Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NKTfhaynuJikCOogT3iqVZYPPlY.roa
File: NKTfhaynuJikCOogT3iqVZYPPlY.roa (raw, json)
Hash identifier: UbQmJTpXODvPpPEwff/DbF9QubJQYm387FRfIMAqhyo=
Subject key identifier: 34:A4:DF:85:AC:A7:B8:98:A4:08:EA:20:4F:78:AA:55:96:0F:3E:56
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC98305F7BA56107195B87D5F63359
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NKTfhaynuJikCOogT3iqVZYPPlY.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 88.151.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:98:30:5f:7b:a5:61:07:19:5b:87:d5:f6:33:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34a4df85aca7b898a408ea204f78aa55960f3e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:81:58:b9:48:0e:95:2a:77:49:79:ed:28:f7:
87:4e:ea:66:bd:78:d6:da:08:fd:12:ee:9a:2c:b0:
46:4d:43:90:81:5c:11:c5:e5:a2:eb:8d:89:56:04:
79:7d:1f:7e:77:86:1b:e7:1d:44:b5:43:2e:9d:2c:
9b:d5:8f:28:e7:b9:bc:18:15:03:37:9c:ef:e9:93:
84:f1:63:30:df:d9:26:df:28:03:85:e9:c4:80:f3:
23:38:ea:e4:29:61:76:b0:5b:08:40:4d:d4:4b:9a:
87:d2:f0:c1:77:9f:dd:a9:05:20:f7:fd:5c:12:d6:
0e:b8:5f:fa:c7:4e:dc:6f:e0:e0:53:e0:62:74:e7:
24:45:66:ef:9b:7e:f6:11:28:c8:6a:08:1c:37:8a:
d1:97:83:3e:aa:5d:b8:55:1f:73:8f:e2:33:e7:8e:
52:c0:0e:8f:68:ba:c4:8a:c7:22:03:0d:e7:a8:12:
9f:ce:42:d4:fc:2e:56:65:dd:af:b7:04:de:c4:b1:
79:71:69:91:2c:00:52:54:4e:f2:c8:59:53:89:31:
85:a3:c9:ad:a9:8d:5c:1d:62:61:af:e2:f3:8f:8c:
f0:55:73:f3:31:53:02:4e:ff:f2:0c:66:2d:3b:ee:
48:a5:9d:8c:e4:f8:95:26:28:58:e9:fe:22:aa:c5:
3f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A4:DF:85:AC:A7:B8:98:A4:08:EA:20:4F:78:AA:55:96:0F:3E:56
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NKTfhaynuJikCOogT3iqVZYPPlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:29:74:99:cd:6d:3a:b5:e1:9c:69:75:8c:fa:84:88:a6:05:
a6:b3:cc:ec:5f:a0:2c:01:3d:df:ce:57:0c:c9:fc:0a:ae:4b:
3a:28:95:50:76:92:f1:03:62:f9:70:47:92:bf:1b:a2:c4:f0:
e3:6b:33:a5:d6:e8:8f:b2:84:8d:9f:3b:4d:35:6d:1d:b0:07:
a3:79:8c:e6:70:ac:a5:96:22:05:bc:60:85:cf:94:ce:fa:cd:
9b:52:b1:8a:6a:c6:e2:d4:c8:68:c3:ee:e0:4d:93:44:45:a9:
ac:87:5d:6d:44:23:6c:a9:a4:03:57:87:3b:f7:e0:54:c3:e1:
6b:17:10:4e:02:d8:25:07:4d:e6:ff:52:21:e3:84:5b:0c:ba:
fc:55:1f:92:09:63:b4:16:7c:23:39:f1:ef:ff:0b:9e:2a:37:
3c:cf:b4:d3:ec:0c:ea:0d:ae:58:70:f2:01:24:b0:c0:b1:fa:
66:88:c6:29:8d:07:0d:1b:6c:5a:33:8f:c4:db:74:cf:12:bd:
f2:37:c4:cf:02:c8:e5:a6:d4:d0:0d:49:c9:e1:bb:d3:19:de:
93:8e:28:52:ae:80:a9:b6:df:47:91:ec:da:c9:d3:47:1e:fe:
dd:94:de:8b:f6:73:4f:de:42:9a:fe:c4:54:25:60:be:99:8e:
79:f5:83:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3JgwX3ulYQcZW4fV9jNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE0ZGY4NWFjYTdiODk4YTQwOGVhMjA0Zjc4YWE1NTk2MGYzZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIFYuUgOlSp3SXntKPeHTupmvXjW
2gj9Eu6aLLBGTUOQgVwRxeWi642JVgR5fR9+d4Yb5x1EtUMunSyb1Y8o57m8GBUD
N5zv6ZOE8WMw39km3ygDhenEgPMjOOrkKWF2sFsIQE3US5qH0vDBd5/dqQUg9/1c
EtYOuF/6x07cb+DgU+BidOckRWbvm372ESjIaggcN4rRl4M+ql24VR9zj+Iz545S
wA6PaLrEisciAw3nqBKfzkLU/C5WZd2vtwTexLF5cWmRLABSVE7yyFlTiTGFo8mt
qY1cHWJhr+Lzj4zwVXPzMVMCTv/yDGYtO+5IpZ2M5PiVJihY6f4iqsU/BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSk34Wsp7iYpAjqIE94qlWWDz5WMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTktUZmhheW51SmlrQ09vZ1QzaXFWWllQUGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJfHMA0G
CSqGSIb3DQEBCwUAA4IBAQC4KXSZzW06teGcaXWM+oSIpgWms8zsX6AsAT3fzlcM
yfwKrks6KJVQdpLxA2L5cEeSvxuixPDjazOl1uiPsoSNnztNNW0dsAejeYzmcKyl
liIFvGCFz5TO+s2bUrGKasbi1Mhow+7gTZNERamsh11tRCNsqaQDV4c79+BUw+Fr
FxBOAtglB03m/1Ih44RbDLr8VR+SCWO0FnwjOfHv/wueKjc8z7TT7AzqDa5YcPIB
JLDAsfpmiMYpjQcNG2xaM4/E23TPEr3yN8TPAsjlptTQDUnJ4bvTGd6TjihSroCp
tt9HkezaydNHHv7dlN6L9nNP3kKa/sRUJWC+mY559YMG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:25 2025 by rpki-client