Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/npsJd9tzXu6-3OeD6qLIC902XZE.roa
File: npsJd9tzXu6-3OeD6qLIC902XZE.roa (raw, json)
Hash identifier: NpGddvUoEUEaoGUh0mJVcPv4IKl/SpDzt19sxWyFPCE=
Subject key identifier: 9E:9B:09:77:DB:73:5E:EE:BE:DC:E7:83:EA:A2:C8:0B:DD:36:5D:91
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018DC2DE8FBD00ABB210F21B1D768F652B39
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/npsJd9tzXu6-3OeD6qLIC902XZE.roa
Signing time: Mon 19 Feb 2024 19:36:22 +0000
ROA not before: Mon 19 Feb 2024 19:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.80.141.0/24 maxlen: 24
88.80.142.0/24 maxlen: 24
88.80.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 21:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:de:8f:bd:00:ab:b2:10:f2:1b:1d:76:8f:65:2b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Feb 19 19:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e9b0977db735eeebedce783eaa2c80bdd365d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:46:96:4a:ce:ff:39:68:59:92:97:19:16:98:
b3:ec:f6:91:ef:36:ed:39:c8:b1:fa:d6:30:2e:c8:
0c:2c:3e:10:09:d4:51:55:84:e2:f8:53:1f:62:1c:
ea:4a:a2:a8:00:20:9f:6b:15:b0:ec:96:4f:3e:8a:
8b:7e:81:76:0f:fd:5d:09:2d:cb:24:71:c0:c7:9b:
94:62:44:39:79:2f:70:ad:43:3d:da:f2:5f:81:ca:
32:07:55:a9:1f:07:ee:0c:a1:ac:e1:75:9e:4d:b8:
c8:11:9c:23:b2:8b:aa:68:70:80:d8:74:62:fe:66:
ae:a0:a5:dd:26:10:27:09:87:75:6a:ff:86:bb:b9:
e1:ca:88:c6:87:65:a7:26:cc:a8:c8:a6:ec:bc:22:
88:d4:ce:8d:c0:44:a7:c8:5f:69:41:b8:5a:6d:0f:
4f:be:25:32:7c:53:34:82:bd:67:09:2a:9c:32:2f:
e8:f6:01:e7:1f:96:e5:79:05:54:f2:b2:a0:57:f2:
33:fa:5e:18:92:78:f6:16:b8:da:a7:d9:b6:45:f8:
fc:56:95:1c:f6:e1:e8:36:2c:67:51:51:5f:54:63:
cb:21:04:f9:29:10:68:72:fc:81:ec:76:77:6b:c7:
11:44:5c:b4:3b:22:21:57:46:4e:3a:19:29:f3:20:
76:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9B:09:77:DB:73:5E:EE:BE:DC:E7:83:EA:A2:C8:0B:DD:36:5D:91
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/npsJd9tzXu6-3OeD6qLIC902XZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.141.0-88.80.143.255
Signature Algorithm: sha256WithRSAEncryption
56:50:ba:99:fd:99:34:36:b7:7e:8b:77:8f:e2:9e:60:81:2c:
0b:67:5c:47:ab:1f:99:26:20:42:7a:cb:8c:8f:18:6d:b7:98:
69:63:66:60:c0:53:32:c8:75:7b:9f:f3:83:7c:d4:29:30:a5:
54:40:da:30:f5:69:fa:fa:f6:50:b1:69:ce:93:d7:b3:5d:bd:
7b:10:13:d6:e6:cf:5b:63:48:3e:bf:13:39:9e:4d:09:d0:34:
37:cc:69:79:36:79:51:38:4c:5f:d7:a4:ee:6e:af:cf:72:fa:
01:0c:41:c5:13:99:03:26:c3:c7:88:3b:70:c3:e9:e5:28:b4:
a3:f8:c1:22:08:be:f3:17:cb:88:a4:3c:ed:3d:78:6d:1c:06:
da:1c:66:2e:36:7b:d5:49:a1:22:9d:8b:60:6a:aa:b8:0e:7d:
09:e5:0e:70:c6:43:d1:93:b5:f9:d2:2d:ec:cf:35:76:fa:f2:
07:3d:aa:b7:f4:a3:58:f5:d7:fd:89:76:38:a1:72:6b:c8:46:
4e:2e:cd:76:be:4c:53:2f:ef:71:5c:79:fc:f8:d0:37:3b:87:
1b:be:9b:97:d7:5c:f2:e9:40:36:0b:21:e6:9d:10:a7:19:dc:
24:5f:65:fd:0c:a7:d8:31:aa:4e:7f:15:48:f5:fa:c2:67:14:
f7:67:08:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3C3o+9AKuyEPIbHXaPZSs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMjE5MTkzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTliMDk3N2RiNzM1ZWVlYmVkY2U3ODNlYWEyYzgwYmRkMzY1ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUaWSs7/OWhZkpcZFpiz7PaR7zbt
Ocix+tYwLsgMLD4QCdRRVYTi+FMfYhzqSqKoACCfaxWw7JZPPoqLfoF2D/1dCS3L
JHHAx5uUYkQ5eS9wrUM92vJfgcoyB1WpHwfuDKGs4XWeTbjIEZwjsouqaHCA2HRi
/mauoKXdJhAnCYd1av+Gu7nhyojGh2WnJsyoyKbsvCKI1M6NwESnyF9pQbhabQ9P
viUyfFM0gr1nCSqcMi/o9gHnH5bleQVU8rKgV/Iz+l4Yknj2Frjap9m2Rfj8VpUc
9uHoNixnUVFfVGPLIQT5KRBocvyB7HZ3a8cRRFy0OyIhV0ZOOhkp8yB2JQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ6bCXfbc17uvtzng+qiyAvdNl2RMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvbnBzSmQ5dHpYdTYtM09lRDZxTElDOTAyWFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABYUI0D
BARYUIAwDQYJKoZIhvcNAQELBQADggEBAFZQupn9mTQ2t36Ld4/inmCBLAtnXEer
H5kmIEJ6y4yPGG23mGljZmDAUzLIdXuf84N81CkwpVRA2jD1afr69lCxac6T17Nd
vXsQE9bmz1tjSD6/EzmeTQnQNDfMaXk2eVE4TF/XpO5ur89y+gEMQcUTmQMmw8eI
O3DD6eUotKP4wSIIvvMXy4ikPO09eG0cBtocZi42e9VJoSKdi2BqqrgOfQnlDnDG
Q9GTtfnSLezPNXb68gc9qrf0o1j11/2JdjihcmvIRk4uzXa+TFMv73Fcefz40Dc7
hxu+m5fXXPLpQDYLIeadEKcZ3CRfZf0Mp9gxqk5/FUj1+sJnFPdnCKM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org