Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/nQIGjU0O3P_yuN16YHfUB-cBE-4.roa
File: nQIGjU0O3P_yuN16YHfUB-cBE-4.roa (raw, json)
Hash identifier: kglkM/XiWfm7A/AWaUK3eUfkCQHQpjC55W3k4c6EF6Q=
Subject key identifier: 9D:02:06:8D:4D:0E:DC:FF:F2:B8:DD:7A:60:77:D4:07:E7:01:13:EE
Certificate issuer: /CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Certificate serial: 0190DF50E7A0C9A62323622E50CF4BA4E10B
Authority key identifier: C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/nQIGjU0O3P_yuN16YHfUB-cBE-4.roa
Signing time: Tue 23 Jul 2024 11:18:59 +0000
ROA not before: Tue 23 Jul 2024 11:18:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52142
IP address blocks: 46.174.176.0/24 maxlen: 24
46.174.177.0/24 maxlen: 24
46.174.178.0/24 maxlen: 24
46.174.179.0/24 maxlen: 24
46.174.180.0/24 maxlen: 24
46.174.181.0/24 maxlen: 24
46.174.182.0/24 maxlen: 24
46.174.183.0/24 maxlen: 24
91.210.128.0/24 maxlen: 24
91.210.129.0/24 maxlen: 24
195.69.80.0/22 maxlen: 22
2a03:c940::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jul 2024 11:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:50:e7:a0:c9:a6:23:23:62:2e:50:cf:4b:a4:e1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Validity
Not Before: Jul 23 11:18:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d02068d4d0edcfff2b8dd7a6077d407e70113ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e5:c8:b1:c2:9a:36:01:41:45:df:0d:44:73:
cf:8d:11:46:46:e0:af:00:23:6e:68:fd:f8:24:e0:
3c:d4:de:69:bd:23:e3:6f:a2:0f:8a:60:99:84:cf:
57:b3:da:d7:57:a9:5b:b5:ea:f6:cf:32:e8:54:35:
36:f1:ea:0d:a7:3d:5b:47:ad:37:97:12:a4:f2:29:
9a:1d:43:7f:b0:29:b9:92:9d:f6:8d:a7:94:97:31:
36:34:30:d2:ad:d9:98:0e:43:57:ae:85:29:4b:2a:
2f:23:f1:fc:89:cd:c4:28:d1:89:0f:0f:da:ea:72:
26:dd:20:4f:c2:e8:5a:4e:fd:6e:af:f9:50:b4:5a:
81:f2:59:d0:b2:9f:51:ce:01:c2:af:5c:58:79:ca:
70:6a:84:7a:93:0e:55:8b:0e:e9:32:62:75:ea:03:
95:94:fa:ef:97:91:30:cb:1e:61:80:bb:e9:e1:0a:
5e:85:6b:5c:d1:25:68:70:00:56:41:0f:83:44:4d:
fe:4c:6d:5b:31:21:c4:b2:92:02:68:e3:7f:27:fd:
d2:c0:ab:ea:b0:74:19:17:cc:9e:40:eb:90:2b:f9:
e0:57:c4:67:35:74:bb:52:5e:8c:0a:6f:db:fa:32:
13:be:ed:a8:76:6c:a3:27:2e:83:b9:64:ea:f7:4f:
66:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:02:06:8D:4D:0E:DC:FF:F2:B8:DD:7A:60:77:D4:07:E7:01:13:EE
X509v3 Authority Key Identifier:
keyid:C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/nQIGjU0O3P_yuN16YHfUB-cBE-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/w8YbUevIQYDwprIy6H351hyQ-qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.176.0/21
91.210.128.0/23
195.69.80.0/22
IPv6:
2a03:c940::/32
Signature Algorithm: sha256WithRSAEncryption
30:f9:12:5d:54:50:59:1a:56:aa:78:f5:62:d5:1a:a8:43:4f:
4a:1a:fa:ce:3a:82:02:8f:a7:52:51:a4:d8:46:8b:94:64:54:
39:a7:48:bf:f5:83:00:ed:b0:1d:0f:a5:52:1b:3e:d4:ca:7e:
9c:4b:b8:52:97:43:b5:ca:6a:48:6e:5a:69:79:9c:73:d7:97:
db:8e:89:98:2b:18:52:8a:17:20:17:6d:b1:e7:94:5b:43:76:
c5:ad:9b:2d:d5:19:0e:2c:e5:2c:29:d3:28:3a:5f:d2:89:0c:
af:ce:05:9a:b7:a0:60:29:c6:28:70:94:93:87:04:1b:ce:e9:
10:c0:06:02:54:35:19:ff:a6:45:4e:85:a7:0b:25:eb:be:db:
2b:a5:3a:27:fe:5f:8c:fa:36:bf:a4:a8:ec:04:44:71:6a:f8:
c8:6d:3b:0c:00:18:91:db:02:1e:af:4b:42:70:0a:f8:2c:64:
45:94:71:65:d4:f5:9d:04:6b:66:2c:c9:1d:25:6d:72:9b:99:
9a:e3:dd:fd:73:2b:56:d2:f5:6f:30:51:c4:09:18:dc:13:05:
e4:22:7d:9f:7c:6f:3a:72:b8:52:74:ed:21:42:f7:0a:2c:04:
7d:98:05:ab:0c:02:27:ab:76:84:a7:87:b1:f0:2a:43:3b:8a:
f8:7b:7a:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZDfUOegyaYjI2IuUM9LpOELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzYxYjUxZWJjODQxODBmMGE2YjIzMmU4N2RmOWQ2MWM5
MGZhYWIwHhcNMjQwNzIzMTExODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDAyMDY4ZDRkMGVkY2ZmZjJiOGRkN2E2MDc3ZDQwN2U3MDExM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOXIscKaNgFBRd8NRHPPjRFGRuCv
ACNuaP34JOA81N5pvSPjb6IPimCZhM9Xs9rXV6lbter2zzLoVDU28eoNpz1bR603
lxKk8imaHUN/sCm5kp32jaeUlzE2NDDSrdmYDkNXroUpSyovI/H8ic3EKNGJDw/a
6nIm3SBPwuhaTv1ur/lQtFqB8lnQsp9RzgHCr1xYecpwaoR6kw5Viw7pMmJ16gOV
lPrvl5Ewyx5hgLvp4QpehWtc0SVocABWQQ+DRE3+TG1bMSHEspICaON/J/3SwKvq
sHQZF8yeQOuQK/ngV8RnNXS7Ul6MCm/b+jITvu2odmyjJy6DuWTq909m7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ0CBo1NDtz/8rjdemB31AfnARPuMB8GA1UdIwQY
MBaAFMPGG1HryEGA8KayMuh9+dYckPqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUt
OGY5ODI3MzQ0NzkwLzEvblFJR2pVME8zUF95dU4xNllIZlVCLWNCRS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUtOGY5ODI3MzQ0Nzkw
LzEvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLq6wAwQB
W9KAAwQCw0VQMA0EAgACMAcDBQAqA8lAMA0GCSqGSIb3DQEBCwUAA4IBAQAw+RJd
VFBZGlaqePVi1RqoQ09KGvrOOoICj6dSUaTYRouUZFQ5p0i/9YMA7bAdD6VSGz7U
yn6cS7hSl0O1ympIblppeZxz15fbjomYKxhSihcgF22x55RbQ3bFrZst1RkOLOUs
KdMoOl/SiQyvzgWat6BgKcYocJSThwQbzukQwAYCVDUZ/6ZFToWnCyXrvtsrpTon
/l+M+ja/pKjsBERxavjIbTsMABiR2wIer0tCcAr4LGRFlHFl1PWdBGtmLMkdJW1y
m5ma4939cytW0vVvMFHECRjcEwXkIn2ffG86crhSdO0hQvcKLAR9mAWrDAInq3aE
p4ex8CpDO4r4e3qL
-----END CERTIFICATE-----
Generated at Sat May 3 01:12:31 2025 by rpki-client