Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/NXEiIqiX2WU5ATKsaHQB-XuZPZw.roa
File: NXEiIqiX2WU5ATKsaHQB-XuZPZw.roa (raw, json)
Hash identifier: EgTRkMxM6ickWVwU8/FHUctCAe6/KxPH6yNgHnCxCDQ=
Subject key identifier: 35:71:22:22:A8:97:D9:65:39:01:32:AC:68:74:01:F9:7B:99:3D:9C
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0189BA08118D55CBDD9A0E56B4ED52876600
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/NXEiIqiX2WU5ATKsaHQB-XuZPZw.roa
Signing time: Thu 03 Aug 2023 06:13:58 +0000
ROA not before: Thu 03 Aug 2023 06:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 5.44.248.0/24 maxlen: 24
45.67.4.0/22 maxlen: 32
137.59.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
185.72.240.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Aug 2023 08:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:08:11:8d:55:cb:dd:9a:0e:56:b4:ed:52:87:66:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Aug 3 06:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35712222a897d965390132ac687401f97b993d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:fe:4e:9f:11:e4:2e:a4:7f:3f:71:65:23:
40:95:bd:d9:15:e9:20:1c:5c:3b:0d:08:8b:5d:66:
57:eb:cd:b5:cc:08:fd:e1:1b:fd:79:f5:65:78:b6:
c4:96:64:ab:c8:e9:5d:5e:72:b6:97:f8:84:7e:26:
d3:b8:40:7e:f5:ff:88:06:27:a2:70:63:26:94:b2:
a0:e4:3a:a6:b6:70:be:31:f1:96:0a:87:0c:c5:f6:
2c:34:b9:6b:32:fe:e5:7c:46:d0:97:f0:bb:be:36:
79:c0:10:b6:ca:3a:88:c6:77:8d:8c:20:42:5e:e1:
bd:00:d0:8f:ba:ca:ef:ac:96:a2:44:21:d5:d6:5a:
93:4a:49:de:50:a8:d7:2e:30:d6:cc:48:bc:01:18:
e3:94:c4:2d:23:87:39:6b:36:d3:98:0f:13:f7:03:
ff:5e:de:89:b7:3c:36:43:13:b5:93:ec:62:62:ad:
38:96:c9:f9:a9:32:dd:1c:3d:3c:a7:ac:77:80:fb:
0a:c8:e0:6b:1d:8d:f2:4e:51:59:59:9c:4e:dc:a2:
44:86:3c:2b:91:f2:a5:cd:f0:58:0d:88:ae:6e:22:
0a:1e:2f:5d:98:c9:1d:c4:25:09:88:ea:0b:42:6a:
f4:1d:b2:64:73:e4:10:93:c4:cc:69:d1:c2:e3:14:
fc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:71:22:22:A8:97:D9:65:39:01:32:AC:68:74:01:F9:7B:99:3D:9C
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/NXEiIqiX2WU5ATKsaHQB-XuZPZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
5.44.248.0/24
45.67.4.0/22
92.119.168.0/22
137.59.4.0/22
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
03:6e:12:ee:13:92:5a:48:6b:66:a9:09:19:07:ed:12:0b:e9:
2d:d0:6c:78:61:09:e4:17:30:11:3f:a6:84:3b:84:49:2e:03:
e8:2a:27:d2:e3:3b:8b:1d:78:1c:ce:e5:bc:31:02:84:cb:17:
fb:42:2d:9e:2d:09:50:c3:d9:e8:f1:ca:e6:72:05:75:4d:88:
82:04:80:2b:4c:ca:80:3a:79:96:b6:17:6d:bc:64:82:1f:67:
cc:43:d5:20:55:ff:5f:2e:68:8c:f4:51:cd:55:93:ee:32:2c:
8a:d4:c9:a0:fd:f7:ff:74:f3:8d:74:0f:25:db:11:9c:87:0a:
df:87:18:58:f2:e3:a4:0c:99:4e:fa:a3:7b:8a:a1:b9:36:85:
99:d8:3d:06:82:d3:e8:db:2a:a5:1c:e8:0c:7a:19:15:a3:26:
a2:0e:ae:5d:e8:0b:cd:7d:c3:3f:4a:4a:be:88:a1:8f:25:0f:
b6:a0:ee:97:14:36:d4:4a:24:28:87:cd:3c:19:be:7f:3d:da:
31:28:a0:cf:45:3a:a6:86:50:6b:40:d6:46:a0:1c:b8:bd:8e:
fd:6a:2e:9c:db:05:bb:d6:d1:9e:2f:0b:cc:e9:15:43:6d:c9:
e7:bf:75:b3:05:32:f8:9f:0e:5f:a6:27:31:31:10:8d:d9:a8:
50:c5:a4:a8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYm6CBGNVcvdmg5WtO1Sh2YAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwODAzMDYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTcxMjIyMmE4OTdkOTY1MzkwMTMyYWM2ODc0MDFmOTdiOTkzZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxH+Tp8R5C6kfz9xZSNAlb3ZFekg
HFw7DQiLXWZX6821zAj94Rv9efVleLbElmSryOldXnK2l/iEfibTuEB+9f+IBiei
cGMmlLKg5DqmtnC+MfGWCocMxfYsNLlrMv7lfEbQl/C7vjZ5wBC2yjqIxneNjCBC
XuG9ANCPusrvrJaiRCHV1lqTSkneUKjXLjDWzEi8ARjjlMQtI4c5azbTmA8T9wP/
Xt6Jtzw2QxO1k+xiYq04lsn5qTLdHD08p6x3gPsKyOBrHY3yTlFZWZxO3KJEhjwr
kfKlzfBYDYiubiIKHi9dmMkdxCUJiOoLQmr0HbJkc+QQk8TMadHC4xT81QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDVxIiKol9llOQEyrGh0Afl7mT2cMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvTlhFaUlxaVgyV1U1QVRLc2FIUUItWHVaUFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCAjpMAwQA
BSz4AwQCLUMEAwQCXHeoAwQCiTsEAwQCuUjwAwQC1a08MA0GCSqGSIb3DQEBCwUA
A4IBAQADbhLuE5JaSGtmqQkZB+0SC+kt0Gx4YQnkFzARP6aEO4RJLgPoKifS4zuL
HXgczuW8MQKEyxf7Qi2eLQlQw9no8crmcgV1TYiCBIArTMqAOnmWthdtvGSCH2fM
Q9UgVf9fLmiM9FHNVZPuMiyK1Mmg/ff/dPONdA8l2xGchwrfhxhY8uOkDJlO+qN7
iqG5NoWZ2D0GgtPo2yqlHOgMehkVoyaiDq5d6AvNfcM/Skq+iKGPJQ+2oO6XFDbU
SiQoh808Gb5/PdoxKKDPRTqmhlBrQNZGoBy4vY79ai6c2wW71tGeLwvM6RVDbcnn
v3WzBTL4nw5fpicxMRCN2ahQxaSo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org