Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/nQGMukvmQbaha4sw3Ly5BeuAMSw.roa
File: nQGMukvmQbaha4sw3Ly5BeuAMSw.roa (raw, json)
Hash identifier: OA7JngwDIIu/QXdG/gC5kqYN+6BYaXovO2r6jUPNlpY=
Subject key identifier: 9D:01:8C:BA:4B:E6:41:B6:A1:6B:8B:30:DC:BC:B9:05:EB:80:31:2C
Certificate issuer: /CN=c2e3fa87eb3169a7d2dd74453283021a2703c769
Certificate serial: 018CC7953D7CF65538FEBBDECB4658E0CBEA
Authority key identifier: C2:E3:FA:87:EB:31:69:A7:D2:DD:74:45:32:83:02:1A:27:03:C7:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wuP6h-sxaafS3XRFMoMCGicDx2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/nQGMukvmQbaha4sw3Ly5BeuAMSw.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44923
IP address blocks: 185.24.52.0/22 maxlen: 22
93.92.200.0/21 maxlen: 21
2a00:6f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3d:7c:f6:55:38:fe:bb:de:cb:46:58:e0:cb:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2e3fa87eb3169a7d2dd74453283021a2703c769
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d018cba4be641b6a16b8b30dcbcb905eb80312c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:20:68:d2:1f:2d:18:8f:af:48:a7:b9:35:
89:19:e2:6f:47:3e:97:b2:26:19:90:56:32:e8:71:
d9:65:bf:b2:85:8e:c6:55:de:bc:97:65:24:74:cd:
53:e5:74:eb:de:8c:f3:78:db:f1:0c:77:1a:bf:16:
b0:64:9c:21:7a:cc:d8:fe:87:c4:1b:c5:a6:32:1d:
09:82:7c:27:64:8d:3b:a3:22:8c:38:88:0c:b6:d0:
f4:a4:56:b3:3b:7c:52:cb:f0:68:8c:4b:d6:ba:3b:
e1:76:6f:59:7c:61:92:53:4f:2d:be:5b:8b:a0:1f:
5c:93:76:c4:c4:06:b3:8f:40:c0:5d:22:2d:e0:94:
04:80:ef:b2:99:01:88:c1:a1:a7:e0:0c:a0:ad:89:
91:98:6d:64:ab:4e:e8:a9:09:99:13:d6:ac:26:66:
8a:b0:cb:0b:d3:0f:d8:db:d6:0c:da:d0:c5:23:53:
bf:13:10:fb:0b:7f:3a:45:aa:8f:ea:c6:1c:f1:ac:
24:11:75:f6:e7:cd:52:ee:80:b5:8b:92:aa:48:e5:
8a:bf:2b:91:93:95:ad:87:b8:24:17:a8:b7:14:7e:
82:9c:fb:a3:af:4a:dc:36:7a:b2:c4:24:cd:9d:8b:
e0:fe:3b:97:2a:23:0c:a6:04:f7:84:b9:93:12:3f:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:01:8C:BA:4B:E6:41:B6:A1:6B:8B:30:DC:BC:B9:05:EB:80:31:2C
X509v3 Authority Key Identifier:
keyid:C2:E3:FA:87:EB:31:69:A7:D2:DD:74:45:32:83:02:1A:27:03:C7:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wuP6h-sxaafS3XRFMoMCGicDx2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/nQGMukvmQbaha4sw3Ly5BeuAMSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/99ba20-9bb7-4171-af56-dfe566411016/1/wuP6h-sxaafS3XRFMoMCGicDx2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.92.200.0/21
185.24.52.0/22
IPv6:
2a00:6f60::/32
Signature Algorithm: sha256WithRSAEncryption
77:44:bb:46:f9:14:e4:78:9d:31:fb:ef:55:c1:33:61:16:91:
3e:e1:32:1c:bc:00:58:30:bc:97:30:c3:8c:91:c2:a8:d0:7c:
86:8a:ae:d6:aa:86:67:11:28:a2:59:52:aa:c0:57:7d:61:50:
3a:70:7d:9e:74:ca:ed:fd:6e:fe:15:c9:5b:bd:3d:9b:0b:60:
ee:6c:36:69:b6:48:70:ee:4f:21:ac:f3:c5:5e:8d:d0:3c:39:
91:56:d4:fc:d1:7e:f8:01:6a:d3:42:85:50:7c:de:79:70:ad:
f8:4a:10:86:4b:d3:d3:9b:23:54:b3:13:b8:9d:4b:b8:bc:71:
e4:a5:e3:18:1a:91:88:52:95:55:a9:88:41:51:60:c6:2a:e8:
e9:1f:ab:74:db:4b:de:65:b9:b0:ff:24:4a:8b:8d:b6:bd:44:
89:bb:72:15:5f:ef:6f:6c:2b:b4:a8:b5:c6:b8:09:0d:21:e3:
a8:b3:22:10:86:4c:8c:80:90:e5:d6:3b:c5:da:3c:78:53:29:
86:4a:6b:77:de:9c:f3:4b:2b:ce:76:69:19:03:97:d0:9b:f5:
26:63:88:e0:4d:6c:79:6e:19:6a:47:f5:fb:01:de:25:b2:fb:
e3:55:ea:55:f7:05:0f:14:f9:5d:fd:b2:82:c2:1d:4f:39:a2:
a3:9c:1f:ee
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlT189lU4/rvey0ZY4MvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZTNmYTg3ZWIzMTY5YTdkMmRkNzQ0NTMyODMwMjFhMjcw
M2M3NjkwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDAxOGNiYTRiZTY0MWI2YTE2YjhiMzBkY2JjYjkwNWViODAzMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvUgaNIfLRiPr0inuTWJGeJvRz6X
siYZkFYy6HHZZb+yhY7GVd68l2UkdM1T5XTr3ozzeNvxDHcavxawZJwheszY/ofE
G8WmMh0JgnwnZI07oyKMOIgMttD0pFazO3xSy/BojEvWujvhdm9ZfGGSU08tvluL
oB9ck3bExAazj0DAXSIt4JQEgO+ymQGIwaGn4AygrYmRmG1kq07oqQmZE9asJmaK
sMsL0w/Y29YM2tDFI1O/ExD7C386RaqP6sYc8awkEXX2581S7oC1i5KqSOWKvyuR
k5Wth7gkF6i3FH6CnPujr0rcNnqyxCTNnYvg/juXKiMMpgT3hLmTEj/R9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ0BjLpL5kG2oWuLMNy8uQXrgDEsMB8GA1UdIwQY
MBaAFMLj+ofrMWmn0t10RTKDAhonA8dpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VQNmgtc3hhYWZTM1hSRk1vTUNHaWNEeDJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85OWJhMjAtOWJiNy00MTcxLWFmNTYt
ZGZlNTY2NDExMDE2LzEvblFHTXVrdm1RYmFoYTRzdzNMeTVCZXVBTVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85OWJhMjAtOWJiNy00MTcxLWFmNTYtZGZlNTY2NDExMDE2
LzEvd3VQNmgtc3hhYWZTM1hSRk1vTUNHaWNEeDJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXVzIAwQC
uRg0MA0EAgACMAcDBQAqAG9gMA0GCSqGSIb3DQEBCwUAA4IBAQB3RLtG+RTkeJ0x
++9VwTNhFpE+4TIcvABYMLyXMMOMkcKo0HyGiq7WqoZnESiiWVKqwFd9YVA6cH2e
dMrt/W7+FclbvT2bC2DubDZptkhw7k8hrPPFXo3QPDmRVtT80X74AWrTQoVQfN55
cK34ShCGS9PTmyNUsxO4nUu4vHHkpeMYGpGIUpVVqYhBUWDGKujpH6t020veZbmw
/yRKi422vUSJu3IVX+9vbCu0qLXGuAkNIeOosyIQhkyMgJDl1jvF2jx4UymGSmt3
3pzzSyvOdmkZA5fQm/UmY4jgTWx5bhlqR/X7Ad4lsvvjVepV9wUPFPld/bKCwh1P
OaKjnB/u
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:43 2025 by rpki-client