Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/NUKZMzRzwm-3ohn8UUVTgKtH2eA.roa
File: NUKZMzRzwm-3ohn8UUVTgKtH2eA.roa (raw, json)
Hash identifier: FT5VnZxcmFgk2HYDUtGCxG/cxODscAiWAnZttixXXFM=
Subject key identifier: 35:42:99:33:34:73:C2:6F:B7:A2:19:FC:51:45:53:80:AB:47:D9:E0
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018B8ADCED54C0D309D2337E2BB239C849B8
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/NUKZMzRzwm-3ohn8UUVTgKtH2eA.roa
Signing time: Wed 01 Nov 2023 12:30:16 +0000
ROA not before: Wed 01 Nov 2023 12:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49287
IP address blocks: 91.192.82.0/24 maxlen: 24
213.183.35.0/24 maxlen: 24
213.183.34.0/24 maxlen: 24
5.188.174.0/24 maxlen: 24
5.188.175.0/24 maxlen: 24
185.224.251.0/24 maxlen: 24
93.189.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:dc:ed:54:c0:d3:09:d2:33:7e:2b:b2:39:c8:49:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Nov 1 12:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=354299333473c26fb7a219fc51455380ab47d9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:57:b4:f3:73:00:b5:55:d4:f7:de:4b:11:52:
32:e0:ef:f7:0e:34:f2:b9:18:74:93:d3:ef:3f:91:
f3:1f:64:b8:ec:76:57:e9:c0:01:26:e4:77:63:98:
4c:65:3d:41:02:71:72:01:fb:fa:72:9f:03:f0:f8:
7e:56:0e:4a:82:6b:0c:3d:1d:7b:7f:1f:47:22:55:
cd:97:1c:67:8d:20:ef:dd:33:b8:eb:83:41:2f:a2:
f2:f5:bf:30:31:d1:be:c4:5e:fc:d9:8f:e0:0d:19:
f0:f2:6e:c8:e9:d9:77:95:b0:fc:51:46:a7:9d:d8:
7e:3e:7b:e7:42:74:f1:58:d2:c7:02:1b:c8:5f:98:
af:6e:78:f8:77:e0:fb:d0:09:d4:ac:17:5b:b0:f7:
97:eb:9e:eb:e0:8c:de:d1:42:27:15:92:b3:fb:ba:
76:03:95:8f:c7:a1:2d:1d:02:f9:c5:5c:0e:ff:88:
a3:d6:fc:cd:ca:98:29:e4:0f:f4:87:68:ac:59:2a:
74:8a:d3:3b:a5:bd:fc:19:0d:5d:85:c3:cf:ba:ae:
60:0a:2e:0a:a4:f0:24:ae:ed:5e:5e:b9:b1:62:bf:
db:c1:7f:44:a7:e9:31:a0:63:d5:4d:c6:44:d8:29:
ac:31:11:16:7e:b2:04:01:f9:a0:2d:8c:1f:d0:97:
06:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:42:99:33:34:73:C2:6F:B7:A2:19:FC:51:45:53:80:AB:47:D9:E0
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/NUKZMzRzwm-3ohn8UUVTgKtH2eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.174.0/23
91.192.82.0/24
93.189.59.0/24
185.224.251.0/24
213.183.34.0/23
Signature Algorithm: sha256WithRSAEncryption
59:69:9d:92:fc:99:9d:85:5a:1f:5b:cb:30:2b:c6:f3:08:a9:
d0:05:63:f4:1b:fc:e8:01:83:ef:75:72:af:08:01:2d:4c:7b:
b7:c2:12:b9:73:1b:9e:a0:33:ce:f1:40:86:24:ad:8f:2f:33:
0e:ac:ea:0b:36:90:67:8c:cc:d4:92:04:ca:ef:e6:a8:6d:89:
74:66:f1:e6:25:ac:f8:b3:29:77:30:99:30:7c:63:33:63:e5:
8b:8e:0d:21:99:1d:4e:a9:a2:31:92:b1:78:c4:3d:41:72:d0:
de:53:fd:4a:44:2b:be:b7:ad:ee:0e:aa:3b:a0:1a:35:a4:00:
f6:e4:85:36:84:7a:34:c0:57:43:8d:bb:2c:e1:63:6a:e6:ab:
88:d7:21:35:77:d5:62:06:bd:30:a3:bc:d0:59:c4:32:f6:15:
6e:4d:89:79:97:90:aa:a6:11:a9:2c:50:cf:1a:98:b3:d6:97:
bd:46:7c:e8:e4:63:11:53:e5:58:da:17:e1:03:bc:0f:1d:c7:
62:04:8b:69:63:e8:68:fe:81:7f:4a:9a:84:dc:84:78:cb:b0:
0c:93:6f:e7:51:3f:c9:30:76:ef:39:0c:4e:43:3a:74:29:b4:
19:f3:5d:21:cc:3f:e9:9c:8a:93:ba:b4:e6:b2:8b:ec:d0:14:
34:a8:f8:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuK3O1UwNMJ0jN+K7I5yEm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMxMTAxMTIzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQyOTkzMzM0NzNjMjZmYjdhMjE5ZmM1MTQ1NTM4MGFiNDdkOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVe083MAtVXU995LEVIy4O/3DjTy
uRh0k9PvP5HzH2S47HZX6cABJuR3Y5hMZT1BAnFyAfv6cp8D8Ph+Vg5KgmsMPR17
fx9HIlXNlxxnjSDv3TO464NBL6Ly9b8wMdG+xF782Y/gDRnw8m7I6dl3lbD8UUan
ndh+PnvnQnTxWNLHAhvIX5ivbnj4d+D70AnUrBdbsPeX657r4Ize0UInFZKz+7p2
A5WPx6EtHQL5xVwO/4ij1vzNypgp5A/0h2isWSp0itM7pb38GQ1dhcPPuq5gCi4K
pPAkru1eXrmxYr/bwX9Ep+kxoGPVTcZE2CmsMREWfrIEAfmgLYwf0JcGRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDVCmTM0c8Jvt6IZ/FFFU4CrR9ngMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvTlVLWk16Unp3bS0zb2huOFVVVlRnS3RIMmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBbyuAwQA
W8BSAwQAXb07AwQAueD7AwQB1bciMA0GCSqGSIb3DQEBCwUAA4IBAQBZaZ2S/Jmd
hVofW8swK8bzCKnQBWP0G/zoAYPvdXKvCAEtTHu3whK5cxueoDPO8UCGJK2PLzMO
rOoLNpBnjMzUkgTK7+aobYl0ZvHmJaz4syl3MJkwfGMzY+WLjg0hmR1OqaIxkrF4
xD1BctDeU/1KRCu+t63uDqo7oBo1pAD25IU2hHo0wFdDjbss4WNq5quI1yE1d9Vi
Br0wo7zQWcQy9hVuTYl5l5CqphGpLFDPGpiz1pe9Rnzo5GMRU+VY2hfhA7wPHcdi
BItpY+ho/oF/SpqE3IR4y7AMk2/nUT/JMHbvOQxOQzp0KbQZ810hzD/pnIqTurTm
sovs0BQ0qPiV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org