be:0e:2b:87:3f:b0:02:16:98:5f:0c:9c:37:99:
1d:b7:f7:6a:ad:eb:bc:6c:50:bc:d6:34:0d:10:32:
8b:7d:bc:77:e1:ea:c4:32:18:ab:2c:72:24:70:99:
01:17:04:a0:f2:ff:c3:58:6c:86:59:83:b8:d0:35:
1d:14:e4:f6:f3:06:99:75:db:f0:d1:c3:06:03:98:
cf:5e:ee:e6:60:19:4c:5e:42:2c:10:b3:70:a7:e9:
34:e5:27:d3:21:a7:cf:1e:db:7f:3d:f5:e2:a2:e9:
09:97:2a:4f:6e:00:f9:6c:d5:f7:a8:36:c1:b6:57:
88:5e:b4:72:81:20:19:7b:ae:bd:7a:a4:4a:44:28:
bc:bd:04:9b:4d:91:53:09:3f:e4:d5:f0:0f:9d:0e:
c6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:85:49:D0:E1:8D:FB:43:9D:3C:22:96:DE:48:CE:B4:2B:D0:DD:54
X509v3 Authority Key Identifier:
keyid:BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/nIVJ0OGN-0OdPCKW3kjOtCvQ3VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.190.0/24
193.238.100.0/22
195.178.28.0/23
Signature Algorithm: sha256WithRSAEncryption
06:aa:45:ee:81:a9:e5:ab:e9:03:c5:e2:5c:71:87:7a:8a:7f:
77:cf:e1:b0:99:4c:6c:64:cf:e4:43:fb:41:9f:70:35:63:69:
02:18:26:ac:0e:3e:cb:4e:04:a2:61:20:c8:ee:4b:4e:9a:20:
fb:83:ad:9c:ed:65:85:da:0e:58:17:43:44:ef:72:64:f0:a5:
4c:a0:cc:00:b4:b9:d6:b6:50:50:bd:74:f2:f9:89:48:e6:cd:
6f:88:aa:78:48:43:b5:10:49:5a:fc:4c:00:35:13:6b:9f:f1:
88:e9:c6:41:5f:6c:56:08:17:c8:5e:b7:e6:0e:ed:c1:21:38:
d3:2f:8c:2c:8c:95:c0:d1:77:84:90:83:ab:f8:ad:54:d4:ba:
7f:c7:7a:7e:d4:a2:ce:e8:0d:01:19:81:8b:46:06:e0:62:d6:
9f:1a:85:82:ca:5a:e1:af:84:cd:1c:5d:44:b6:67:df:fa:49:
53:54:86:85:c2:eb:40:16:7d:37:1a:b0:c9:f3:d8:26:c6:7a:
b1:5f:98:bc:81:2e:24:ce:ff:69:80:6c:8e:35:95:f5:e5:41:
c6:19:ab:ed:dd:05:65:d1:55:d2:fc:ee:14:3d:30:7f:45:f1:
70:78:78:91:96:a1:b0:2b:87:e6:3b:59:5e:10:7f:48:e5:f8:
3f:a3:bb:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJn3LISKw+ihc9PHeX6S9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDc4NmIyNGI0YjMwMjc1YmNjOGQ1MjQ0ZTM0ZWUwMDQ4
MWQ3OTAwHhcNMjQwMTAxMjIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg1NDlkMGUxOGRmYjQzOWQzYzIyOTZkZTQ4Y2ViNDJiZDBkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC+xSqKftTigh/cLq5HWwy7MbbDB
DNf0W5ZjVE7fWEhPSQr/RcBB9vLy+v/rKA10c3/OCRniK04yM6PaT1sE7Wf3h7XU
PJgrv+uLR+AewIV19k4JYHuUa9RB+P5iZK6pp5VLW4Erkbpuvg4rhz+wAhaYXwyc
N5kdt/dqreu8bFC81jQNEDKLfbx34erEMhirLHIkcJkBFwSg8v/DWGyGWYO40DUd
FOT28waZddvw0cMGA5jPXu7mYBlMXkIsELNwp+k05SfTIafPHtt/PfXioukJlypP
bgD5bNX3qDbBtleIXrRygSAZe669eqRKRCi8vQSbTZFTCT/k1fAPnQ7GtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJyFSdDhjftDnTwilt5IzrQr0N1UMB8GA1UdIwQY
MBaAFL/XhrJLSzAnW8yNUkTjTuAEgdeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5Yjct
MWExZjkzNjQ1NGVjLzEvbklWSjBPR04tME9kUENLVzNrak90Q3ZRM1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5YjctMWExZjkzNjQ1NGVj
LzEvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvF6+AwQC
we5kAwQBw7IcMA0GCSqGSIb3DQEBCwUAA4IBAQAGqkXuganlq+kDxeJccYd6in93
z+GwmUxsZM/kQ/tBn3A1Y2kCGCasDj7LTgSiYSDI7ktOmiD7g62c7WWF2g5YF0NE
73Jk8KVMoMwAtLnWtlBQvXTy+YlI5s1viKp4SEO1EEla/EwANRNrn/GI6cZBX2xW
CBfIXrfmDu3BITjTL4wsjJXA0XeEkIOr+K1U1Lp/x3p+1KLO6A0BGYGLRgbgYtaf
GoWCylrhr4TNHF1Etmff+klTVIaFwutAFn03GrDJ89gmxnqxX5i8gS4kzv9pgGyO
NZX15UHGGavt3QVl0VXS/O4UPTB/RfFweHiRlqGwK4fmO1leEH9I5fg/o7sv
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:52:23 2025 by rpki-client