Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NtGb7aBlAPvBC-NNwU78RrH65hQ.roa
File: NtGb7aBlAPvBC-NNwU78RrH65hQ.roa (raw, json)
Hash identifier: XYiel4wIXlOu1Qh5FTl+CNb6CSDyXLr4iIOc4WOesmA=
Subject key identifier: 36:D1:9B:ED:A0:65:00:FB:C1:0B:E3:4D:C1:4E:FC:46:B1:FA:E6:14
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E764DAAF065D9E6B2B9687EB00641F241
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NtGb7aBlAPvBC-NNwU78RrH65hQ.roa
Signing time: Mon 25 Mar 2024 15:49:45 +0000
ROA not before: Mon 25 Mar 2024 15:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 11:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:4d:aa:f0:65:d9:e6:b2:b9:68:7e:b0:06:41:f2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 25 15:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d19beda06500fbc10be34dc14efc46b1fae614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f3:27:7c:69:2e:35:ec:94:9f:4b:97:8a:7e:
40:f8:bc:80:7a:58:9e:8b:22:53:59:21:b1:1a:4e:
e7:39:e7:00:b6:37:e4:69:63:63:f7:fe:ec:c2:53:
3d:49:72:60:e8:2e:f0:b7:79:41:50:b5:13:83:7a:
6a:bc:46:1b:23:45:18:01:17:13:03:88:b1:d2:ae:
ff:36:a3:e0:a7:c4:59:78:e5:7f:60:f8:40:32:98:
81:84:33:de:b3:46:19:9c:7a:b9:75:71:55:b1:24:
a9:8d:27:8a:5b:fa:03:52:73:16:73:78:b6:06:d8:
b0:5f:1c:aa:d9:aa:04:b3:c1:2f:7f:53:69:1e:99:
6f:ff:7f:0a:7e:54:db:ac:21:ff:b9:12:fe:23:73:
06:76:4f:63:a9:e3:1a:5b:fa:a2:3c:76:59:15:4b:
ad:09:e6:5c:62:c7:8f:1b:b3:6c:04:56:64:6e:bc:
af:9d:7f:bb:a1:fe:eb:e8:24:47:d8:b6:cb:bb:5d:
71:e8:10:c0:4b:4f:b2:0a:b8:1d:8c:c9:1a:c6:f7:
df:fb:98:d8:3b:82:66:47:a8:19:38:07:9e:40:26:
90:44:5f:3b:ec:82:08:5e:b4:e7:98:8c:8d:a0:8e:
ce:19:f6:fd:9a:97:1b:4e:f8:23:06:60:9d:c4:60:
6e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D1:9B:ED:A0:65:00:FB:C1:0B:E3:4D:C1:4E:FC:46:B1:FA:E6:14
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NtGb7aBlAPvBC-NNwU78RrH65hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.113.0/24
45.81.115.0/24
45.144.215.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:cc:07:aa:d8:76:9e:d9:40:7f:65:0d:c1:58:03:4b:51:81:
13:11:5b:5d:ab:df:97:89:b6:f7:0f:15:4a:8e:b6:99:aa:cf:
1f:66:ac:e7:3c:1a:56:ce:d6:f8:9b:8d:9f:a5:d7:54:d3:6e:
02:23:7b:9d:74:a8:98:2a:03:e5:50:60:1b:e3:3a:2e:57:0d:
09:37:4e:d8:7a:b9:a6:cf:c6:6c:98:c3:64:c0:5d:82:ec:df:
3d:99:0d:42:35:cd:3a:c9:b4:b7:5c:69:dc:ea:ff:15:8f:74:
bb:c0:8e:a1:09:78:60:11:1d:60:de:fb:0f:15:05:fa:38:8e:
8d:69:a8:14:e2:a8:90:37:e7:b3:6d:2c:8f:23:b7:45:31:35:
3d:36:6e:57:43:f1:d9:e9:c8:8b:b3:ad:79:4c:26:39:3c:49:
42:38:a0:13:2d:7f:70:86:5d:1e:59:f9:04:43:b9:9b:6f:4b:
33:60:9b:3e:93:31:cc:f8:fe:bc:9a:ba:0d:f8:5b:fd:65:a2:
08:ca:32:79:89:85:ee:13:90:9d:a0:7b:8f:19:d6:7b:7e:f2:
88:4c:f1:f8:89:95:f2:a7:3f:30:9c:17:5d:72:4e:b3:06:1b:
4d:a4:11:f1:b7:e8:5c:8e:27:96:4e:70:d1:54:4d:dc:25:70:
79:da:cf:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY52TarwZdnmsrlofrAGQfJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzI1MTU0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQxOWJlZGEwNjUwMGZiYzEwYmUzNGRjMTRlZmM0NmIxZmFlNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfMnfGkuNeyUn0uXin5A+LyAelie
iyJTWSGxGk7nOecAtjfkaWNj9/7swlM9SXJg6C7wt3lBULUTg3pqvEYbI0UYARcT
A4ix0q7/NqPgp8RZeOV/YPhAMpiBhDPes0YZnHq5dXFVsSSpjSeKW/oDUnMWc3i2
BtiwXxyq2aoEs8Evf1NpHplv/38KflTbrCH/uRL+I3MGdk9jqeMaW/qiPHZZFUut
CeZcYsePG7NsBFZkbryvnX+7of7r6CRH2LbLu11x6BDAS0+yCrgdjMkaxvff+5jY
O4JmR6gZOAeeQCaQRF877IIIXrTnmIyNoI7OGfb9mpcbTvgjBmCdxGBu4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDbRm+2gZQD7wQvjTcFO/Eax+uYUMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTnRHYjdhQmxBUHZCQy1OTndVNzhSckg2NWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhtAwQA
LVFxAwQALVFzAwQALZDXAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBczAeq2Hae
2UB/ZQ3BWANLUYETEVtdq9+Xibb3DxVKjraZqs8fZqznPBpWztb4m42fpddU024C
I3uddKiYKgPlUGAb4zouVw0JN07Yermmz8ZsmMNkwF2C7N89mQ1CNc06ybS3XGnc
6v8Vj3S7wI6hCXhgER1g3vsPFQX6OI6NaagU4qiQN+ezbSyPI7dFMTU9Nm5XQ/HZ
6ciLs615TCY5PElCOKATLX9whl0eWfkEQ7mbb0szYJs+kzHM+P68mroN+Fv9ZaII
yjJ5iYXuE5CdoHuPGdZ7fvKITPH4iZXypz8wnBddck6zBhtNpBHxt+hcjieWTnDR
VE3cJXB52s9D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org