Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NBUAHAjQ69T6cfHb8H5myvIT1qA.roa
File: NBUAHAjQ69T6cfHb8H5myvIT1qA.roa (raw, json)
Hash identifier: 87wyICbE/IISdcMpCwJzpOF2sJjk6R9cEEcTs5UxUrQ=
Subject key identifier: 34:15:00:1C:08:D0:EB:D4:FA:71:F1:DB:F0:7E:66:CA:F2:13:D6:A0
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018D83CC37EF208AC59BB6117382086708F9
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NBUAHAjQ69T6cfHb8H5myvIT1qA.roa
Signing time: Wed 07 Feb 2024 13:40:15 +0000
ROA not before: Wed 07 Feb 2024 13:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 5.133.100.0/22 maxlen: 22
31.40.204.0/22 maxlen: 22
37.221.76.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
85.8.160.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
194.93.60.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 02 Mar 2024 20:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:cc:37:ef:20:8a:c5:9b:b6:11:73:82:08:67:08:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 7 13:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3415001c08d0ebd4fa71f1dbf07e66caf213d6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:20:1f:7e:43:d5:08:93:d0:63:97:bd:32:75:
2d:a2:7a:3f:f5:8f:7e:78:d1:0a:f0:05:fc:77:64:
bd:53:20:0e:ec:1d:13:46:15:5c:48:4b:f4:ea:86:
cd:1a:1c:f2:15:65:81:a5:35:95:18:78:e8:93:1b:
7c:ba:3b:b4:16:75:03:fc:d5:f0:e6:08:67:c0:52:
a0:29:b6:2a:ea:46:62:5b:e4:ba:58:23:98:69:b5:
d1:3c:fa:40:fb:21:af:6b:ed:df:b3:49:14:ec:49:
ce:9f:ce:eb:c2:5b:0d:09:57:35:3b:d8:19:49:54:
1c:35:6d:42:b1:a9:65:47:d1:e7:4a:16:37:0c:ff:
f0:67:77:d7:4e:5e:ac:70:02:c1:e0:a4:6a:1f:6e:
6f:51:26:a4:54:35:45:1c:80:4e:5c:31:2b:60:ac:
db:69:22:44:52:6c:c3:21:4c:d4:aa:68:12:64:53:
9f:6c:be:77:cc:17:5a:82:bc:23:58:de:5f:60:c1:
9b:de:60:b1:a9:ae:f8:5d:64:6d:ef:34:bc:e3:77:
6d:1d:50:61:e5:13:e9:0a:e6:ee:46:d7:c9:dc:d1:
92:2b:f7:e6:db:ae:3c:53:ab:82:19:49:41:8b:2a:
dd:1a:c7:ff:cb:4b:5d:70:b1:0a:03:68:3e:02:4a:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:15:00:1C:08:D0:EB:D4:FA:71:F1:DB:F0:7E:66:CA:F2:13:D6:A0
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NBUAHAjQ69T6cfHb8H5myvIT1qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
37.221.76.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
188.119.68.0/22
194.93.60.0/22
212.87.196.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:d0:19:a8:72:e3:35:19:84:c3:41:5d:15:d3:dc:fe:51:c2:
26:4a:77:8d:12:b4:8a:71:c7:ae:ed:2e:8d:ba:15:93:96:37:
79:b8:6c:47:b4:25:29:48:16:50:44:ab:83:f5:60:e5:15:44:
3e:6a:d5:d5:34:39:80:0c:dd:5e:ad:b1:b5:ac:20:f0:f1:d5:
f9:ad:f3:6d:df:f9:70:6a:e2:85:b8:1f:a5:21:6a:8b:68:9b:
2b:a8:4d:bb:13:f1:31:14:93:20:25:36:71:d1:58:30:a5:5e:
0d:ca:20:7b:42:a5:9b:b7:ed:dc:bd:14:1f:7f:83:ec:2a:7d:
64:d7:4b:aa:02:14:b6:f0:cb:c6:87:7c:f6:46:d5:0b:2e:5c:
ac:80:87:47:59:bf:bf:c9:41:0e:6e:dd:3a:c5:5f:01:e0:0d:
33:83:ec:ab:48:de:4d:b8:f7:7a:74:4f:5b:eb:37:b8:47:ab:
56:06:e7:8c:79:19:9f:c8:c5:82:b1:e6:a2:f1:ae:b6:85:67:
d9:71:47:4a:0a:83:d4:b1:b4:a9:4f:fd:b1:5b:61:58:4b:a5:
94:7f:b7:98:08:3f:3f:3e:6b:41:8a:1c:4f:6f:68:0e:ed:8c:
cb:5d:fd:1b:51:74:88:ad:13:1a:fa:37:b3:7e:52:d9:33:b3:
2f:7a:cc:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY2DzDfvIIrFm7YRc4IIZwj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMjA3MTM0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE1MDAxYzA4ZDBlYmQ0ZmE3MWYxZGJmMDdlNjZjYWYyMTNkNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CAffkPVCJPQY5e9MnUtono/9Y9+
eNEK8AX8d2S9UyAO7B0TRhVcSEv06obNGhzyFWWBpTWVGHjokxt8uju0FnUD/NXw
5ghnwFKgKbYq6kZiW+S6WCOYabXRPPpA+yGva+3fs0kU7EnOn87rwlsNCVc1O9gZ
SVQcNW1CsallR9HnShY3DP/wZ3fXTl6scALB4KRqH25vUSakVDVFHIBOXDErYKzb
aSJEUmzDIUzUqmgSZFOfbL53zBdagrwjWN5fYMGb3mCxqa74XWRt7zS843dtHVBh
5RPpCubuRtfJ3NGSK/fm2648U6uCGUlBiyrdGsf/y0tdcLEKA2g+Akp9vwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDQVABwI0OvU+nHx2/B+ZsryE9agMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTkJVQUhBalE2OVQ2Y2ZIYjhINW15dklUMXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBYVkAwQC
HyjMAwQCJd1MAwQCU6v0AwQCVQigAwQCXPk8AwQCvHdEAwQCwl08AwQC1FfEAwQC
1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQA+0BmocuM1GYTDQV0V09z+UcImSneNErSK
cceu7S6NuhWTljd5uGxHtCUpSBZQRKuD9WDlFUQ+atXVNDmADN1erbG1rCDw8dX5
rfNt3/lwauKFuB+lIWqLaJsrqE27E/ExFJMgJTZx0VgwpV4NyiB7QqWbt+3cvRQf
f4PsKn1k10uqAhS28MvGh3z2RtULLlysgIdHWb+/yUEObt06xV8B4A0zg+yrSN5N
uPd6dE9b6ze4R6tWBueMeRmfyMWCseai8a62hWfZcUdKCoPUsbSpT/2xW2FYS6WU
f7eYCD8/PmtBihxPb2gO7YzLXf0bUXSIrRMa+jezflLZM7Mveswx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org