Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NvPQ7zM1VpGfOlkquVWoQuxzOKM.roa
File: NvPQ7zM1VpGfOlkquVWoQuxzOKM.roa (raw, json)
Hash identifier: b6/H+IK/dglYRVRZ+oAG/iKoFwhd+bjVmLcpW3rKJ6I=
Subject key identifier: 36:F3:D0:EF:33:35:56:91:9F:3A:59:2A:B9:55:A8:42:EC:73:38:A3
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FBA48CD95F54640BD611C1FC98A1ED
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NvPQ7zM1VpGfOlkquVWoQuxzOKM.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 88.209.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 15:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a4:8c:d9:5f:54:64:0b:d6:11:c1:fc:98:a1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36f3d0ef333556919f3a592ab955a842ec7338a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:a1:f8:b0:1e:3f:f5:f1:9f:74:9c:c7:28:
1d:28:a0:ba:a0:1d:08:09:17:cd:71:e0:ac:12:2e:
7a:91:05:69:5d:4d:14:98:5b:ab:c1:3a:fc:f8:b5:
28:b9:79:db:3d:9d:20:46:9b:f3:7d:80:db:9f:82:
b4:c8:63:78:04:a7:77:80:f1:32:f1:2a:41:c5:28:
a8:7e:8c:74:11:0f:54:af:b4:5b:ce:1a:e2:b8:b1:
f9:26:7e:6a:2e:0a:5f:b4:f4:48:68:e9:f0:e8:03:
86:14:49:a3:e7:a8:ff:f4:03:5c:81:13:bd:bb:c9:
f4:57:d2:be:9f:7f:11:b2:37:84:65:9b:34:d7:b2:
f8:0d:0c:2b:1b:b9:55:c6:2b:f2:e8:cc:72:9f:e5:
66:c6:75:82:66:d9:3b:3d:ce:a4:6c:0f:9a:79:61:
99:3e:74:d3:4b:a6:7e:86:fd:58:53:ee:eb:2f:ec:
62:a1:10:82:7f:b4:49:84:dc:b4:7a:e8:c7:ae:ee:
93:4d:1b:30:7f:8c:23:46:48:dd:cd:4f:98:58:7d:
dd:e8:2e:80:72:ec:10:20:8d:79:bd:93:16:77:33:
99:75:8c:d6:f8:81:3d:35:37:68:91:77:3d:57:4b:
e5:a2:f9:1f:d3:47:01:37:57:1e:67:6d:bc:36:76:
84:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F3:D0:EF:33:35:56:91:9F:3A:59:2A:B9:55:A8:42:EC:73:38:A3
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NvPQ7zM1VpGfOlkquVWoQuxzOKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.195.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:fc:9f:e6:65:b1:33:0a:8c:ed:b7:bf:88:cd:2f:37:7e:cb:
25:c3:66:3e:16:ed:d6:cc:ec:43:35:29:25:6c:fa:04:48:6d:
0a:77:3b:e0:41:cc:aa:d7:28:6c:52:cb:34:5e:39:f0:64:70:
9b:e2:d6:ae:72:6b:a4:70:f8:b1:a3:26:d3:67:fd:ab:92:14:
74:92:b5:c4:56:04:b1:a0:97:ff:14:d3:23:9a:7a:40:f0:90:
bb:f3:8a:19:56:42:70:92:4d:ea:81:cf:ce:60:ed:69:9a:79:
32:0d:84:63:9b:f9:5c:ff:48:c8:3a:c1:b7:84:8a:e7:d9:81:
0a:0c:02:e4:e8:72:cb:be:e4:3f:f7:12:9d:a4:a9:3b:50:54:
02:31:cb:28:e5:e2:12:a1:13:13:50:54:d5:fb:75:36:a2:cc:
8d:f4:c5:c8:22:6b:93:69:fe:f0:b1:b0:32:ce:55:d7:79:a8:
39:7d:8d:03:ec:ae:ed:ec:d9:00:86:08:ee:17:aa:f9:24:95:
57:68:db:02:2a:2c:c5:16:1e:10:6f:94:f8:17:76:69:3f:74:
2d:a0:3a:ae:b0:11:bb:82:ae:ff:4b:65:39:14:a4:54:25:21:
c4:9e:22:39:c3:3c:e2:2e:ee:81:80:30:55:c9:fe:40:0f:c6:
77:4e:1c:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+6SM2V9UZAvWEcH8mKHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYzZDBlZjMzMzU1NjkxOWYzYTU5MmFiOTU1YTg0MmVjNzMzOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq+h+LAeP/Xxn3ScxygdKKC6oB0I
CRfNceCsEi56kQVpXU0UmFurwTr8+LUouXnbPZ0gRpvzfYDbn4K0yGN4BKd3gPEy
8SpBxSiofox0EQ9Ur7RbzhriuLH5Jn5qLgpftPRIaOnw6AOGFEmj56j/9ANcgRO9
u8n0V9K+n38RsjeEZZs017L4DQwrG7lVxivy6Mxyn+VmxnWCZtk7Pc6kbA+aeWGZ
PnTTS6Z+hv1YU+7rL+xioRCCf7RJhNy0eujHru6TTRswf4wjRkjdzU+YWH3d6C6A
cuwQII15vZMWdzOZdYzW+IE9NTdokXc9V0vlovkf00cBN1ceZ228NnaELQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbz0O8zNVaRnzpZKrlVqELsczijMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTnZQUTd6TTFWcEdmT2xrcXVWV29RdXh6T0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHDMA0G
CSqGSIb3DQEBCwUAA4IBAQAb/J/mZbEzCoztt7+IzS83fsslw2Y+Fu3WzOxDNSkl
bPoESG0KdzvgQcyq1yhsUss0XjnwZHCb4taucmukcPixoybTZ/2rkhR0krXEVgSx
oJf/FNMjmnpA8JC784oZVkJwkk3qgc/OYO1pmnkyDYRjm/lc/0jIOsG3hIrn2YEK
DALk6HLLvuQ/9xKdpKk7UFQCMcso5eISoRMTUFTV+3U2osyN9MXIImuTaf7wsbAy
zlXXeag5fY0D7K7t7NkAhgjuF6r5JJVXaNsCKizFFh4Qb5T4F3ZpP3QtoDqusBG7
gq7/S2U5FKRUJSHEniI5wzziLu6BgDBVyf5AD8Z3ThwD
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:19:42 2025 by rpki-client