Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/n4nCXrjS5PgbRIEzWEIiMX1r7R4.roa
File: n4nCXrjS5PgbRIEzWEIiMX1r7R4.roa (raw, json)
Hash identifier: AyYaSDUnd3sJx6Pyrs5dcAj5v7wEV/eb66NIn/mQ4+E=
Subject key identifier: 9F:89:C2:5E:B8:D2:E4:F8:1B:44:81:33:58:42:22:31:7D:6B:ED:1E
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 018DEF14B5CECB022D0F27A388FEC5512C6A
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/n4nCXrjS5PgbRIEzWEIiMX1r7R4.roa
Signing time: Wed 28 Feb 2024 09:38:48 +0000
ROA not before: Wed 28 Feb 2024 09:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 213.232.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 06:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:14:b5:ce:cb:02:2d:0f:27:a3:88:fe:c5:51:2c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: Feb 28 09:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f89c25eb8d2e4f81b448133584222317d6bed1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c8:09:5e:59:84:bb:34:f0:1d:05:0c:6e:06:
4e:d6:23:da:17:62:b9:6d:85:39:4d:59:26:b2:f5:
c2:5b:58:dc:a2:cf:8d:5f:45:8f:48:e9:17:45:8c:
6e:8d:f1:ea:af:c8:59:d6:91:7d:50:06:4f:0a:3b:
19:76:7b:c8:47:39:7f:04:ce:16:fa:2c:d6:e0:df:
15:81:d2:fa:d5:03:8a:ae:77:09:c7:d6:d0:8c:a1:
62:5a:23:44:e7:de:2f:32:fd:69:77:4d:57:73:82:
f3:32:98:d9:f4:fe:ff:9c:d7:3d:17:de:54:97:6e:
61:70:42:be:0b:7d:6f:e9:be:60:79:79:00:f5:55:
5f:19:e4:b5:a8:96:dc:ff:70:ab:7a:9b:50:22:f0:
72:f5:f9:3c:38:3c:13:77:8e:43:35:57:9e:bb:60:
6e:ef:0a:d7:cd:a7:5e:c3:79:4f:d9:a4:ae:dd:c8:
73:89:2e:e8:6e:fb:c5:b6:97:ba:e8:8f:07:84:8a:
d7:ca:ca:30:ba:d0:bb:b6:f1:d6:72:c4:2d:2d:86:
36:19:c7:9c:de:19:fb:d2:db:58:40:41:68:ec:77:
c4:21:2b:a0:2e:de:bf:f0:e3:10:bc:b5:0e:5b:d4:
95:96:ea:46:ca:a9:0f:5c:34:24:09:5e:e0:d9:ea:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:89:C2:5E:B8:D2:E4:F8:1B:44:81:33:58:42:22:31:7D:6B:ED:1E
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/n4nCXrjS5PgbRIEzWEIiMX1r7R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.236.0/24
Signature Algorithm: sha256WithRSAEncryption
32:7b:81:0d:95:f3:cf:cc:cb:92:77:94:29:56:86:01:d9:74:
aa:66:cc:87:50:53:c7:b8:7c:a3:33:bd:40:2c:81:3c:fc:9d:
3a:e3:c9:bd:d7:7b:fa:61:7d:10:9b:3a:15:9c:d7:98:c3:5c:
8a:85:1a:98:cf:33:9d:b4:af:04:72:57:44:b9:76:8b:ba:55:
42:4a:7e:35:fb:3c:35:34:b9:3c:f8:0c:1d:f1:62:61:55:99:
7f:5d:7d:fc:e3:60:49:01:f5:13:03:8c:e7:fa:90:c1:40:0d:
c6:48:5e:ae:c3:6c:c2:a9:41:6a:de:91:e0:26:41:bf:ae:57:
5e:40:e1:15:82:16:73:dc:df:18:ec:a4:1b:08:22:0a:39:83:
9e:8a:5d:a2:16:56:7f:c7:b6:8d:99:c2:d4:ae:cf:52:c4:2f:
97:95:30:40:4f:64:f4:36:29:8f:9a:d2:49:19:2e:42:51:01:
3a:73:83:e3:c3:60:fb:55:03:e7:e1:2c:1e:8c:ea:79:54:1d:
6f:fa:5d:61:93:19:8d:8c:34:27:2c:9e:2b:cb:7c:b5:ee:c0:
84:3b:c5:49:cb:78:29:b8:94:95:63:84:00:36:42:e9:e6:24:
8f:5b:b7:88:e8:8f:bf:9d:68:7e:ee:e3:91:b5:00:c4:c9:98:
f5:83:f9:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3vFLXOywItDyejiP7FUSxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjQwMjI4MDkzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg5YzI1ZWI4ZDJlNGY4MWI0NDgxMzM1ODQyMjIzMTdkNmJlZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8gJXlmEuzTwHQUMbgZO1iPaF2K5
bYU5TVkmsvXCW1jcos+NX0WPSOkXRYxujfHqr8hZ1pF9UAZPCjsZdnvIRzl/BM4W
+izW4N8VgdL61QOKrncJx9bQjKFiWiNE594vMv1pd01Xc4LzMpjZ9P7/nNc9F95U
l25hcEK+C31v6b5geXkA9VVfGeS1qJbc/3CreptQIvBy9fk8ODwTd45DNVeeu2Bu
7wrXzadew3lP2aSu3chziS7obvvFtpe66I8HhIrXysowutC7tvHWcsQtLYY2Gcec
3hn70ttYQEFo7HfEISugLt6/8OMQvLUOW9SVlupGyqkPXDQkCV7g2eq1JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+Jwl640uT4G0SBM1hCIjF9a+0eMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvbjRuQ1hyalM1UGdiUklFeldFSWlNWDFyN1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejsMA0G
CSqGSIb3DQEBCwUAA4IBAQAye4ENlfPPzMuSd5QpVoYB2XSqZsyHUFPHuHyjM71A
LIE8/J0648m913v6YX0QmzoVnNeYw1yKhRqYzzOdtK8EcldEuXaLulVCSn41+zw1
NLk8+Awd8WJhVZl/XX3842BJAfUTA4zn+pDBQA3GSF6uw2zCqUFq3pHgJkG/rlde
QOEVghZz3N8Y7KQbCCIKOYOeil2iFlZ/x7aNmcLUrs9SxC+XlTBAT2T0NimPmtJJ
GS5CUQE6c4Pjw2D7VQPn4SwejOp5VB1v+l1hkxmNjDQnLJ4ry3y17sCEO8VJy3gp
uJSVY4QANkLp5iSPW7eI6I+/nWh+7uORtQDEyZj1g/m7
-----END CERTIFICATE-----
Generated at Mon Apr 8 11:23:23 2024 by rpki-client on console-ams.rpki-client.org