Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/NBuqD8w_Gxr_gcJlx-cUL9Om_tk.roa
File: NBuqD8w_Gxr_gcJlx-cUL9Om_tk.roa (raw, json)
Hash identifier: QrRkPv0a72CkbmlYVmqKLwOw2Ap/7JuId8QPWE8H/og=
Subject key identifier: 34:1B:AA:0F:CC:3F:1B:1A:FF:81:C2:65:C7:E7:14:2F:D3:A6:FE:D9
Certificate issuer: /CN=7238fbfea5768479c86300906e74eb254dcb5c69
Certificate serial: 0188244DDB13627945E247ED3450DFDCA9D9
Authority key identifier: 72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/NBuqD8w_Gxr_gcJlx-cUL9Om_tk.roa
Signing time: Tue 16 May 2023 11:24:22 +0000
ROA not before: Tue 16 May 2023 11:24:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210333
IP address blocks: 185.202.98.0/23 maxlen: 24
185.202.96.0/23 maxlen: 24
213.109.144.0/24 maxlen: 24
2a11:6a40:fff::/48 maxlen: 48
2a11:6a40::/40 maxlen: 48
2a11:6a40:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:4d:db:13:62:79:45:e2:47:ed:34:50:df:dc:a9:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7238fbfea5768479c86300906e74eb254dcb5c69
Validity
Not Before: May 16 11:24:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=341baa0fcc3f1b1aff81c265c7e7142fd3a6fed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:74:8d:1e:83:a2:75:06:75:09:f1:51:d1:08:
54:55:90:03:2b:00:a7:54:06:89:73:62:18:51:18:
24:f8:98:2e:7a:c8:7c:a3:55:97:a6:d5:a1:14:fa:
8f:98:b7:f6:87:0c:8c:5f:73:7e:c7:94:c4:d7:51:
8a:34:05:1d:3f:bf:72:cd:eb:9e:67:cb:97:f7:80:
a2:5b:eb:77:f6:03:97:ab:39:f1:43:fb:c9:3e:ac:
d6:a1:30:41:e4:c5:9e:28:72:ac:c6:3d:fa:66:51:
26:44:bf:6c:2b:32:de:95:7d:53:c3:0a:3a:a6:89:
c2:07:ba:f5:02:ad:2f:b2:de:45:2c:56:79:a8:a9:
18:5f:0d:14:3a:a4:71:0b:7b:d3:83:f8:e2:63:11:
d0:5f:bf:5a:ef:bf:d8:9d:c9:71:5c:8c:c2:41:4c:
46:5a:34:09:01:0d:c7:fc:84:7d:a2:dc:7b:c5:c3:
bc:9f:33:0b:50:6d:e1:1c:57:55:ee:e1:51:bd:93:
05:eb:96:1f:53:24:51:ee:bb:1b:d4:00:5b:59:77:
e3:5a:91:f6:7c:32:bb:21:d5:71:b2:80:24:e7:90:
27:41:ed:97:fc:e6:6e:c1:36:e3:33:37:3e:a0:8b:
b2:8a:88:f0:f5:bb:2c:59:d0:0d:b2:24:e0:2c:c6:
3f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1B:AA:0F:CC:3F:1B:1A:FF:81:C2:65:C7:E7:14:2F:D3:A6:FE:D9
X509v3 Authority Key Identifier:
keyid:72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/NBuqD8w_Gxr_gcJlx-cUL9Om_tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/cjj7_qV2hHnIYwCQbnTrJU3LXGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.96.0/22
213.109.144.0/24
IPv6:
2a11:6a40::/39
2a11:6a40:fff::/48
Signature Algorithm: sha256WithRSAEncryption
d8:cc:e4:0c:7a:a1:0b:ed:f8:0e:ca:e1:cc:2d:b1:ce:ad:87:
76:8d:3c:cd:50:6b:21:c9:b3:24:46:a1:70:98:62:6f:8d:81:
88:9a:80:fb:66:fc:00:65:7b:5a:28:05:d5:80:7c:82:ee:d1:
68:c9:3a:3f:0b:e3:c1:41:1a:05:35:d9:3e:12:d8:3b:41:0a:
82:bb:a9:8d:68:c2:1e:48:44:26:4a:fa:90:af:b2:36:5f:3b:
1d:00:65:07:01:74:df:ab:c8:15:1b:7e:d6:83:34:9a:84:24:
ee:fc:69:d0:9d:5b:65:bb:31:36:c2:50:27:e5:97:5b:11:5c:
52:35:60:9b:45:4f:9c:5c:7c:c9:e3:48:2f:c9:4d:f2:cf:58:
8e:4c:1a:66:ef:ff:1b:dc:a4:bc:8e:e3:c1:c3:c5:48:31:05:
26:64:60:ee:9c:99:c8:bb:62:9a:00:be:dd:b0:57:25:3b:44:
33:03:8e:06:dd:ab:d6:78:b6:ea:ad:27:ed:07:be:fe:ef:7c:
b8:20:e5:18:3f:d9:e9:fb:28:af:72:4b:47:26:ea:1c:4b:38:
e7:ac:59:3d:a6:bc:6f:80:da:9a:db:69:9c:91:52:4b:ea:6a:
34:1b:f8:21:eb:f2:a7:d3:a2:aa:80:42:b6:3b:41:dd:42:5d:
0f:56:80:df
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYgkTdsTYnlF4kftNFDf3KnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzhmYmZlYTU3Njg0NzljODYzMDA5MDZlNzRlYjI1NGRj
YjVjNjkwHhcNMjMwNTE2MTEyNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFiYWEwZmNjM2YxYjFhZmY4MWMyNjVjN2U3MTQyZmQzYTZmZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHSNHoOidQZ1CfFR0QhUVZADKwCn
VAaJc2IYURgk+Jguesh8o1WXptWhFPqPmLf2hwyMX3N+x5TE11GKNAUdP79yzeue
Z8uX94CiW+t39gOXqznxQ/vJPqzWoTBB5MWeKHKsxj36ZlEmRL9sKzLelX1Twwo6
ponCB7r1Aq0vst5FLFZ5qKkYXw0UOqRxC3vTg/jiYxHQX79a77/YnclxXIzCQUxG
WjQJAQ3H/IR9otx7xcO8nzMLUG3hHFdV7uFRvZMF65YfUyRR7rsb1ABbWXfjWpH2
fDK7IdVxsoAk55AnQe2X/OZuwTbjMzc+oIuyiojw9bssWdANsiTgLMY/MwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDQbqg/MPxsa/4HCZcfnFC/Tpv7ZMB8GA1UdIwQY
MBaAFHI4+/6ldoR5yGMAkG506yVNy1xpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEt
YmUxMGU4YjRhMDBlLzEvTkJ1cUQ4d19HeHJfZ2NKbHgtY1VMOU9tX3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEtYmUxMGU4YjRhMDBl
LzEvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCucpgAwQA
1W2QMBcEAgACMBEDBgEqEWpAAAMHACoRakAP/zANBgkqhkiG9w0BAQsFAAOCAQEA
2MzkDHqhC+34DsrhzC2xzq2Hdo08zVBrIcmzJEahcJhib42BiJqA+2b8AGV7WigF
1YB8gu7RaMk6PwvjwUEaBTXZPhLYO0EKgrupjWjCHkhEJkr6kK+yNl87HQBlBwF0
36vIFRt+1oM0moQk7vxp0J1bZbsxNsJQJ+WXWxFcUjVgm0VPnFx8yeNIL8lN8s9Y
jkwaZu//G9ykvI7jwcPFSDEFJmRg7pyZyLtimgC+3bBXJTtEMwOOBt2r1ni26q0n
7Qe+/u98uCDlGD/Z6fsor3JLRybqHEs456xZPaa8b4DamttpnJFSS+pqNBv4Ievy
p9OiqoBCtjtB3UJdD1aA3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org