Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/NB0VTKEXEyVxKe5IO77l95WzptM.roa
File: NB0VTKEXEyVxKe5IO77l95WzptM.roa (raw, json)
Hash identifier: whj4BmJlhVp/mQ/sBn1EtXhgb88ankOFKrXC62ZrlHs=
Subject key identifier: 34:1D:15:4C:A1:17:13:25:71:29:EE:48:3B:BE:E5:F7:95:B3:A6:D3
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0186D9E8BBAE85F14D47A3F111515B176B74
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/NB0VTKEXEyVxKe5IO77l95WzptM.roa
Signing time: Mon 13 Mar 2023 07:39:13 +0000
ROA not before: Mon 13 Mar 2023 07:39:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202209
IP address blocks: 82.103.93.0/24 maxlen: 24
62.204.129.0/24 maxlen: 24
212.91.177.0/24 maxlen: 24
217.79.33.0/24 maxlen: 24
85.118.85.0/24 maxlen: 24
85.118.86.0/24 maxlen: 24
82.103.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d9:e8:bb:ae:85:f1:4d:47:a3:f1:11:51:5b:17:6b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Mar 13 07:39:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=341d154ca11713257129ee483bbee5f795b3a6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3c:34:12:bd:a7:71:f4:f9:08:b8:25:f4:6f:
16:8f:9d:d1:36:fb:23:36:f0:35:c2:a8:89:be:b9:
c0:6f:36:4e:4e:f0:70:2f:af:99:ec:ca:b7:b7:1d:
b3:e9:bf:8d:cd:6d:e1:92:a2:26:1b:35:1e:c9:c5:
8d:58:7d:45:b2:39:03:7a:67:50:4d:07:bb:53:29:
28:fa:f3:55:e7:c3:ca:3d:bb:e6:91:d8:c7:ce:1b:
0d:72:5e:93:44:f7:0d:2e:a0:c5:23:a2:fa:40:39:
8f:d0:49:09:c3:61:7a:0a:70:ad:86:2c:2a:1e:d8:
e8:13:cb:b9:f6:eb:89:67:64:84:08:9c:aa:28:5d:
09:d0:d0:ff:8a:86:6e:c0:a3:d1:f4:7f:73:12:d3:
a9:d9:11:b2:c2:c4:33:96:9b:e0:51:a7:26:1c:0c:
c8:c7:ae:e6:58:83:d7:6f:3d:b2:9f:c2:14:9a:83:
31:cb:1d:e7:e6:c3:8b:43:12:60:cc:82:ce:35:bc:
95:36:51:bb:03:2c:3e:1f:e4:2f:57:4a:7b:76:14:
e8:fc:c6:ab:bf:d2:7b:ef:56:af:21:bd:a1:e3:11:
2b:f0:93:89:3e:b6:4d:69:36:10:4f:8a:46:b1:58:
59:8a:7f:29:b3:f2:45:84:da:c5:09:6c:e4:b9:56:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:15:4C:A1:17:13:25:71:29:EE:48:3B:BE:E5:F7:95:B3:A6:D3
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/NB0VTKEXEyVxKe5IO77l95WzptM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.129.0/24
82.103.82.0/24
82.103.93.0/24
85.118.85.0-85.118.86.255
212.91.177.0/24
217.79.33.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7d:39:0b:06:0f:7a:6d:4f:50:13:41:e0:4f:a4:75:2c:3c:
fb:58:85:37:80:d4:5b:b2:02:f2:a6:85:4a:e6:57:89:20:0d:
24:e2:be:de:cb:50:50:a3:f4:45:02:40:13:fd:cd:5a:94:98:
84:9f:a2:73:c3:fe:b1:db:3d:33:93:a4:e1:a3:b6:4c:d5:fb:
cc:d8:33:70:59:6c:04:66:1d:1f:0f:78:c8:89:13:98:15:c6:
f6:53:07:09:e1:f1:bd:32:6d:31:24:ab:77:e0:de:f6:ec:2e:
d6:48:df:8a:81:ea:aa:6e:7d:f0:17:6f:ae:15:3f:b9:a3:04:
1c:98:48:2d:b6:56:1d:8b:0e:7f:57:30:11:b6:b9:30:2b:40:
a3:45:c0:6e:fb:52:41:b7:d0:a1:75:66:da:8a:b9:9e:c4:0d:
31:ec:96:70:7e:3e:6c:25:e5:3f:36:d8:b6:9d:af:f5:0f:ec:
a5:ec:7c:42:89:41:b7:cd:64:63:d3:73:f4:f4:7d:cd:56:97:
e9:75:43:2c:19:aa:4c:69:b6:d1:cf:0a:05:37:13:5f:c5:23:
c8:5e:5d:a4:46:62:24:08:ba:3e:88:2f:dc:99:e0:b2:be:2d:
8e:36:95:fc:14:0b:07:99:bc:62:5f:c9:8a:6b:2e:c7:2c:79:
ee:3b:db:8e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYbZ6LuuhfFNR6PxEVFbF2t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMzEzMDczOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFkMTU0Y2ExMTcxMzI1NzEyOWVlNDgzYmJlZTVmNzk1YjNhNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzw0Er2ncfT5CLgl9G8Wj53RNvsj
NvA1wqiJvrnAbzZOTvBwL6+Z7Mq3tx2z6b+NzW3hkqImGzUeycWNWH1FsjkDemdQ
TQe7Uyko+vNV58PKPbvmkdjHzhsNcl6TRPcNLqDFI6L6QDmP0EkJw2F6CnCthiwq
HtjoE8u59uuJZ2SECJyqKF0J0ND/ioZuwKPR9H9zEtOp2RGywsQzlpvgUacmHAzI
x67mWIPXbz2yn8IUmoMxyx3n5sOLQxJgzILONbyVNlG7Ayw+H+QvV0p7dhTo/Mar
v9J771avIb2h4xEr8JOJPrZNaTYQT4pGsVhZin8ps/JFhNrFCWzkuVacwwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDQdFUyhFxMlcSnuSDu+5feVs6bTMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvTkIwVlRLRVhFeVZ4S2U1SU83N2w5NVd6cHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPsyBAwQA
UmdSAwQAUmddMAwDBABVdlUDBABVdlYDBADUW7EDBADZTyEwDQYJKoZIhvcNAQEL
BQADggEBAHR9OQsGD3ptT1ATQeBPpHUsPPtYhTeA1FuyAvKmhUrmV4kgDSTivt7L
UFCj9EUCQBP9zVqUmISfonPD/rHbPTOTpOGjtkzV+8zYM3BZbARmHR8PeMiJE5gV
xvZTBwnh8b0ybTEkq3fg3vbsLtZI34qB6qpuffAXb64VP7mjBByYSC22Vh2LDn9X
MBG2uTArQKNFwG77UkG30KF1ZtqKuZ7EDTHslnB+Pmwl5T822Ladr/UP7KXsfEKJ
QbfNZGPTc/T0fc1Wl+l1QywZqkxpttHPCgU3E1/FI8heXaRGYiQIuj6IL9yZ4LK+
LY42lfwUCweZvGJfyYprLscsee47244=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org