Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/ns5ecTeuigRcZxMAwemEwlFIaRk.roa
File: ns5ecTeuigRcZxMAwemEwlFIaRk.roa (raw, json)
Hash identifier: P6gp0hSytd716yI96xu79RejXaXMD7cI9x0h40e6gt8=
Subject key identifier: 9E:CE:5E:71:37:AE:8A:04:5C:67:13:00:C1:E9:84:C2:51:48:69:19
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 018571278B0C32E1146EBE59C3E60F86B6C0
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/ns5ecTeuigRcZxMAwemEwlFIaRk.roa
Signing time: Mon 02 Jan 2023 06:24:54 +0000
ROA not before: Mon 02 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Jan 2023 09:50:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8b:0c:32:e1:14:6e:be:59:c3:e6:0f:86:b6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jan 2 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ece5e7137ae8a045c671300c1e984c251486919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:33:93:02:4d:85:c2:af:bd:28:60:fa:9b:8d:
06:b6:1e:36:d5:bc:68:fe:14:33:e9:89:5e:66:32:
bd:86:46:a2:ce:f9:b8:91:51:7f:77:16:9c:44:b7:
22:ae:95:32:f0:d1:45:a7:f2:3d:ce:a9:8c:3a:8e:
73:57:82:22:08:1d:a3:b8:6c:73:52:6c:32:24:4d:
68:dc:2a:87:d7:8f:7a:a3:4d:f5:02:bd:c4:cd:21:
40:88:ea:64:c3:e3:84:72:cf:f3:e3:58:be:19:37:
d8:95:b3:7f:42:df:9d:9d:a7:13:b6:54:44:61:09:
c8:82:d5:75:4f:43:4e:cb:f8:10:96:3b:a1:02:90:
f1:8c:28:fb:0a:d9:c0:c1:d1:6a:62:c6:84:ce:31:
95:f2:d2:4b:99:df:8a:31:f0:08:ca:47:45:dd:0f:
65:81:23:f9:5b:a6:23:5e:60:44:2a:22:52:99:aa:
00:53:81:a9:56:21:60:5c:e8:07:68:30:6f:ac:05:
33:8f:f4:8b:2a:ee:72:74:85:c5:1b:6f:12:1f:8f:
fa:1e:cb:f9:ee:69:32:98:cd:71:81:1e:55:ce:97:
1a:4c:52:b7:4b:b0:be:93:46:ca:ed:fe:70:73:af:
fd:7b:17:5c:95:55:f2:f7:3e:2d:ec:39:1d:71:55:
8f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CE:5E:71:37:AE:8A:04:5C:67:13:00:C1:E9:84:C2:51:48:69:19
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/ns5ecTeuigRcZxMAwemEwlFIaRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:2c:80:d0:9c:ee:14:a1:16:e1:fb:93:fb:fe:74:ab:6a:3a:
98:36:91:a4:fe:e6:61:29:cb:e2:e2:45:49:7f:f3:81:6b:ff:
f4:e4:3c:9f:1f:94:f4:8b:35:ad:88:dc:ff:cf:d5:54:78:0e:
de:45:e8:74:a5:0e:09:58:b6:d0:26:1e:e6:b6:27:50:07:cd:
30:e9:60:c1:36:f1:43:e5:ff:3b:66:1f:84:1a:1f:af:8e:27:
48:b5:a9:df:92:55:ae:6f:8d:2f:24:5d:13:eb:84:d3:3a:f9:
b9:7f:ba:21:48:d5:ed:bf:2b:49:ea:f6:1b:5c:b3:7f:0b:a4:
fd:4e:bd:1d:02:bb:69:e6:9d:fe:3b:ce:53:a9:ec:f1:d2:78:
38:a6:4b:94:2c:69:97:c4:27:db:9e:13:e5:70:c8:b4:a2:7d:
95:dc:05:57:6a:0c:8f:75:4d:bb:f4:32:60:e6:09:88:1e:ea:
01:65:78:66:e1:20:c1:89:29:69:91:5c:60:48:7b:ff:d3:e1:
a9:46:a9:a7:39:76:18:ff:16:aa:e8:1e:ff:74:ba:9b:ba:07:
51:f9:36:c9:65:d1:69:62:26:9e:3f:d8:3f:92:da:cb:1c:16:
70:67:fe:8f:ec:c5:f2:31:4f:2e:fb:0a:5a:6f:80:62:61:de:
57:37:66:93
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYVxJ4sMMuEUbr5Zw+YPhrbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjMwMTAyMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWNlNWU3MTM3YWU4YTA0NWM2NzEzMDBjMWU5ODRjMjUxNDg2OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TOTAk2Fwq+9KGD6m40Gth421bxo
/hQz6YleZjK9hkaizvm4kVF/dxacRLcirpUy8NFFp/I9zqmMOo5zV4IiCB2juGxz
UmwyJE1o3CqH1496o031Ar3EzSFAiOpkw+OEcs/z41i+GTfYlbN/Qt+dnacTtlRE
YQnIgtV1T0NOy/gQljuhApDxjCj7CtnAwdFqYsaEzjGV8tJLmd+KMfAIykdF3Q9l
gSP5W6YjXmBEKiJSmaoAU4GpViFgXOgHaDBvrAUzj/SLKu5ydIXFG28SH4/6Hsv5
7mkymM1xgR5VzpcaTFK3S7C+k0bK7f5wc6/9exdclVXy9z4t7DkdcVWP9wIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFJ7OXnE3rooEXGcTAMHphMJRSGkZMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL25zNWVjVGV1aWdSY1p4TUF3ZW1Fd2xGSWFSay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEtBggrBgEFBQcBBwEB/wSCARwwggEYMIIBBQQCAAEw
gf4wDAMEAyUSCAMEACUSCgMEACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAl
EmsDBAAlEnoDBAAl5oswDAMEACXmswMEASXmtDAMAwQDJea4AwQAJea6AwQDJebA
AwQAJebgAwQAJebpAwQCLQkYAwQCLVngMAwDBAAu840DBAQu84ADBAAu86wDBAAu
88kwDAMEAC7zzQMEAC7zzgMEAS7z4gMEAS7z9AMEA1fyWAMEA1fyeAMEA1nooAME
Al6L/DAMAwQAjWWXAwQAjWWYAwQAjWXJMAwDBACyqr8DBAGyqsQDBACyqvIDBAC8
SGAwDAMEAbxIagMEAbxIbDANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsFAAOC
AQEACiyA0JzuFKEW4fuT+/50q2o6mDaRpP7mYSnL4uJFSX/zgWv/9OQ8nx+U9Is1
rYjc/8/VVHgO3kXodKUOCVi20CYe5rYnUAfNMOlgwTbxQ+X/O2YfhBofr44nSLWp
35JVrm+NLyRdE+uE0zr5uX+6IUjV7b8rSer2G1yzfwuk/U69HQK7aead/jvOU6ns
8dJ4OKZLlCxpl8Qn254T5XDItKJ9ldwFV2oMj3VNu/QyYOYJiB7qAWV4ZuEgwYkp
aZFcYEh7/9PhqUappzl2GP8Wquge/3S6m7oHUfk2yWXRaWImnj/YP5LayxwWcGf+
j+zF8jFPLvsKWm+AYmHeVzdmkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org