Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bNXnXntzmYz5GL4zaJcp1JUB36c.roa
File: bNXnXntzmYz5GL4zaJcp1JUB36c.roa (raw, json)
Hash identifier: DLd8As9YG7b6HCQ52kXb7grBiakBUoA8nceIf9PSm1M=
Subject key identifier: 6C:D5:E7:5E:7B:73:99:8C:F9:18:BE:33:68:97:29:D4:95:01:DF:A7
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018C1BF97291DCB1258BC3AF4CF984DEE9A0
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bNXnXntzmYz5GL4zaJcp1JUB36c.roa
Signing time: Wed 29 Nov 2023 16:46:21 +0000
ROA not before: Wed 29 Nov 2023 16:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20657
IP address blocks: 195.68.214.0/23 maxlen: 24
193.108.24.0/24 maxlen: 24
194.79.15.0/24 maxlen: 24
194.79.12.0/23 maxlen: 24
88.80.131.0/24 maxlen: 24
88.80.132.0/24 maxlen: 24
88.80.133.0/24 maxlen: 24
88.80.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:f9:72:91:dc:b1:25:8b:c3:af:4c:f9:84:de:e9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Nov 29 16:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd5e75e7b73998cf918be33689729d49501dfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:e7:ce:9f:3c:20:74:72:4f:b4:3d:f4:9e:
7c:cf:31:03:f9:e1:58:54:36:8e:23:b4:8f:9f:f2:
c2:06:fb:5f:39:ca:28:74:84:46:0f:7d:da:37:07:
a2:26:31:98:60:4b:9e:37:a0:75:3b:b0:a4:34:7b:
d0:71:ca:73:84:8f:58:43:fa:e8:a3:25:77:97:ae:
79:43:ab:02:96:55:4e:40:d2:da:d7:eb:47:6a:2b:
02:08:60:43:9d:fa:8e:b6:0d:35:6f:31:62:84:20:
a0:bd:e6:94:b8:99:4c:db:c2:4a:d1:59:ae:64:8a:
28:f5:c2:0d:8f:18:08:80:c5:cd:a4:a6:6d:e7:66:
57:2d:3e:7a:51:d6:cb:c2:65:de:10:e4:2e:f8:d1:
ba:14:73:08:57:cb:6f:3c:9d:dd:73:10:6c:58:9f:
8b:5e:39:9b:e2:07:96:87:e5:12:d8:97:29:ab:0c:
c8:ca:d6:f2:ad:34:ae:94:8c:63:67:28:b2:6c:40:
69:d3:c4:a8:f3:62:2e:97:e4:cc:81:d2:13:9a:37:
80:4f:ba:8a:5d:ea:c1:95:d3:c2:65:be:20:4f:83:
94:e4:38:45:95:bb:3b:eb:7a:06:e6:7f:6a:60:92:
35:77:4d:62:ec:91:59:1e:56:58:f8:99:74:23:92:
e2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D5:E7:5E:7B:73:99:8C:F9:18:BE:33:68:97:29:D4:95:01:DF:A7
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bNXnXntzmYz5GL4zaJcp1JUB36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.131.0-88.80.133.255
88.80.152.0/21
193.108.24.0/24
194.79.12.0/23
194.79.15.0/24
195.68.214.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:36:15:a2:a1:02:63:5e:0d:22:9e:58:6d:e6:96:1f:aa:ea:
c7:af:09:0c:a3:56:ce:23:56:8a:8f:13:63:00:53:85:90:7d:
05:70:a5:3b:76:08:46:98:0f:ec:9b:52:5e:62:aa:04:76:dc:
d7:f7:47:55:3c:62:49:5d:d9:c3:2d:de:5f:30:f2:fc:6d:13:
d8:be:01:be:96:fa:9a:1b:ed:6d:c2:2b:18:38:c7:43:b6:db:
b8:c6:fd:50:3d:8b:1e:34:ee:6f:27:9e:de:16:9b:24:84:a3:
cd:c8:4f:3a:85:33:70:31:e9:77:ec:71:75:de:d0:0c:56:a0:
f9:c8:66:5d:ee:73:27:f7:94:b3:9a:e9:37:db:6b:b3:0f:ac:
d4:2e:4a:bd:0d:5c:aa:d5:24:03:3b:c9:f5:da:30:ea:c7:d7:
b7:da:86:c2:fe:f1:dc:d0:69:e7:17:db:c2:68:1c:25:d1:48:
5b:9a:5e:09:ec:0f:08:3c:be:3d:1a:4d:2e:eb:be:d1:cf:65:
85:52:ee:68:85:86:03:eb:16:cf:75:3a:eb:07:b9:8b:b8:5a:
33:65:28:bf:40:71:b2:76:9d:02:e2:44:0b:aa:9b:18:10:37:
af:93:45:4d:45:7e:72:99:2e:99:46:66:4a:59:3d:73:b7:e0:
03:5d:94:2e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYwb+XKR3LEli8OvTPmE3umgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMxMTI5MTY0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q1ZTc1ZTdiNzM5OThjZjkxOGJlMzM2ODk3MjlkNDk1MDFkZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf/nzp88IHRyT7Q99J58zzED+eFY
VDaOI7SPn/LCBvtfOcoodIRGD33aNweiJjGYYEueN6B1O7CkNHvQccpzhI9YQ/ro
oyV3l655Q6sCllVOQNLa1+tHaisCCGBDnfqOtg01bzFihCCgveaUuJlM28JK0Vmu
ZIoo9cINjxgIgMXNpKZt52ZXLT56UdbLwmXeEOQu+NG6FHMIV8tvPJ3dcxBsWJ+L
Xjmb4geWh+US2JcpqwzIytbyrTSulIxjZyiybEBp08So82Iul+TMgdITmjeAT7qK
XerBldPCZb4gT4OU5DhFlbs763oG5n9qYJI1d01i7JFZHlZY+Jl0I5LicwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGzV5157c5mM+Ri+M2iXKdSVAd+nMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvYk5YblhudHptWXo1R0w0emFKY3AxSlVCMzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABYUIMD
BAFYUIQDBANYUJgDBADBbBgDBAHCTwwDBADCTw8DBAHDRNYwDQYJKoZIhvcNAQEL
BQADggEBACw2FaKhAmNeDSKeWG3mlh+q6sevCQyjVs4jVoqPE2MAU4WQfQVwpTt2
CEaYD+ybUl5iqgR23Nf3R1U8Ykld2cMt3l8w8vxtE9i+Ab6W+pob7W3CKxg4x0O2
27jG/VA9ix407m8nnt4WmySEo83ITzqFM3Ax6XfscXXe0AxWoPnIZl3ucyf3lLOa
6Tfba7MPrNQuSr0NXKrVJAM7yfXaMOrH17fahsL+8dzQaecX28JoHCXRSFuaXgns
Dwg8vj0aTS7rvtHPZYVS7miFhgPrFs91OusHuYu4WjNlKL9AcbJ2nQLiRAuqmxgQ
N6+TRU1FfnKZLplGZkpZPXO34ANdlC4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org