Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa
File: nCjghDSegrUHUO80nP9ygY_aIPc.roa (raw, json)
Hash identifier: snlbNOZUbwgPeQDLqDNHGN4LGfNhaaW4qZxmIkpgko4=
Subject key identifier: 9C:28:E0:84:34:9E:82:B5:07:50:EF:34:9C:FF:72:81:8F:DA:20:F7
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 018E3757CE40C1BEAAC350CF78768088C714
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa
Signing time: Wed 13 Mar 2024 10:24:45 +0000
ROA not before: Wed 13 Mar 2024 10:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 16:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:57:ce:40:c1:be:aa:c3:50:cf:78:76:80:88:c7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 13 10:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c28e084349e82b50750ef349cff72818fda20f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:55:6e:60:23:f5:c6:05:27:ac:21:3d:ef:2c:
8b:db:c4:fb:02:23:94:01:1f:b5:11:6c:fa:e3:07:
80:a4:d5:86:eb:e5:14:b5:4f:7a:ea:c5:39:01:63:
aa:4f:dc:9a:7a:9d:c5:34:0c:ad:8d:77:2c:9d:63:
f0:2b:0e:65:8b:1d:3d:8c:62:62:a8:bb:1b:63:06:
9b:b8:71:dd:f3:49:d8:26:87:26:11:8c:0c:68:f4:
26:23:8c:11:c6:43:4a:c1:0f:54:87:5d:87:ab:fa:
62:14:7f:2f:84:a9:12:3b:68:90:ed:62:75:71:db:
1a:89:aa:af:9e:7e:e1:2c:ba:0e:12:91:d7:55:54:
26:ba:54:a4:38:75:68:fb:9b:b3:73:08:41:5d:e2:
97:84:e7:44:a1:96:2d:58:5b:2d:bf:3c:2b:5e:ba:
8e:53:8c:e3:ba:10:51:2d:23:5a:40:c8:ce:a9:bf:
2e:09:1d:79:83:4c:55:c3:33:be:37:4b:4b:87:e8:
4f:bb:f6:b7:18:0b:a3:e8:56:e4:2c:bb:b7:a9:f3:
8a:5b:5d:0c:b4:d9:29:8e:db:6e:f6:f1:eb:ad:4b:
ac:41:b5:79:f4:24:e5:e8:bd:fb:84:22:88:69:62:
0c:3d:e8:f5:80:e8:9f:8e:de:9c:02:d0:26:4b:ab:
f1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:28:E0:84:34:9E:82:B5:07:50:EF:34:9C:FF:72:81:8F:DA:20:F7
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a4:a5:84:e8:fe:2d:e9:33:a8:67:e2:00:73:54:42:dd:ad:
ba:12:8f:17:6b:bf:91:ea:2f:3f:bc:1b:64:b2:87:59:3c:a8:
9d:54:92:a2:e5:61:56:2a:93:e7:ae:38:44:35:e4:fe:e4:34:
6c:63:0c:cb:db:26:73:ec:62:45:ee:9b:62:a7:a8:0b:b3:53:
51:00:f0:b7:ee:d0:2f:0e:bb:e1:3f:2c:04:9d:de:94:fc:93:
13:15:eb:db:a2:e4:c3:46:87:4a:0e:3c:bb:0a:a7:e6:fd:e2:
72:b2:4d:85:22:21:0e:b9:29:e1:56:80:f8:3e:b1:4a:ff:7d:
05:56:b0:3d:48:82:0a:26:40:55:91:7e:94:60:da:01:79:24:
2f:1a:bb:5c:fa:fd:cb:3f:87:2d:20:23:c0:54:c3:9d:61:35:
23:43:c2:80:7d:56:35:6d:2f:64:5b:4a:a9:95:7d:e5:fe:a5:
a7:12:68:69:c4:b1:d9:e3:35:c0:63:ca:b8:15:62:ba:6a:71:
72:4b:86:79:62:6c:8b:c7:28:dd:45:49:a4:55:2a:c2:82:2f:
79:71:78:17:30:ed:9a:99:84:3e:79:76:66:8b:32:fa:84:47:
e4:0b:1e:22:58:65:db:34:5e:cd:94:4f:30:a5:b3:c0:78:e8:
36:33:5b:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY43V85Awb6qw1DPeHaAiMcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjQwMzEzMTAyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI4ZTA4NDM0OWU4MmI1MDc1MGVmMzQ5Y2ZmNzI4MThmZGEyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFVuYCP1xgUnrCE97yyL28T7AiOU
AR+1EWz64weApNWG6+UUtU966sU5AWOqT9yaep3FNAytjXcsnWPwKw5lix09jGJi
qLsbYwabuHHd80nYJocmEYwMaPQmI4wRxkNKwQ9Uh12Hq/piFH8vhKkSO2iQ7WJ1
cdsaiaqvnn7hLLoOEpHXVVQmulSkOHVo+5uzcwhBXeKXhOdEoZYtWFstvzwrXrqO
U4zjuhBRLSNaQMjOqb8uCR15g0xVwzO+N0tLh+hPu/a3GAuj6FbkLLu3qfOKW10M
tNkpjttu9vHrrUusQbV59CTl6L37hCKIaWIMPej1gOifjt6cAtAmS6vxAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwo4IQ0noK1B1DvNJz/coGP2iD3MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvbkNqZ2hEU2VnclVIVU84MG5QOXlnWV9hSVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAub3gAwQA
ucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBipKWE6P4t6TOoZ+IAc1RC3a26
Eo8Xa7+R6i8/vBtksodZPKidVJKi5WFWKpPnrjhENeT+5DRsYwzL2yZz7GJF7pti
p6gLs1NRAPC37tAvDrvhPywEnd6U/JMTFevbouTDRodKDjy7Cqfm/eJysk2FIiEO
uSnhVoD4PrFK/30FVrA9SIIKJkBVkX6UYNoBeSQvGrtc+v3LP4ctICPAVMOdYTUj
Q8KAfVY1bS9kW0qplX3l/qWnEmhpxLHZ4zXAY8q4FWK6anFyS4Z5YmyLxyjdRUmk
VSrCgi95cXgXMO2amYQ+eXZmizL6hEfkCx4iWGXbNF7NlE8wpbPAeOg2M1sD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org