Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nFqM-4SsnvvDBjqXsTTkzD41CYM.roa
File: nFqM-4SsnvvDBjqXsTTkzD41CYM.roa (raw, json)
Hash identifier: YOPatFp2R/FynQYYqznyCp8zximXd3biCf/nuDtZuyU=
Subject key identifier: 9C:5A:8C:FB:84:AC:9E:FB:C3:06:3A:97:B1:34:E4:CC:3E:35:09:83
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EEAECB9781705806440DC3F509C2A3E42
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nFqM-4SsnvvDBjqXsTTkzD41CYM.roa
Signing time: Wed 17 Apr 2024 07:19:26 +0000
ROA not before: Wed 17 Apr 2024 07:19:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
109.225.0.0/18 maxlen: 18
109.225.0.0/19 maxlen: 19
109.225.0.0/20 maxlen: 20
109.225.16.0/20 maxlen: 20
109.225.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 17 Apr 2024 09:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:ec:b9:78:17:05:80:64:40:dc:3f:50:9c:2a:3e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 17 07:19:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c5a8cfb84ac9efbc3063a97b134e4cc3e350983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d1:4f:b2:6a:de:a3:dc:b5:74:35:3f:72:27:
6d:5d:fe:c1:e3:03:20:a1:25:e2:98:29:99:6e:f6:
0f:a0:c8:74:8f:10:02:61:e9:a5:e1:2e:19:66:21:
f3:40:89:06:0f:23:7d:b3:74:03:05:4c:d2:0c:95:
17:4f:d1:84:20:64:1e:e1:d2:8a:9c:a2:ee:c1:ae:
83:9f:5d:54:b7:f3:24:09:30:9e:1c:7e:52:e8:2a:
05:1c:ae:98:d5:b0:8f:b6:78:b5:4f:86:04:5f:1d:
63:30:24:4a:80:17:d0:c5:5a:aa:93:b9:18:fa:de:
5d:f6:5f:46:fb:53:59:de:2b:ef:b7:65:76:bb:67:
3d:da:c3:78:07:19:f7:36:4f:f3:81:86:8c:19:a9:
24:3a:4a:3d:1a:2f:58:a1:e9:52:ce:ff:e3:27:5b:
55:37:e1:6b:7b:f1:f9:f0:40:02:d7:bf:d7:c8:65:
df:c4:1e:25:bb:96:a9:94:77:ed:81:7e:02:72:90:
4b:84:3b:f2:ce:4c:d0:f8:aa:1f:cc:ca:0d:2f:14:
b8:0d:e9:2c:cd:6b:75:ce:70:4b:9f:da:a9:7e:c0:
09:4f:60:a2:f2:32:85:c9:1c:f3:d8:bc:25:88:64:
32:ee:4c:10:be:b2:1d:ab:39:d8:29:01:eb:c2:c7:
0f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5A:8C:FB:84:AC:9E:FB:C3:06:3A:97:B1:34:E4:CC:3E:35:09:83
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nFqM-4SsnvvDBjqXsTTkzD41CYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
94.242.148.0/22
94.242.160.0/19
95.107.16.0/20
95.107.112.0/20
109.225.0.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:74:45:fa:21:54:ad:a9:c5:56:93:d2:21:db:14:4a:1f:5e:
71:53:01:e0:c0:c3:13:75:92:ea:b0:c9:de:08:9d:30:7f:89:
ba:02:3a:a8:2d:93:d6:7e:53:68:83:a4:50:f6:d6:e6:17:40:
bf:90:e7:9b:2f:09:56:2d:d8:0d:66:2f:ad:63:b5:8d:34:7e:
1b:55:ca:7a:4d:b2:02:66:7b:43:f9:84:36:e8:7e:0d:86:79:
db:56:e9:e0:86:fc:0d:e6:eb:95:ab:48:cc:be:7f:8a:08:aa:
da:3b:fa:aa:e7:58:6a:17:4b:1a:f5:7c:c8:46:e0:13:1a:65:
31:81:d1:62:4d:41:17:09:ae:2f:a8:5f:69:e2:fd:92:a4:54:
a1:1d:bd:a8:f6:2a:65:96:04:cc:fe:05:55:aa:32:eb:7a:20:
08:8f:6c:08:e0:bb:44:9f:22:82:c9:43:12:0b:02:36:7c:df:
e4:83:73:0c:3a:a8:ba:76:ff:b0:c7:f8:bc:02:52:77:e8:05:
b1:e8:c7:ce:86:b0:66:95:66:be:38:77:a0:2b:17:e3:37:14:
65:d1:42:6c:8c:00:c3:84:13:7f:20:2c:b5:97:2b:ac:a6:4a:
83:3f:60:f6:94:90:e5:d5:ab:43:29:d3:9d:90:87:3d:35:f9:
1a:a6:26:5e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7q7Ll4FwWAZEDcP1CcKj5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE3MDcxOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVhOGNmYjg0YWM5ZWZiYzMwNjNhOTdiMTM0ZTRjYzNlMzUwOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dFPsmreo9y1dDU/cidtXf7B4wMg
oSXimCmZbvYPoMh0jxACYeml4S4ZZiHzQIkGDyN9s3QDBUzSDJUXT9GEIGQe4dKK
nKLuwa6Dn11Ut/MkCTCeHH5S6CoFHK6Y1bCPtni1T4YEXx1jMCRKgBfQxVqqk7kY
+t5d9l9G+1NZ3ivvt2V2u2c92sN4Bxn3Nk/zgYaMGakkOko9Gi9YoelSzv/jJ1tV
N+Fre/H58EAC17/XyGXfxB4lu5aplHftgX4CcpBLhDvyzkzQ+KofzMoNLxS4Deks
zWt1znBLn9qpfsAJT2Ci8jKFyRzz2LwliGQy7kwQvrIdqznYKQHrwscPowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJxajPuErJ77wwY6l7E05Mw+NQmDMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbkZxTS00U3NudnZEQmpxWHNUVGt6RDQxQ1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEBY+wAwQC
XvKUAwQFXvKgAwQEX2sQAwQEX2twAwQGbeEAMA0GCSqGSIb3DQEBCwUAA4IBAQBM
dEX6IVStqcVWk9Ih2xRKH15xUwHgwMMTdZLqsMneCJ0wf4m6AjqoLZPWflNog6RQ
9tbmF0C/kOebLwlWLdgNZi+tY7WNNH4bVcp6TbICZntD+YQ26H4NhnnbVunghvwN
5uuVq0jMvn+KCKraO/qq51hqF0sa9XzIRuATGmUxgdFiTUEXCa4vqF9p4v2SpFSh
Hb2o9ipllgTM/gVVqjLreiAIj2wI4LtEnyKCyUMSCwI2fN/kg3MMOqi6dv+wx/i8
AlJ36AWx6MfOhrBmlWa+OHegKxfjNxRl0UJsjADDhBN/ICy1lyuspkqDP2D2lJDl
1atDKdOdkIc9NfkapiZe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org