Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/NPQmizhflzOxLQEX__XQz2Cd1xI.roa
File: NPQmizhflzOxLQEX__XQz2Cd1xI.roa (raw, json)
Hash identifier: cRLLbtLsf1ofdc0HSvMKoyD3MSxhAUEdMVvHRdlDnpk=
Subject key identifier: 34:F4:26:8B:38:5F:97:33:B1:2D:01:17:FF:F5:D0:CF:60:9D:D7:12
Certificate issuer: /CN=23f8c999b30ce248e6c468c784d64d72f963e938
Certificate serial: 0188BE6E0D5B506901F8766052A1669BF3B8
Authority key identifier: 23:F8:C9:99:B3:0C:E2:48:E6:C4:68:C7:84:D6:4D:72:F9:63:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/NPQmizhflzOxLQEX__XQz2Cd1xI.roa
Signing time: Thu 15 Jun 2023 09:41:03 +0000
ROA not before: Thu 15 Jun 2023 09:41:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198948
IP address blocks: 178.218.193.0/24 maxlen: 24
91.239.248.0/22 maxlen: 22
185.129.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 12:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:6e:0d:5b:50:69:01:f8:76:60:52:a1:66:9b:f3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f8c999b30ce248e6c468c784d64d72f963e938
Validity
Not Before: Jun 15 09:41:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f4268b385f9733b12d0117fff5d0cf609dd712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:10:96:b1:f6:42:ca:0d:4b:22:64:aa:02:50:
90:f8:be:20:d7:53:0a:86:fa:49:09:e2:db:69:2e:
38:14:c1:0b:23:dc:54:ab:94:e2:95:07:d5:cd:ed:
0e:72:e1:41:df:1d:ee:7e:8f:cc:17:a4:20:c2:d3:
88:af:fc:b8:d1:98:d4:a1:38:de:d4:08:2a:86:39:
1b:e7:bf:3f:82:a8:e4:37:24:3e:f2:63:51:fa:8c:
96:40:27:91:ce:ba:6e:ac:bf:f2:b2:e3:88:51:87:
d3:2f:51:53:41:a2:f1:83:00:cb:28:e8:62:4b:b7:
d4:6b:d8:ca:7f:3f:ec:88:f0:45:19:b6:fb:df:00:
6c:73:1d:ac:21:d9:3a:19:b2:74:00:3f:62:45:b8:
88:4f:b8:ce:41:14:8a:34:59:19:4e:a3:45:c2:79:
3b:a7:40:ee:8d:bf:07:14:c1:c8:4b:be:07:7e:f4:
ad:9b:cb:6d:f2:09:b7:c3:18:ee:80:23:24:51:29:
7e:76:7f:b4:af:08:6f:ef:b8:71:61:61:fa:fd:da:
1b:a6:1b:57:66:c4:22:07:61:a4:b1:e2:96:43:de:
da:20:71:f7:79:57:95:6b:a6:af:9d:22:ad:4b:64:
57:35:7b:ba:cf:46:e1:5e:6f:25:ab:29:2d:fa:f6:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F4:26:8B:38:5F:97:33:B1:2D:01:17:FF:F5:D0:CF:60:9D:D7:12
X509v3 Authority Key Identifier:
keyid:23:F8:C9:99:B3:0C:E2:48:E6:C4:68:C7:84:D6:4D:72:F9:63:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/NPQmizhflzOxLQEX__XQz2Cd1xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.248.0/22
178.218.193.0/24
185.129.112.0/22
Signature Algorithm: sha256WithRSAEncryption
80:5b:f5:9b:de:0d:48:02:75:f0:6c:b2:4f:1b:dd:39:65:a7:
57:49:83:51:30:4e:95:88:28:cd:99:35:1b:c5:e2:8e:a4:9c:
4e:f8:a1:57:3b:17:5e:ff:7f:eb:38:d1:5f:f1:1e:9c:73:07:
56:60:9c:44:b5:ed:f8:88:59:ce:ba:05:82:6d:e7:42:88:17:
2e:2d:2e:09:ec:87:33:d9:b9:ed:3f:7c:08:80:a9:db:e3:2f:
48:22:b6:29:ce:6e:e1:86:fc:d8:9f:38:45:1c:a1:7b:b5:1b:
8f:53:a7:b6:35:69:7d:d3:ab:aa:86:b1:dc:d7:4b:03:79:f9:
1b:fa:a3:cb:21:47:cf:74:dc:b3:5a:ea:4a:d3:e5:86:bc:aa:
5f:7b:5f:d0:2a:c8:17:20:b3:71:36:07:b6:07:fd:33:b8:51:
90:05:36:f1:00:c0:2c:d8:3a:f5:08:b7:4e:cf:8a:8f:4a:f6:
d9:97:13:b0:c8:2e:fb:00:01:bc:73:9a:cc:1c:7f:8f:6d:86:
a4:41:67:c9:a6:4b:9f:8c:96:d6:a3:00:1f:95:07:a6:bb:f4:
24:ec:93:04:1a:38:f9:4b:66:57:29:72:a5:bb:47:04:0d:4e:
ab:53:dd:44:cf:70:7c:07:7f:5d:93:dc:41:c5:83:6b:22:4f:
7a:ca:2b:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi+bg1bUGkB+HZgUqFmm/O4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjhjOTk5YjMwY2UyNDhlNmM0NjhjNzg0ZDY0ZDcyZjk2
M2U5MzgwHhcNMjMwNjE1MDk0MTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY0MjY4YjM4NWY5NzMzYjEyZDAxMTdmZmY1ZDBjZjYwOWRkNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihCWsfZCyg1LImSqAlCQ+L4g11MK
hvpJCeLbaS44FMELI9xUq5TilQfVze0OcuFB3x3ufo/MF6QgwtOIr/y40ZjUoTje
1Agqhjkb578/gqjkNyQ+8mNR+oyWQCeRzrpurL/ysuOIUYfTL1FTQaLxgwDLKOhi
S7fUa9jKfz/siPBFGbb73wBscx2sIdk6GbJ0AD9iRbiIT7jOQRSKNFkZTqNFwnk7
p0Dujb8HFMHIS74HfvStm8tt8gm3wxjugCMkUSl+dn+0rwhv77hxYWH6/dobphtX
ZsQiB2GkseKWQ97aIHH3eVeVa6avnSKtS2RXNXu6z0bhXm8lqykt+vbz4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDT0Jos4X5czsS0BF//10M9gndcSMB8GA1UdIwQY
MBaAFCP4yZmzDOJI5sRox4TWTXL5Y+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9qSm1iTU00a2pteEdqSGhOWk5jdmxqNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84NTMyMTgtYWM2ZS00ZjljLWE5NTkt
M2RmNTQ5YTA2ZDViLzEvTlBRbWl6aGZsek94TFFFWF9fWFF6MkNkMXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84NTMyMTgtYWM2ZS00ZjljLWE5NTktM2RmNTQ5YTA2ZDVi
LzEvSV9qSm1iTU00a2pteEdqSGhOWk5jdmxqNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+/4AwQA
strBAwQCuYFwMA0GCSqGSIb3DQEBCwUAA4IBAQCAW/Wb3g1IAnXwbLJPG905ZadX
SYNRME6ViCjNmTUbxeKOpJxO+KFXOxde/3/rONFf8R6ccwdWYJxEte34iFnOugWC
bedCiBcuLS4J7Icz2bntP3wIgKnb4y9IIrYpzm7hhvzYnzhFHKF7tRuPU6e2NWl9
06uqhrHc10sDefkb+qPLIUfPdNyzWupK0+WGvKpfe1/QKsgXILNxNge2B/0zuFGQ
BTbxAMAs2Dr1CLdOz4qPSvbZlxOwyC77AAG8c5rMHH+PbYakQWfJpkufjJbWowAf
lQemu/Qk7JMEGjj5S2ZXKXKlu0cEDU6rU91Ez3B8B39dk9xBxYNrIk96yiuu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:07 2024 by rpki-client on console-ams.rpki-client.org