Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9gVYxZmYBCqlW57G2rA_NVCExok.roa
File: 9gVYxZmYBCqlW57G2rA_NVCExok.roa (raw, json)
Hash identifier: QGY7UkGfy25IwmsPD7vfQt6wZq+ZdYbR7L9gNx2T5Z0=
Subject key identifier: F6:05:58:C5:99:98:04:2A:A5:5B:9E:C6:DA:B0:3F:35:50:84:C6:89
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B61AF8AE4712D7F41952AEEB5BAF5AF52
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9gVYxZmYBCqlW57G2rA_NVCExok.roa
Signing time: Tue 24 Oct 2023 12:36:16 +0000
ROA not before: Tue 24 Oct 2023 12:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 93.114.194.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 10:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:af:8a:e4:71:2d:7f:41:95:2a:ee:b5:ba:f5:af:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 24 12:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f60558c59998042aa55b9ec6dab03f355084c689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5d:75:f1:6b:f9:19:7e:74:ab:fc:a6:b1:6b:
d5:be:dd:c5:01:7e:0a:8c:60:13:57:08:0a:f7:86:
cb:d9:5f:d5:1a:95:0a:9b:8b:16:a4:29:c4:c9:05:
4f:3e:36:8a:c5:70:e9:a2:2a:eb:a9:1a:60:3a:f2:
29:ab:9a:39:9f:ff:76:86:7f:29:b0:ce:91:a5:87:
e5:7b:00:4b:36:0f:67:03:45:7b:8e:41:24:5d:b7:
67:b8:73:32:39:a9:24:3d:76:13:07:60:36:b8:0d:
f5:8d:05:d2:e2:44:b8:fb:08:39:b8:2a:c7:85:71:
00:6c:e9:e0:2d:35:bb:69:24:70:bb:e9:99:b7:d2:
fc:cf:f5:bf:f0:d9:e2:5d:c3:b6:d6:91:f8:61:89:
dc:17:46:39:c2:a1:6f:aa:eb:b6:97:1e:23:1c:c6:
82:f2:42:54:55:f9:d4:40:19:97:26:91:d0:b7:c5:
d8:b9:0b:d1:dd:bf:b8:ce:06:3d:ab:42:ce:3a:b5:
8a:cc:68:d5:1b:23:f7:de:4d:83:e0:4b:1b:75:15:
91:fe:1f:23:19:b7:7c:ab:c4:ea:84:7c:c8:9e:36:
c7:19:2b:0c:2d:d8:2f:ed:5b:a1:d1:86:65:03:49:
c8:01:31:f8:83:9e:2c:20:09:61:82:df:4b:8f:89:
ac:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:05:58:C5:99:98:04:2A:A5:5B:9E:C6:DA:B0:3F:35:50:84:C6:89
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9gVYxZmYBCqlW57G2rA_NVCExok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:bc:c8:6f:58:dd:82:ab:2d:29:00:aa:0e:17:b3:06:c6:b4:
a2:cf:a9:13:f3:b0:72:fa:24:db:59:4b:02:d9:ae:b8:b6:57:
f3:dd:3d:44:35:72:5f:93:c0:37:59:a7:01:18:1e:df:7d:7f:
ba:5f:a7:09:27:a4:17:cd:00:77:50:12:b8:7f:0f:0c:68:73:
2d:f6:8f:e2:2e:ac:97:f4:56:2e:78:85:5f:64:73:9f:a8:24:
4c:02:81:bc:8e:ee:a5:30:12:7a:ce:8f:ae:4d:dd:d2:bf:ff:
7d:5f:e1:1d:78:cd:18:59:24:b1:46:29:68:6e:bc:27:02:31:
0c:ee:88:61:d8:87:13:f3:91:ca:1c:05:e9:74:e2:e9:3e:4c:
f5:9b:55:88:da:21:fc:6f:7f:45:89:13:f8:ed:ca:0a:4b:fa:
49:f0:05:35:75:cd:8d:cf:03:d0:fa:4b:50:b2:24:cc:07:42:
7d:0b:d4:bf:89:f6:4a:92:0c:4d:02:7b:08:96:fa:d4:23:34:
45:4b:32:88:ae:f6:79:10:25:54:e2:3b:e8:8d:f2:4f:a9:07:
f1:c6:48:87:9d:48:44:10:21:f8:9e:2f:97:c7:7d:27:4e:33:
ba:6a:e1:01:3d:2d:80:e9:08:41:59:d7:87:9e:78:ea:54:fe:
63:0a:33:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYthr4rkcS1/QZUq7rW69a9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI0MTIzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA1NThjNTk5OTgwNDJhYTU1YjllYzZkYWIwM2YzNTUwODRjNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1118Wv5GX50q/ymsWvVvt3FAX4K
jGATVwgK94bL2V/VGpUKm4sWpCnEyQVPPjaKxXDpoirrqRpgOvIpq5o5n/92hn8p
sM6RpYflewBLNg9nA0V7jkEkXbdnuHMyOakkPXYTB2A2uA31jQXS4kS4+wg5uCrH
hXEAbOngLTW7aSRwu+mZt9L8z/W/8NniXcO21pH4YYncF0Y5wqFvquu2lx4jHMaC
8kJUVfnUQBmXJpHQt8XYuQvR3b+4zgY9q0LOOrWKzGjVGyP33k2D4EsbdRWR/h8j
Gbd8q8TqhHzInjbHGSsMLdgv7Vuh0YZlA0nIATH4g54sIAlhgt9Lj4msIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPYFWMWZmAQqpVuextqwPzVQhMaJMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvOWdWWXhabVlCQ3FsVzU3RzJyQV9OVkNFeG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVmuyAwQA
WSIbAwQBWSReAwQBWSm0AwQAXXLCAwQAuWVrAwQBvPHaMA0GCSqGSIb3DQEBCwUA
A4IBAQAfvMhvWN2Cqy0pAKoOF7MGxrSiz6kT87By+iTbWUsC2a64tlfz3T1ENXJf
k8A3WacBGB7ffX+6X6cJJ6QXzQB3UBK4fw8MaHMt9o/iLqyX9FYueIVfZHOfqCRM
AoG8ju6lMBJ6zo+uTd3Sv/99X+EdeM0YWSSxRilobrwnAjEM7ohh2IcT85HKHAXp
dOLpPkz1m1WI2iH8b39FiRP47coKS/pJ8AU1dc2NzwPQ+ktQsiTMB0J9C9S/ifZK
kgxNAnsIlvrUIzRFSzKIrvZ5ECVU4jvojfJPqQfxxkiHnUhEECH4ni+Xx30nTjO6
auEBPS2A6QhBWdeHnnjqVP5jCjMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org