Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/nQKY21ZKSCjCtIHo1B98VTVeS10.roa
File: nQKY21ZKSCjCtIHo1B98VTVeS10.roa (raw, json)
Hash identifier: DKuqY+08nY+qmBBombnN4CXDQrlPocN1FzSUskaeddA=
Subject key identifier: 9D:02:98:DB:56:4A:48:28:C2:B4:81:E8:D4:1F:7C:55:35:5E:4B:5D
Certificate issuer: /CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Certificate serial: 018CC9BCD949ACB140C04B5EFB9CD4351B59
Authority key identifier: 8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/nQKY21ZKSCjCtIHo1B98VTVeS10.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201179
IP address blocks: 176.110.124.0/24 maxlen: 24
176.110.125.0/24 maxlen: 24
176.110.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d9:49:ac:b1:40:c0:4b:5e:fb:9c:d4:35:1b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d0298db564a4828c2b481e8d41f7c55355e4b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:14:98:2b:cb:ce:86:d9:6d:8d:8d:0b:e5:7b:
93:35:a2:36:0f:4b:00:dc:da:4d:5c:87:f2:4f:9b:
31:81:1f:17:19:80:5a:72:77:e9:98:40:ee:cc:24:
02:e1:f2:93:3f:8c:42:9b:d2:48:dd:ec:32:01:ed:
c0:ec:ce:7d:13:70:dd:c4:a8:17:1e:26:16:d3:15:
0e:11:af:bd:e1:e5:d7:32:d4:b8:f4:d1:ee:1e:2e:
15:2f:01:11:b2:ae:55:99:d2:5c:9f:5d:1c:8c:64:
9a:18:89:12:47:8a:ff:ec:c2:63:c7:ef:d2:7c:a4:
c7:62:2c:17:1b:6b:5a:25:d0:f2:22:e4:75:e9:65:
56:0d:f5:40:e4:38:7b:af:d8:83:f5:50:f0:ab:b0:
60:3d:e2:07:27:02:93:18:7b:35:c6:02:ce:32:bc:
3c:20:35:5a:98:20:23:c3:66:1f:1e:bf:5b:df:21:
6a:80:40:fd:ea:c4:da:15:74:f2:57:7c:8f:c0:81:
78:01:c4:84:b9:50:b5:d4:d6:be:b9:90:9b:ed:b0:
c8:cc:f7:8b:5b:04:25:2b:e8:50:68:8b:28:6f:55:
ea:bf:69:2f:55:8e:55:fb:f1:0f:35:36:e4:72:db:
c1:48:e5:1e:9c:c8:8a:5f:9e:d5:fa:0e:3d:23:c6:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:02:98:DB:56:4A:48:28:C2:B4:81:E8:D4:1F:7C:55:35:5E:4B:5D
X509v3 Authority Key Identifier:
keyid:8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/nQKY21ZKSCjCtIHo1B98VTVeS10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/jwrbomBJNHOMfJaSoLOrezCoK7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.124.0-176.110.126.255
Signature Algorithm: sha256WithRSAEncryption
a0:55:4f:c5:ce:85:26:43:5e:e7:0e:db:a1:1b:e3:6c:fd:c6:
51:23:bf:f3:fd:dc:80:89:8f:b6:56:83:09:78:bd:4f:4d:c7:
85:5a:f6:f7:7b:a1:32:4c:c9:d0:19:a8:28:5e:2e:18:1f:cd:
42:ba:e5:25:fd:95:b0:e7:5b:30:58:b2:d9:92:dc:65:19:f0:
27:61:87:b1:b9:f1:31:29:33:75:b7:3b:c2:1e:75:5a:17:78:
1b:55:bf:5b:f0:40:65:c8:8b:0f:95:7e:73:bd:19:14:45:ed:
d7:63:88:bc:4e:83:c4:d6:19:99:da:83:9a:f1:dd:25:80:6e:
14:2a:fb:89:4d:ab:ee:6c:a6:42:bb:76:b8:b0:71:de:49:bf:
7b:28:43:8f:2c:70:b6:ef:b0:98:14:e2:1b:9a:e1:25:f5:4a:
cb:90:69:d2:48:ca:44:80:d1:0b:65:54:2a:bb:e0:f6:f5:9b:
58:99:e1:6b:51:98:7c:9e:ea:96:d6:31:70:4b:ea:fd:12:96:
c3:66:ae:62:9f:cd:84:ab:68:08:85:55:61:d3:54:b3:13:84:
81:94:6d:8b:f2:90:f4:98:e0:fa:1b:90:35:83:5e:c6:ea:27:
89:b5:91:54:69:bc:47:59:28:90:0e:ce:f6:3e:6d:43:01:84:
0f:b5:b2:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvNlJrLFAwEte+5zUNRtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMGFkYmEyNjA0OTM0NzM4YzdjOTY5MmEwYjNhYjdiMzBh
ODJiYjIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDAyOThkYjU2NGE0ODI4YzJiNDgxZThkNDFmN2M1NTM1NWU0YjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxSYK8vOhtltjY0L5XuTNaI2D0sA
3NpNXIfyT5sxgR8XGYBacnfpmEDuzCQC4fKTP4xCm9JI3ewyAe3A7M59E3DdxKgX
HiYW0xUOEa+94eXXMtS49NHuHi4VLwERsq5VmdJcn10cjGSaGIkSR4r/7MJjx+/S
fKTHYiwXG2taJdDyIuR16WVWDfVA5Dh7r9iD9VDwq7BgPeIHJwKTGHs1xgLOMrw8
IDVamCAjw2YfHr9b3yFqgED96sTaFXTyV3yPwIF4AcSEuVC11Na+uZCb7bDIzPeL
WwQlK+hQaIsob1Xqv2kvVY5V+/EPNTbkctvBSOUenMiKX57V+g49I8bnbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ0CmNtWSkgowrSB6NQffFU1XktdMB8GA1UdIwQY
MBaAFI8K26JgSTRzjHyWkqCzq3swqCuyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEt
N2JhZmRlNGM0YjI0LzEvblFLWTIxWktTQ2pDdElIbzFCOThWVFZlUzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEtN2JhZmRlNGM0YjI0
LzEvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKwbnwD
BACwbn4wDQYJKoZIhvcNAQELBQADggEBAKBVT8XOhSZDXucO26Eb42z9xlEjv/P9
3ICJj7ZWgwl4vU9Nx4Va9vd7oTJMydAZqCheLhgfzUK65SX9lbDnWzBYstmS3GUZ
8Cdhh7G58TEpM3W3O8IedVoXeBtVv1vwQGXIiw+VfnO9GRRF7ddjiLxOg8TWGZna
g5rx3SWAbhQq+4lNq+5spkK7driwcd5Jv3soQ48scLbvsJgU4hua4SX1SsuQadJI
ykSA0QtlVCq74Pb1m1iZ4WtRmHye6pbWMXBL6v0SlsNmrmKfzYSraAiFVWHTVLMT
hIGUbYvykPSY4PobkDWDXsbqJ4m1kVRpvEdZKJAOzvY+bUMBhA+1spA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:52 2024 by rpki-client on console-fra.rpki-client.org