Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nxPt6R4YSiv9tyHncRWU8ckfTx4.roa
File: nxPt6R4YSiv9tyHncRWU8ckfTx4.roa (raw, json)
Hash identifier: qyu3UO7/W0lY/OrwXHFmzDDLPaB3JkHF9yuIM9fJ9WM=
Subject key identifier: 9F:13:ED:E9:1E:18:4A:2B:FD:B7:21:E7:71:15:94:F1:C9:1F:4F:1E
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0190748C21E2FEB9BF85DB28D7F285AD3063
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nxPt6R4YSiv9tyHncRWU8ckfTx4.roa
Signing time: Tue 02 Jul 2024 17:44:18 +0000
ROA not before: Tue 02 Jul 2024 17:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 16:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:8c:21:e2:fe:b9:bf:85:db:28:d7:f2:85:ad:30:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jul 2 17:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f13ede91e184a2bfdb721e7711594f1c91f4f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:15:87:31:d8:fa:a4:04:83:9b:34:52:45:59:
f3:67:e6:2d:66:af:96:1f:1b:38:97:4f:4b:2c:45:
8b:26:95:60:be:15:d5:44:16:a9:8c:fa:75:2c:2b:
82:27:72:a2:cd:05:dc:c6:6c:47:69:48:ea:e2:f7:
24:06:9a:e2:55:08:9f:c1:b1:84:99:7b:b2:12:bc:
99:88:d4:49:b9:c0:23:5e:a6:c1:00:ca:54:ca:03:
8c:48:29:98:b6:5d:87:d0:f8:f2:a0:8e:f5:e4:55:
af:10:bb:ec:6c:87:d2:e2:d0:71:0a:fc:f6:4f:2f:
98:56:b9:11:0b:94:62:28:ef:aa:1a:13:38:69:85:
90:66:a4:e7:d3:11:b2:f1:4a:2b:e5:7b:c4:48:ce:
8f:d4:d2:b2:33:23:a8:d3:e7:71:3d:e8:98:66:82:
f7:97:52:a7:94:80:4f:bf:f6:11:91:2f:17:90:02:
46:c0:84:75:29:f8:36:53:0b:0e:34:e9:92:b4:e2:
fc:d0:4b:15:b1:d8:ae:61:84:fb:1d:59:42:44:72:
97:f6:b5:20:43:ee:59:c9:47:f2:b0:e7:71:7a:d0:
6e:0d:39:9f:40:d7:99:6a:6e:5e:f3:18:05:e4:b2:
33:1f:e0:e6:b1:7e:6b:db:5a:43:37:fd:c9:db:1f:
e1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:13:ED:E9:1E:18:4A:2B:FD:B7:21:E7:71:15:94:F1:C9:1F:4F:1E
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nxPt6R4YSiv9tyHncRWU8ckfTx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
89.42.213.0/24
89.44.210.0/24
Signature Algorithm: sha256WithRSAEncryption
55:88:28:52:62:1d:be:8a:69:f1:16:f4:6e:21:7a:f2:e2:b6:
e8:11:1b:6c:b4:9e:67:f4:69:bd:8c:fc:40:6d:e4:f7:b4:ab:
69:4c:e8:b7:d3:7b:bf:fc:ea:b9:7c:de:11:8e:8f:36:f3:45:
ee:00:b0:17:5f:ed:fe:74:1b:da:ae:4f:bb:1f:2f:30:5b:ea:
c7:d1:b6:8f:cb:14:58:e7:a1:14:ac:23:9a:9f:aa:fd:96:01:
69:4a:36:ea:f2:f6:98:d4:09:e5:86:46:ba:ef:32:fe:04:18:
8c:0b:fa:2a:1c:09:30:d6:2a:b7:c0:39:cf:bb:e4:39:7d:3c:
f6:e5:40:ac:f4:0a:c2:60:4f:65:ee:38:5c:38:f4:10:db:4c:
9d:c1:56:55:63:25:cb:8c:a5:a2:9d:36:9a:a8:cf:74:91:5b:
df:5c:04:40:38:87:e5:2d:e3:36:3f:9f:f5:0f:5b:4c:b3:42:
3a:19:91:52:f7:2d:b4:6c:6f:5a:d4:75:c7:d5:f8:f4:3c:23:
5e:ed:b6:72:f4:5f:7d:c8:59:35:0e:ef:cb:7e:5f:3a:29:49:
92:c4:5b:97:f6:d8:ce:08:fc:0d:93:0f:91:cb:62:08:65:64:
e1:a2:b3:fb:c0:6f:55:cb:ca:94:c1:87:f0:cb:e2:6f:38:f6:
32:61:9d:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB0jCHi/rm/hdso1/KFrTBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNzAyMTc0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjEzZWRlOTFlMTg0YTJiZmRiNzIxZTc3MTE1OTRmMWM5MWY0ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRWHMdj6pASDmzRSRVnzZ+YtZq+W
Hxs4l09LLEWLJpVgvhXVRBapjPp1LCuCJ3KizQXcxmxHaUjq4vckBpriVQifwbGE
mXuyEryZiNRJucAjXqbBAMpUygOMSCmYtl2H0PjyoI715FWvELvsbIfS4tBxCvz2
Ty+YVrkRC5RiKO+qGhM4aYWQZqTn0xGy8Uor5XvESM6P1NKyMyOo0+dxPeiYZoL3
l1KnlIBPv/YRkS8XkAJGwIR1Kfg2UwsONOmStOL80EsVsdiuYYT7HVlCRHKX9rUg
Q+5ZyUfysOdxetBuDTmfQNeZam5e8xgF5LIzH+DmsX5r21pDN/3J2x/hvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8T7ekeGEor/bch53EVlPHJH08eMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbnhQdDZSNFlTaXY5dHlIbmNSV1U4Y2tmVHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJZmEAwQA
WSrVAwQAWSzSMA0GCSqGSIb3DQEBCwUAA4IBAQBViChSYh2+imnxFvRuIXry4rbo
ERtstJ5n9Gm9jPxAbeT3tKtpTOi303u//Oq5fN4Rjo8280XuALAXX+3+dBvark+7
Hy8wW+rH0baPyxRY56EUrCOan6r9lgFpSjbq8vaY1Anlhka67zL+BBiMC/oqHAkw
1iq3wDnPu+Q5fTz25UCs9ArCYE9l7jhcOPQQ20ydwVZVYyXLjKWinTaaqM90kVvf
XARAOIflLeM2P5/1D1tMs0I6GZFS9y20bG9a1HXH1fj0PCNe7bZy9F99yFk1Du/L
fl86KUmSxFuX9tjOCPwNkw+Ry2IIZWThorP7wG9Vy8qUwYfwy+JvOPYyYZ1g
Generated at Tue Jul 9 18:13:12 2024 by rpki-client on console-fra.rpki-client.org