Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dNXl_I_XGCfYWL8sN6cjbS7OyM.roa
File: 3dNXl_I_XGCfYWL8sN6cjbS7OyM.roa (raw, json)
Hash identifier: lKc1m6u/Sod6hydT40aV0REx5UMIBY6fAGlbDO/KycQ=
Subject key identifier: DD:D3:57:97:F2:3F:5C:60:9F:61:62:FC:B0:DE:9C:8D:B4:BB:3B:23
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746BBDC69321234331BFFC1F2AE657F
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dNXl_I_XGCfYWL8sN6cjbS7OyM.roa
Signing time: Thu 02 Jan 2025 13:48:54 +0000
ROA not before: Thu 02 Jan 2025 13:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214447
IP address blocks: 188.132.212.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.218.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 19:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:bb:dc:69:32:12:34:33:1b:ff:c1:f2:ae:65:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd35797f23f5c609f6162fcb0de9c8db4bb3b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:96:01:7f:b3:20:b5:04:45:3b:7f:49:f8:57:
3a:1a:27:b7:fa:66:19:b5:c0:56:7c:46:09:f9:c5:
26:cd:a9:0a:be:31:41:91:e0:6c:04:4a:fe:82:42:
87:da:f4:66:d2:70:cc:5e:53:11:04:5f:c3:cc:72:
7c:70:9e:22:6e:25:d4:75:35:89:a0:2b:88:02:8d:
c2:9b:dc:a9:91:ed:1a:04:2f:6d:f2:d9:1c:09:6b:
26:29:a0:5c:22:66:b3:c3:bf:a6:65:05:a1:4d:ed:
e4:36:14:38:46:fb:da:5a:7c:9d:93:96:84:4a:6b:
2e:fe:fd:08:65:91:1a:65:b1:c7:39:ed:95:b3:6b:
f0:2a:70:1a:a7:8a:71:a4:f4:6c:af:0f:bf:05:5e:
6e:cf:7a:ba:02:6c:51:e1:b3:c7:67:db:8a:33:d3:
84:07:b4:85:7e:e2:73:5c:7d:0d:53:fb:a0:de:d2:
0b:c4:5b:bf:8d:4c:10:2e:d9:4e:8d:68:be:8c:6f:
9e:b6:ec:59:da:de:00:9e:96:db:10:f0:a5:99:5f:
ef:e3:12:5b:d0:9f:8e:37:30:db:11:a9:a4:8b:45:
95:ea:85:8a:02:0b:29:36:cc:c9:6a:22:4d:22:ea:
9a:01:8a:0f:d4:df:38:72:da:2c:ee:fa:e5:db:da:
5a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D3:57:97:F2:3F:5C:60:9F:61:62:FC:B0:DE:9C:8D:B4:BB:3B:23
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dNXl_I_XGCfYWL8sN6cjbS7OyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.212.0-188.132.218.255
188.132.228.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d6:79:f8:da:c4:f8:09:51:c0:90:bd:27:77:b9:10:c4:0f:
b0:3c:0b:9c:da:35:50:e8:88:72:e5:74:df:6f:2d:90:0b:47:
7a:cf:58:11:56:3b:73:d8:0a:7c:3e:66:b5:f2:fb:c4:d8:fb:
45:b8:dd:ce:7d:11:50:88:89:cc:ac:7c:26:e1:df:fb:1f:d3:
26:b5:cf:27:25:2f:83:9d:9a:cc:d9:2e:b0:a3:44:13:24:84:
1d:92:4e:b7:02:58:13:e8:b1:36:42:c2:7a:f7:89:f1:bb:45:
58:b3:98:30:15:d0:07:fd:09:4c:c8:a6:14:4d:64:85:83:5d:
44:2d:27:54:05:07:fd:07:89:91:37:50:74:9f:33:bd:08:83:
d6:cc:87:6a:1b:84:3f:f2:b7:31:46:71:f9:10:d5:4b:0b:dc:
39:6c:ca:02:9d:b3:53:d7:8e:41:6b:b8:78:bb:ea:7b:a7:d7:
d4:6a:bd:ea:84:ba:9e:a0:9c:d6:27:c8:99:c9:b4:36:73:ee:
ec:c0:75:29:76:f6:b7:fb:27:02:17:f6:8c:92:e9:94:71:22:
52:22:55:36:40:22:1d:b4:51:76:23:00:33:3d:e0:d5:be:e7:
6c:56:7e:38:30:0b:c7:cf:78:9f:a4:40:ee:98:f8:6d:56:99:
bd:95:e1:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnRrvcaTISNDMb/8HyrmV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQzNTc5N2YyM2Y1YzYwOWY2MTYyZmNiMGRlOWM4ZGI0YmIzYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpYBf7MgtQRFO39J+Fc6Gie3+mYZ
tcBWfEYJ+cUmzakKvjFBkeBsBEr+gkKH2vRm0nDMXlMRBF/DzHJ8cJ4ibiXUdTWJ
oCuIAo3Cm9ypke0aBC9t8tkcCWsmKaBcImazw7+mZQWhTe3kNhQ4RvvaWnydk5aE
Smsu/v0IZZEaZbHHOe2Vs2vwKnAap4pxpPRsrw+/BV5uz3q6AmxR4bPHZ9uKM9OE
B7SFfuJzXH0NU/ug3tILxFu/jUwQLtlOjWi+jG+etuxZ2t4AnpbbEPClmV/v4xJb
0J+ONzDbEamki0WV6oWKAgspNszJaiJNIuqaAYoP1N84ctos7vrl29parwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN3TV5fyP1xgn2Fi/LDenI20uzsjMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvM2ROWGxfSV9YR0NmWVdMOHNONmNqYlM3T3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAK8hNQD
BAC8hNoDBAC8hOQDBADURCMwDQYJKoZIhvcNAQELBQADggEBAEnWefjaxPgJUcCQ
vSd3uRDED7A8C5zaNVDoiHLldN9vLZALR3rPWBFWO3PYCnw+ZrXy+8TY+0W43c59
EVCIicysfCbh3/sf0ya1zyclL4OdmszZLrCjRBMkhB2STrcCWBPosTZCwnr3ifG7
RVizmDAV0Af9CUzIphRNZIWDXUQtJ1QFB/0HiZE3UHSfM70Ig9bMh2obhD/ytzFG
cfkQ1UsL3DlsygKds1PXjkFruHi76nun19RqveqEup6gnNYnyJnJtDZz7uzAdSl2
9rf7JwIX9oyS6ZRxIlIiVTZAIh20UXYjADM94NW+52xWfjgwC8fPeJ+kQO6Y+G1W
mb2V4Yg=
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:30 2025 by rpki-client