Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/N0oukpzwLXO_WemnLM37wTFhVxI.roa
File: N0oukpzwLXO_WemnLM37wTFhVxI.roa (raw, json)
Hash identifier: M4ZAx2w8p3sCTp0ui97RNTKdUH9z02ff3l0zzCKUPTU=
Subject key identifier: 37:4A:2E:92:9C:F0:2D:73:BF:59:E9:A7:2C:CD:FB:C1:31:61:57:12
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 0186F0B0D8711DA3E2B49584A7EB8AD296B3
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/N0oukpzwLXO_WemnLM37wTFhVxI.roa
Signing time: Fri 17 Mar 2023 17:49:26 +0000
ROA not before: Fri 17 Mar 2023 17:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15547
IP address blocks: 81.88.176.0/20 maxlen: 20
81.88.176.0/21 maxlen: 21
213.221.128.0/19 maxlen: 19
195.162.167.0/24 maxlen: 24
2a03:4380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Mar 2023 16:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:b0:d8:71:1d:a3:e2:b4:95:84:a7:eb:8a:d2:96:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Mar 17 17:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=374a2e929cf02d73bf59e9a72ccdfbc131615712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:a9:e5:72:3d:78:16:d8:15:f3:56:6e:d6:
ad:1d:b9:25:ef:ab:88:00:72:cd:4d:d0:5f:fd:a6:
32:38:e6:cb:a5:e2:18:99:9f:dc:3f:51:f3:f4:50:
0f:52:11:1d:d6:6f:3b:16:53:16:38:0f:6a:ab:f6:
cd:50:37:2f:c9:d6:2f:b6:7a:40:cd:7d:c3:d4:6f:
ed:56:f2:9e:8c:ad:1f:66:0e:08:3c:df:a2:15:98:
fe:fa:37:5f:16:57:2b:cc:57:c9:8b:de:06:a1:d1:
24:78:5c:3e:f1:2f:f8:ec:45:19:e3:c4:8e:0a:68:
d3:d4:d9:a1:da:ca:e0:5d:c5:c0:e3:ef:26:60:12:
f4:de:50:12:f8:a1:3a:a8:4d:14:4c:17:9f:8b:ab:
37:7a:c2:79:87:61:f3:21:73:56:70:4d:6e:7c:0e:
d8:59:2f:3b:fb:a7:9b:3e:a3:51:a2:ac:b8:2d:0a:
88:a7:b5:69:46:a0:dd:c9:bb:e3:7d:31:8e:dd:9b:
b0:54:be:16:a2:c9:f1:16:25:da:57:32:61:df:ac:
d5:78:1d:7c:45:38:44:32:66:fb:fc:0a:c4:55:70:
c4:fd:e4:2e:06:d8:b9:4d:48:1d:d5:de:d6:43:d6:
a5:65:ee:96:d9:42:77:f8:dd:24:49:02:a8:34:f5:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4A:2E:92:9C:F0:2D:73:BF:59:E9:A7:2C:CD:FB:C1:31:61:57:12
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/N0oukpzwLXO_WemnLM37wTFhVxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.176.0/20
195.162.167.0/24
213.221.128.0/19
IPv6:
2a03:4380::/32
Signature Algorithm: sha256WithRSAEncryption
bf:f6:fc:6e:6f:fb:5d:b0:a9:34:ce:41:96:5e:05:b2:05:17:
e2:86:e4:f9:b5:e7:07:e1:4e:2e:b9:27:92:54:a0:cc:e5:d9:
28:82:32:c2:0b:59:bd:c7:46:0b:74:7a:07:bd:0f:73:38:bc:
8f:60:7e:9e:82:34:dc:bb:d3:22:17:c4:bd:7b:fd:5d:3e:05:
32:6d:9d:0d:a9:70:80:43:14:9f:67:36:42:cf:dc:1f:58:dc:
42:04:cf:0a:a9:a0:ef:ee:5e:00:be:2f:9c:dc:7d:b0:9b:ac:
c0:b1:90:b3:f6:16:25:c7:33:d7:5e:5f:0f:d7:5a:ca:fd:de:
34:92:e2:cf:f8:ae:59:90:0f:ac:20:c3:4f:7c:e4:cb:67:99:
5d:60:82:95:fe:95:36:2e:11:16:ff:5b:b3:04:4d:6b:24:76:
f8:57:66:85:13:62:7b:65:af:d2:46:b6:bd:38:c3:46:39:2c:
e1:da:13:27:a5:05:a5:c8:9d:36:00:ae:f9:2d:69:87:56:26:
f3:cf:ca:a5:6f:01:c4:5e:ce:67:74:79:1f:1e:0a:f9:ca:6d:
49:c4:8b:14:f1:40:8d:d9:59:72:bf:6c:1e:72:09:ad:c3:7c:
94:b0:4c:dc:20:ac:fa:32:14:5c:3c:37:93:ca:21:40:fc:85:
76:30:5a:d8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYbwsNhxHaPitJWEp+uK0pazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjMwMzE3MTc0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzRhMmU5MjljZjAyZDczYmY1OWU5YTcyY2NkZmJjMTMxNjE1NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUmp5XI9eBbYFfNWbtatHbkl76uI
AHLNTdBf/aYyOObLpeIYmZ/cP1Hz9FAPUhEd1m87FlMWOA9qq/bNUDcvydYvtnpA
zX3D1G/tVvKejK0fZg4IPN+iFZj++jdfFlcrzFfJi94GodEkeFw+8S/47EUZ48SO
CmjT1Nmh2srgXcXA4+8mYBL03lAS+KE6qE0UTBefi6s3esJ5h2HzIXNWcE1ufA7Y
WS87+6ebPqNRoqy4LQqIp7VpRqDdybvjfTGO3ZuwVL4WosnxFiXaVzJh36zVeB18
RThEMmb7/ArEVXDE/eQuBti5TUgd1d7WQ9alZe6W2UJ3+N0kSQKoNPUNIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDdKLpKc8C1zv1nppyzN+8ExYVcSMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEvTjBvdWtwendMWE9fV2VtbkxNMzd3VEZoVnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUViwAwQA
w6KnAwQF1d2AMA0EAgACMAcDBQAqA0OAMA0GCSqGSIb3DQEBCwUAA4IBAQC/9vxu
b/tdsKk0zkGWXgWyBRfihuT5tecH4U4uuSeSVKDM5dkogjLCC1m9x0YLdHoHvQ9z
OLyPYH6egjTcu9MiF8S9e/1dPgUybZ0NqXCAQxSfZzZCz9wfWNxCBM8KqaDv7l4A
vi+c3H2wm6zAsZCz9hYlxzPXXl8P11rK/d40kuLP+K5ZkA+sIMNPfOTLZ5ldYIKV
/pU2LhEW/1uzBE1rJHb4V2aFE2J7Za/SRra9OMNGOSzh2hMnpQWlyJ02AK75LWmH
Vibzz8qlbwHEXs5ndHkfHgr5ym1JxIsU8UCN2Vlyv2wecgmtw3yUsEzcIKz6MhRc
PDeTyiFA/IV2MFrY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:09 2024 by rpki-client on console-ams.rpki-client.org