Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/NFmuXp1g9ohnjDRz86mqeEKTSB0.roa
File: NFmuXp1g9ohnjDRz86mqeEKTSB0.roa (raw, json)
Hash identifier: 59BMQEnPB/WygZdynevftJ6hpiLlbzVt4yZ27Ap4iuo=
Subject key identifier: 34:59:AE:5E:9D:60:F6:88:67:8C:34:73:F3:A9:AA:78:42:93:48:1D
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 01900634AF4679ED8A31057050C1E4E76985
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/NFmuXp1g9ohnjDRz86mqeEKTSB0.roa
Signing time: Tue 11 Jun 2024 07:30:34 +0000
ROA not before: Tue 11 Jun 2024 07:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48539
IP address blocks: 109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
2a11:6a00::/29 maxlen: 29
2a12:2780::/29 maxlen: 29
2a12:8200::/29 maxlen: 29
2a12:ab00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 05 Aug 2024 18:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:34:af:46:79:ed:8a:31:05:70:50:c1:e4:e7:69:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Jun 11 07:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3459ae5e9d60f688678c3473f3a9aa784293481d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0c:9d:c6:3e:3c:bc:10:8e:0f:e8:6f:3d:cf:
27:b5:2e:03:d2:bd:ae:40:2b:da:57:2a:50:2b:4c:
d5:9b:20:c3:e3:61:24:d7:b6:42:48:a2:11:e3:18:
34:d1:8e:be:cb:d1:58:d5:72:05:ea:89:99:f2:28:
f8:2c:be:7b:5c:0d:b7:5a:ed:2b:3c:6f:be:9d:7f:
40:4c:65:6c:e9:8d:2b:f4:49:c2:79:d3:8f:d4:33:
f4:7f:62:ae:de:26:a1:9a:58:72:1c:0c:4e:1d:d4:
52:8d:cc:eb:30:e6:99:b0:31:cd:53:3c:0a:4a:04:
ca:ae:a2:c7:d0:d1:69:a8:7d:f5:1d:e9:19:3e:c5:
de:de:12:08:fe:22:0b:ea:d6:67:6a:3d:9b:59:34:
07:e3:02:4c:ea:46:c7:a6:f6:9f:61:99:a3:fa:a6:
c5:8d:37:9a:21:2e:f5:38:37:cd:d1:b0:48:d1:9e:
1c:0b:0a:67:92:50:61:5d:39:25:1a:29:06:53:24:
23:43:9a:20:93:17:03:4b:cb:fd:44:4f:c6:c2:2b:
4e:af:d7:96:ad:ed:56:f3:22:81:96:f3:ce:54:6d:
d0:7d:60:7c:a0:73:55:6b:81:95:2a:e4:bc:60:d8:
53:a8:f6:e1:87:ca:e0:16:ab:2f:b2:03:72:23:d8:
33:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:59:AE:5E:9D:60:F6:88:67:8C:34:73:F3:A9:AA:78:42:93:48:1D
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/NFmuXp1g9ohnjDRz86mqeEKTSB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.189.0/24
146.19.131.0/24
178.212.137.0/24
194.63.144.0/24
IPv6:
2a11:6a00::/29
2a12:2780::/29
2a12:8200::/29
2a12:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:55:29:5e:33:81:f4:cb:21:bc:c0:89:0f:a7:a4:51:b7:3a:
79:e3:82:26:11:0e:22:d5:38:0f:ce:60:0c:95:14:c4:ad:32:
d7:9d:2d:48:81:49:39:7a:f5:0a:48:8e:13:38:38:f0:8a:74:
f7:31:e7:2b:20:c9:7b:60:a7:b2:8a:8d:fb:26:2a:9b:21:0a:
6f:53:3a:fe:59:c5:e7:28:49:c2:ca:8f:e5:20:dd:99:49:5f:
b2:12:92:b6:19:31:a3:60:33:ad:ad:2f:0b:e5:3c:47:be:c1:
10:87:a9:d5:41:25:bd:57:d3:cf:4c:35:f0:c5:86:ed:10:35:
fd:2f:ab:6e:95:af:98:28:e2:9b:56:31:0b:24:53:9e:f2:7b:
7d:2a:25:a5:7b:72:e1:53:82:f4:a7:1f:b2:2b:ba:45:bd:7c:
64:7d:dd:36:b8:7f:b8:99:23:d1:eb:2d:20:ff:5a:d4:a3:63:
79:b0:44:8b:fd:fb:52:65:7a:1b:c1:f6:d6:6c:81:34:be:c8:
ae:9d:37:47:8a:77:e1:39:9a:8f:d5:c0:fe:d0:a6:c5:25:e9:
2e:06:cc:8e:e6:d8:8f:7c:a1:d9:64:88:01:f6:12:cf:91:fd:
49:f9:c8:f7:fe:db:22:ad:43:ad:51:5a:90:81:a1:4b:78:ea:
4c:71:c4:bb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZAGNK9Gee2KMQVwUMHk52mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjQwNjExMDczMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU5YWU1ZTlkNjBmNjg4Njc4YzM0NzNmM2E5YWE3ODQyOTM0ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgydxj48vBCOD+hvPc8ntS4D0r2u
QCvaVypQK0zVmyDD42Ek17ZCSKIR4xg00Y6+y9FY1XIF6omZ8ij4LL57XA23Wu0r
PG++nX9ATGVs6Y0r9EnCedOP1DP0f2Ku3iahmlhyHAxOHdRSjczrMOaZsDHNUzwK
SgTKrqLH0NFpqH31HekZPsXe3hII/iIL6tZnaj2bWTQH4wJM6kbHpvafYZmj+qbF
jTeaIS71ODfN0bBI0Z4cCwpnklBhXTklGikGUyQjQ5ogkxcDS8v9RE/GwitOr9eW
re1W8yKBlvPOVG3QfWB8oHNVa4GVKuS8YNhTqPbhh8rgFqsvsgNyI9gzpwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDRZrl6dYPaIZ4w0c/OpqnhCk0gdMB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvTkZtdVhwMWc5b2huakRSejg2bXFlRUtUU0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQAbc29AwQA
khODAwQAstSJAwQAwj+QMCIEAgACMBwDBQMqEWoAAwUDKhIngAMFAyoSggADBQMq
EqsAMA0GCSqGSIb3DQEBCwUAA4IBAQC2VSleM4H0yyG8wIkPp6RRtzp544ImEQ4i
1TgPzmAMlRTErTLXnS1IgUk5evUKSI4TODjwinT3MecrIMl7YKeyio37JiqbIQpv
Uzr+WcXnKEnCyo/lIN2ZSV+yEpK2GTGjYDOtrS8L5TxHvsEQh6nVQSW9V9PPTDXw
xYbtEDX9L6tula+YKOKbVjELJFOe8nt9KiWle3LhU4L0px+yK7pFvXxkfd02uH+4
mSPR6y0g/1rUo2N5sESL/ftSZXobwfbWbIE0vsiunTdHinfhOZqP1cD+0KbFJeku
BsyO5tiPfKHZZIgB9hLPkf1J+cj3/tsirUOtUVqQgaFLeOpMccS7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:23 2025 by rpki-client