Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NdR3-Jt1NB-eXuBSCZWxceya99w.roa
File: NdR3-Jt1NB-eXuBSCZWxceya99w.roa (raw, json)
Hash identifier: ldKxVTyxNFJpBncr9kNNiKyu+tqFMR1KYhiwGu736I8=
Subject key identifier: 35:D4:77:F8:9B:75:34:1F:9E:5E:E0:52:09:95:B1:71:EC:9A:F7:DC
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185706769F71966F154841300EC0201BD16
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NdR3-Jt1NB-eXuBSCZWxceya99w.roa
Signing time: Mon 02 Jan 2023 02:55:03 +0000
ROA not before: Mon 02 Jan 2023 02:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204402
IP address blocks: 45.157.200.0/24 maxlen: 24
45.157.201.0/24 maxlen: 24
45.152.10.0/24 maxlen: 24
45.157.35.0/24 maxlen: 24
45.152.38.0/24 maxlen: 24
45.159.192.0/24 maxlen: 24
45.152.39.0/24 maxlen: 24
45.159.193.0/24 maxlen: 24
45.159.194.0/24 maxlen: 24
2a0b:3c40:24::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Nov 2023 15:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:69:f7:19:66:f1:54:84:13:00:ec:02:01:bd:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d477f89b75341f9e5ee0520995b171ec9af7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b3:26:3c:4c:20:e8:1a:d5:33:3f:24:2f:8c:
d1:0a:c4:13:d4:d8:cd:9d:55:c1:1d:fc:2e:68:21:
aa:5a:3b:61:f6:36:f1:e3:34:37:ee:95:95:af:d5:
67:6a:a4:4b:19:5e:a4:ec:e8:53:82:3c:db:a6:1f:
32:ff:ea:a2:3a:6b:43:4c:11:37:51:ce:09:12:30:
6f:fc:1a:79:18:e0:07:3e:8b:04:0c:ad:d5:a3:22:
8f:e1:37:cd:6b:cf:3b:ef:4f:19:98:f6:ea:ed:bc:
6c:54:9d:2b:11:7f:da:06:b1:e4:02:a8:8d:cd:72:
c8:51:7a:5d:0c:26:ae:f9:14:4a:8d:95:3c:1a:18:
15:c5:49:34:46:1b:f3:91:d2:24:49:59:ae:27:5d:
f6:80:9d:a2:2f:e8:fb:9c:38:29:9c:17:eb:ce:8f:
1a:12:16:54:cf:89:55:63:04:86:ae:35:b4:e5:a5:
e5:f0:5d:e6:b5:26:96:fc:3c:44:ae:e8:e1:ed:ee:
9f:7a:9d:2c:d6:b2:76:5d:d1:65:97:19:cc:c9:92:
e9:d9:97:f8:4c:47:66:1f:18:83:6e:10:8b:a6:a9:
a2:c7:72:50:a1:1f:02:04:26:e8:df:70:5b:ca:18:
f4:d6:6b:a6:68:3f:cc:ed:95:de:67:93:e0:94:3a:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D4:77:F8:9B:75:34:1F:9E:5E:E0:52:09:95:B1:71:EC:9A:F7:DC
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/NdR3-Jt1NB-eXuBSCZWxceya99w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.10.0/24
45.152.38.0/23
45.157.35.0/24
45.157.200.0/23
45.159.192.0-45.159.194.255
IPv6:
2a0b:3c40:24::/48
Signature Algorithm: sha256WithRSAEncryption
12:d4:a0:6b:bd:d3:af:8e:91:12:ae:98:3b:5d:9f:66:64:0e:
b4:cc:d3:69:4c:7e:59:d5:3e:9f:59:d5:0e:67:0e:07:f3:b1:
b4:e4:83:ea:ca:aa:69:74:c7:7d:33:4e:2d:df:67:63:4c:ae:
e9:6c:35:ca:ed:2c:0b:cd:9f:13:59:b3:44:91:7a:d8:02:22:
65:69:e7:b1:7d:fb:10:ff:80:86:f2:92:cd:55:a1:7d:60:ee:
d7:d8:91:aa:93:f4:ef:0b:a5:43:96:bc:16:e2:4c:92:eb:bb:
6a:f7:15:b9:4b:65:5d:ab:ba:29:df:5a:fb:c7:87:a2:e2:fc:
c8:8e:9e:ad:6a:a4:4f:d0:03:74:bd:ed:c7:c1:01:66:0c:e4:
50:a7:39:c4:e7:0d:33:4b:81:89:70:5e:24:f7:8d:79:c6:df:
e2:2c:79:7a:6e:f6:1c:d8:62:3d:23:00:89:1b:5d:0f:1f:b7:
32:77:d7:f3:6e:f3:91:b2:9a:ff:30:95:e3:97:02:1b:d2:41:
c1:02:70:d9:56:36:33:82:9a:33:8c:99:58:33:89:6f:a1:76:
04:b7:5e:e8:9a:e7:12:fe:95:6b:58:4a:31:35:18:18:bc:60:
99:26:ea:d4:4f:fb:9b:78:6a:8c:e7:c9:63:09:2b:4a:0f:e7:
59:80:eb:21
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVwZ2n3GWbxVIQTAOwCAb0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ0NzdmODliNzUzNDFmOWU1ZWUwNTIwOTk1YjE3MWVjOWFmN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7MmPEwg6BrVMz8kL4zRCsQT1NjN
nVXBHfwuaCGqWjth9jbx4zQ37pWVr9VnaqRLGV6k7OhTgjzbph8y/+qiOmtDTBE3
Uc4JEjBv/Bp5GOAHPosEDK3VoyKP4TfNa887708ZmPbq7bxsVJ0rEX/aBrHkAqiN
zXLIUXpdDCau+RRKjZU8GhgVxUk0RhvzkdIkSVmuJ132gJ2iL+j7nDgpnBfrzo8a
EhZUz4lVYwSGrjW05aXl8F3mtSaW/DxErujh7e6fep0s1rJ2XdFllxnMyZLp2Zf4
TEdmHxiDbhCLpqmix3JQoR8CBCbo33Bbyhj01mumaD/M7ZXeZ5PglDp92wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFDXUd/ibdTQfnl7gUgmVsXHsmvfcMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvTmRSMy1KdDFOQi1lWHVCU0NaV3hjZXlhOTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQALZgKAwQB
LZgmAwQALZ0jAwQBLZ3IMAwDBAYtn8ADBAAtn8IwDwQCAAIwCQMHACoLPEAAJDAN
BgkqhkiG9w0BAQsFAAOCAQEAEtSga73Tr46REq6YO12fZmQOtMzTaUx+WdU+n1nV
DmcOB/OxtOSD6sqqaXTHfTNOLd9nY0yu6Ww1yu0sC82fE1mzRJF62AIiZWnnsX37
EP+AhvKSzVWhfWDu19iRqpP07wulQ5a8FuJMkuu7avcVuUtlXau6Kd9a+8eHouL8
yI6erWqkT9ADdL3tx8EBZgzkUKc5xOcNM0uBiXBeJPeNecbf4ix5em72HNhiPSMA
iRtdDx+3MnfX827zkbKa/zCV45cCG9JBwQJw2VY2M4KaM4yZWDOJb6F2BLde6Jrn
Ev6Va1hKMTUYGLxgmSbq1E/7m3hqjOfJYwkrSg/nWYDrIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org