Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7EX_H8LatDZ1x3BdEu2z9hlg5k.roa
File: N7EX_H8LatDZ1x3BdEu2z9hlg5k.roa (raw, json)
Hash identifier: qFE9YehuJidJz3uBo1A0ZBZ/KDa8TsyTZid267403ok=
Subject key identifier: 37:B1:17:FC:7F:0B:6A:D0:D9:D7:1D:C1:74:4B:B6:CF:D8:65:83:99
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F630B0596CC8554B77B9D5B54BD62B385
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7EX_H8LatDZ1x3BdEu2z9hlg5k.roa
Signing time: Fri 10 May 2024 15:06:57 +0000
ROA not before: Fri 10 May 2024 15:06:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
141.98.5.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 10:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:63:0b:05:96:cc:85:54:b7:7b:9d:5b:54:bd:62:b3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 10 15:06:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37b117fc7f0b6ad0d9d71dc1744bb6cfd8658399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b8:38:e6:0a:ab:22:d6:db:07:6e:ac:b8:a1:
18:41:8f:ef:11:f2:39:19:dd:f4:00:20:36:0f:3f:
1a:0b:b7:bc:09:17:2b:c8:cc:2f:f8:c1:69:4a:19:
32:0f:d5:52:b3:84:c8:71:51:54:6e:1e:46:6d:03:
67:62:cc:bd:0c:a8:08:01:50:0d:87:88:7a:c3:fd:
1b:1e:cc:f1:78:52:03:46:c7:c1:9d:5a:07:99:06:
8e:39:30:ec:62:e0:b1:98:07:4e:67:4c:a9:9b:76:
a5:b0:61:2a:8d:c3:f5:cb:8c:f1:43:f8:61:88:f0:
8d:93:9c:ba:12:93:ea:75:dd:b1:8e:a1:ee:c4:da:
00:21:a8:08:12:50:3f:42:9f:c4:75:46:17:ce:cb:
78:1a:41:68:7d:c1:e6:13:f8:89:09:87:57:77:33:
35:43:1a:88:8f:17:69:6c:94:e4:50:ee:b8:73:df:
d1:76:88:a0:8d:6f:77:21:4d:bf:9c:05:26:46:e2:
33:9e:46:5a:e6:ae:e2:18:ab:86:b5:1a:e6:d7:81:
5c:69:65:cb:5f:b2:2c:1e:4d:de:c6:f1:8b:3e:65:
a0:75:bc:00:96:3b:c3:9a:75:c8:dd:8d:ce:25:da:
1a:21:c1:be:9e:56:43:fa:a0:cf:63:75:28:2d:19:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B1:17:FC:7F:0B:6A:D0:D9:D7:1D:C1:74:4B:B6:CF:D8:65:83:99
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7EX_H8LatDZ1x3BdEu2z9hlg5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
45.66.228.0/24
141.98.5.0/24
178.215.238.0/24
193.149.28.0/22
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
80:b1:ec:c1:34:80:01:60:fe:6b:bc:5c:6c:01:6b:18:e4:13:
6f:ee:2b:37:49:86:e1:68:78:c7:2c:dd:13:7b:7a:c1:14:70:
b5:41:76:b9:78:c1:cb:73:c3:a1:57:3f:c1:69:19:df:a1:e5:
9a:3e:bf:3b:cd:fc:eb:e0:4e:ca:fb:15:6e:50:ca:85:81:2c:
e1:ad:59:d6:73:92:d2:fa:c4:17:7c:9b:39:6c:92:e6:1a:5d:
21:79:f8:bc:d1:db:6c:fc:1d:d1:34:31:18:bd:8e:d3:65:cb:
df:a6:4f:98:3f:e8:50:0a:cb:85:b9:cb:8e:51:9e:f9:64:cc:
ea:79:d3:ae:c1:bc:12:e0:1a:eb:0c:be:9e:28:84:b0:1e:96:
b1:be:29:45:91:5e:d5:f3:2d:99:ca:92:6e:ab:5e:b3:4b:36:
74:94:60:1d:2d:e9:00:f8:7c:fc:d1:0e:fd:e1:6d:58:ae:37:
3b:6a:2a:bc:86:41:ac:63:b4:c0:78:4f:28:c4:7a:7b:13:71:
c9:fc:b6:fb:bb:65:9f:0d:37:3f:6a:a6:c2:a3:25:47:e3:83:
b0:cc:01:7b:65:07:11:13:df:1c:a0:50:19:d7:50:43:d6:a3:
12:c6:ab:ef:5c:33:45:b3:96:a3:39:58:ef:63:68:ef:cc:2a:
e6:45:7e:8a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY9jCwWWzIVUt3udW1S9YrOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTEwMTUwNjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2IxMTdmYzdmMGI2YWQwZDlkNzFkYzE3NDRiYjZjZmQ4NjU4Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rg45gqrItbbB26suKEYQY/vEfI5
Gd30ACA2Dz8aC7e8CRcryMwv+MFpShkyD9VSs4TIcVFUbh5GbQNnYsy9DKgIAVAN
h4h6w/0bHszxeFIDRsfBnVoHmQaOOTDsYuCxmAdOZ0ypm3alsGEqjcP1y4zxQ/hh
iPCNk5y6EpPqdd2xjqHuxNoAIagIElA/Qp/EdUYXzst4GkFofcHmE/iJCYdXdzM1
QxqIjxdpbJTkUO64c9/RdoigjW93IU2/nAUmRuIznkZa5q7iGKuGtRrm14FcaWXL
X7IsHk3exvGLPmWgdbwAljvDmnXI3Y3OJdoaIcG+nlZD+qDPY3UoLRneEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDexF/x/C2rQ2dcdwXRLts/YZYOZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTjdFWF9IOExhdERaMXgzQmRFdTJ6OWhsZzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQz/AwQA
LULkAwQAjWIFAwQAstfuAwQCwZUcAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUA
A4IBAQCAsezBNIABYP5rvFxsAWsY5BNv7is3SYbhaHjHLN0Te3rBFHC1QXa5eMHL
c8OhVz/BaRnfoeWaPr87zfzr4E7K+xVuUMqFgSzhrVnWc5LS+sQXfJs5bJLmGl0h
efi80dts/B3RNDEYvY7TZcvfpk+YP+hQCsuFucuOUZ75ZMzqedOuwbwS4BrrDL6e
KISwHpaxvilFkV7V8y2ZypJuq16zSzZ0lGAdLekA+Hz80Q794W1Yrjc7aiq8hkGs
Y7TAeE8oxHp7E3HJ/Lb7u2WfDTc/aqbCoyVH44OwzAF7ZQcRE98coFAZ11BD1qMS
xqvvXDNFs5ajOVjvY2jvzCrmRX6K
-----END CERTIFICATE-----
Generated at Tue Jun 18 16:21:49 2024 by rpki-client on console-ams.rpki-client.org