Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/nXcd68FA6wzEBrKowRhwqwGa0wc.roa
File: nXcd68FA6wzEBrKowRhwqwGa0wc.roa (raw, json)
Hash identifier: COA2j9H9lF4n8M+o6lTXEow6KedsZ5b6uvstYrcIQWQ=
Subject key identifier: 9D:77:1D:EB:C1:40:EB:0C:C4:06:B2:A8:C1:18:70:AB:01:9A:D3:07
Certificate issuer: /CN=2f407dea499d73d7ebd4e68825188687559cb1f9
Certificate serial: 018CC5DC6C8BC360D1314DAA3C7469E1CA2F
Authority key identifier: 2F:40:7D:EA:49:9D:73:D7:EB:D4:E6:88:25:18:86:87:55:9C:B1:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L0B96kmdc9fr1OaIJRiGh1Wcsfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/nXcd68FA6wzEBrKowRhwqwGa0wc.roa
Signing time: Mon 01 Jan 2024 16:30:06 +0000
ROA not before: Mon 01 Jan 2024 16:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207143
IP address blocks: 194.56.191.0/24 maxlen: 24
194.56.190.0/24 maxlen: 24
194.56.189.0/24 maxlen: 24
194.56.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:6c:8b:c3:60:d1:31:4d:aa:3c:74:69:e1:ca:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f407dea499d73d7ebd4e68825188687559cb1f9
Validity
Not Before: Jan 1 16:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d771debc140eb0cc406b2a8c11870ab019ad307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:64:5e:ca:60:63:77:bd:58:f5:77:ba:66:c2:
e7:b0:af:66:fd:5b:31:09:f8:3e:a6:05:37:2a:3b:
19:fe:89:77:e3:c7:f7:a4:d3:99:58:e7:e2:75:49:
21:15:a0:a0:a2:46:3e:fb:3f:86:f9:38:56:27:a8:
18:db:ed:64:fc:00:a1:42:33:24:ca:dc:9c:13:e9:
6d:86:2b:c3:a1:4f:60:0e:55:8e:61:19:1d:bd:24:
f0:33:06:2e:ca:aa:b6:87:f6:bf:5c:35:d8:ae:ca:
22:63:ce:a9:96:fb:3b:c7:a4:8f:b7:34:55:db:19:
18:96:c1:af:52:91:b2:e9:40:4e:4a:73:1c:c7:86:
b7:12:2e:0b:df:9b:1a:b9:8d:d2:75:3d:9b:02:01:
b0:b2:67:52:de:58:40:dc:48:dd:b0:05:d3:e0:25:
8f:56:fd:e0:be:61:8e:62:34:f4:33:5c:79:b3:db:
ed:7a:55:de:dd:bc:d4:e3:98:bf:8a:1d:63:47:51:
3e:0b:c0:04:e4:41:91:da:3e:37:4b:f1:18:62:52:
d8:a1:5f:db:44:c9:d7:22:1b:8b:b1:fe:90:e6:50:
59:33:8f:64:94:52:26:a6:25:cb:3e:03:bd:80:38:
b7:5c:25:fa:5a:3b:29:61:b7:76:cb:b5:65:38:ce:
6e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:77:1D:EB:C1:40:EB:0C:C4:06:B2:A8:C1:18:70:AB:01:9A:D3:07
X509v3 Authority Key Identifier:
keyid:2F:40:7D:EA:49:9D:73:D7:EB:D4:E6:88:25:18:86:87:55:9C:B1:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L0B96kmdc9fr1OaIJRiGh1Wcsfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/nXcd68FA6wzEBrKowRhwqwGa0wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/L0B96kmdc9fr1OaIJRiGh1Wcsfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.188.0/22
Signature Algorithm: sha256WithRSAEncryption
98:f9:22:5c:f7:00:bf:d8:9f:07:bf:f9:92:54:3f:ab:bb:f0:
b8:68:b5:71:1d:db:5b:4c:b2:dc:8e:91:1f:e7:55:d9:77:b9:
7a:ea:99:cd:40:a4:9b:d4:07:ad:84:b0:77:be:14:05:4d:95:
6c:2b:89:7e:b8:1f:9f:20:dd:2a:d4:5e:c0:5c:0a:e4:11:94:
9c:96:f3:23:d4:d5:ca:c7:3f:14:ce:9b:66:00:db:79:14:2e:
9c:86:da:4b:72:66:5b:e2:74:16:76:47:d7:28:46:92:26:29:
e4:fa:32:6a:b7:18:88:00:37:7e:c5:88:34:5f:e2:3f:53:30:
ae:65:fa:d9:e0:77:88:d5:38:71:b2:17:63:e1:cc:06:ea:a4:
85:9f:ea:a0:05:24:64:6a:99:fc:d5:13:0e:36:a9:ee:d6:1d:
93:a2:b6:da:0a:bc:65:80:24:c4:b4:53:08:ff:77:0a:17:30:
37:3b:dd:f5:e0:04:0b:5e:ec:ac:69:25:6e:90:16:9b:96:a5:
87:be:91:48:ac:f7:e4:16:4f:28:ca:ac:c0:2c:74:42:f9:ff:
ef:80:e8:f6:07:33:54:1a:af:fb:6e:a5:77:2c:d8:90:e8:ef:
30:59:03:a1:ba:66:dd:3f:99:f7:7c:b2:45:1b:d4:79:11:58:
dc:f7:47:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3GyLw2DRMU2qPHRp4covMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNDA3ZGVhNDk5ZDczZDdlYmQ0ZTY4ODI1MTg4Njg3NTU5
Y2IxZjkwHhcNMjQwMTAxMTYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc3MWRlYmMxNDBlYjBjYzQwNmIyYThjMTE4NzBhYjAxOWFkMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2ReymBjd71Y9Xe6ZsLnsK9m/Vsx
Cfg+pgU3KjsZ/ol348f3pNOZWOfidUkhFaCgokY++z+G+ThWJ6gY2+1k/AChQjMk
ytycE+lthivDoU9gDlWOYRkdvSTwMwYuyqq2h/a/XDXYrsoiY86plvs7x6SPtzRV
2xkYlsGvUpGy6UBOSnMcx4a3Ei4L35sauY3SdT2bAgGwsmdS3lhA3EjdsAXT4CWP
Vv3gvmGOYjT0M1x5s9vtelXe3bzU45i/ih1jR1E+C8AE5EGR2j43S/EYYlLYoV/b
RMnXIhuLsf6Q5lBZM49klFImpiXLPgO9gDi3XCX6WjspYbd2y7VlOM5uVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ13HevBQOsMxAayqMEYcKsBmtMHMB8GA1UdIwQY
MBaAFC9AfepJnXPX69TmiCUYhodVnLH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDBCOTZrbWRjOWZyMU9hSUpSaUdoMVdjc2ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOWE0YWMtYjY3MS00MTFiLWFjNDct
MTkwMDVjYjk4OTg5LzEvblhjZDY4RkE2d3pFQnJLb3dSaHdxd0dhMHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOWE0YWMtYjY3MS00MTFiLWFjNDctMTkwMDVjYjk4OTg5
LzEvTDBCOTZrbWRjOWZyMU9hSUpSaUdoMVdjc2ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwji8MA0G
CSqGSIb3DQEBCwUAA4IBAQCY+SJc9wC/2J8Hv/mSVD+ru/C4aLVxHdtbTLLcjpEf
51XZd7l66pnNQKSb1AethLB3vhQFTZVsK4l+uB+fIN0q1F7AXArkEZSclvMj1NXK
xz8UzptmANt5FC6chtpLcmZb4nQWdkfXKEaSJink+jJqtxiIADd+xYg0X+I/UzCu
ZfrZ4HeI1Thxshdj4cwG6qSFn+qgBSRkapn81RMONqnu1h2TorbaCrxlgCTEtFMI
/3cKFzA3O9314AQLXuysaSVukBablqWHvpFIrPfkFk8oyqzALHRC+f/vgOj2BzNU
Gq/7bqV3LNiQ6O8wWQOhumbdP5n3fLJFG9R5EVjc90e7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:01 2025 by rpki-client