Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ndT1gPFS7cqDKO1fhvamZGdKGNs.roa
File: ndT1gPFS7cqDKO1fhvamZGdKGNs.roa (raw, json)
Hash identifier: 4PYVG1JHG7M6LQkLrFIxtRxKk6NkLGNqE7t3f7XiK30=
Subject key identifier: 9D:D4:F5:80:F1:52:ED:CA:83:28:ED:5F:86:F6:A6:64:67:4A:18:DB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E3C5FF54E5C49866152ED426CF52ADE50
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ndT1gPFS7cqDKO1fhvamZGdKGNs.roa
Signing time: Thu 14 Mar 2024 09:51:45 +0000
ROA not before: Thu 14 Mar 2024 09:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 21
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 17
85.254.49.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.108.0/22 maxlen: 22
85.254.128.0/18 maxlen: 18
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 16
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
185.176.116.0/22 maxlen: 22
217.69.112.0/20 maxlen: 20
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Mar 2024 19:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:5f:f5:4e:5c:49:86:61:52:ed:42:6c:f5:2a:de:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 14 09:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd4f580f152edca8328ed5f86f6a664674a18db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c7:72:1f:03:a4:98:6f:2b:ff:f0:07:9c:36:
8b:05:f4:0d:de:84:5d:92:7c:02:16:2e:48:2d:df:
3f:80:e8:45:8f:cf:41:d9:25:77:7b:48:e9:e6:3f:
a2:00:54:01:32:1a:c8:31:70:fd:05:2d:eb:f2:c4:
51:a4:6f:8e:af:a3:2c:4f:24:c4:74:41:86:20:32:
9d:58:af:92:07:ee:78:b9:81:4d:06:bc:f6:3f:10:
79:bb:6b:61:9e:0e:e5:f9:4d:62:26:fd:7d:5d:2e:
78:53:5e:05:77:97:ca:1b:e2:24:cf:89:fe:08:c3:
62:95:37:1a:4b:54:9c:a6:8a:ec:e6:d0:da:e0:1a:
e1:00:de:b7:8d:9c:34:16:e3:f2:59:0c:11:2d:53:
bc:e1:9a:db:64:3a:ec:e0:d9:8f:d7:7e:0f:99:27:
24:d1:b8:0a:37:7f:7a:8e:2e:c1:fa:11:76:e0:eb:
e7:85:64:da:be:40:9a:ec:c9:9d:c8:d3:ca:76:be:
e9:53:41:0e:d0:ea:6e:43:4e:4b:33:ee:90:97:e6:
77:4b:5e:ef:cc:3b:fc:de:1d:87:8a:f9:91:12:11:
5a:f3:57:c4:62:61:a9:34:a8:5d:b9:14:70:86:0d:
86:6a:6d:fd:2f:09:43:9b:2f:eb:90:78:7a:9e:a2:
da:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D4:F5:80:F1:52:ED:CA:83:28:ED:5F:86:F6:A6:64:67:4A:18:DB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ndT1gPFS7cqDKO1fhvamZGdKGNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
12:b8:a2:b7:b8:f8:f5:c5:a1:95:af:65:33:dd:7e:d1:e8:ef:
d6:88:16:e4:b3:91:18:5f:b0:5f:e4:0c:31:b9:af:e9:26:ce:
e7:aa:85:7b:67:06:01:cd:f4:81:fe:06:26:b9:1a:5c:95:4b:
37:e7:0b:22:5f:10:62:1c:a8:74:fc:4b:db:15:d0:48:9e:6f:
c6:9b:ba:49:a7:f5:97:24:e8:58:d4:79:36:75:69:b5:1b:32:
75:78:47:38:e2:a5:6c:cf:3c:8d:35:bf:ab:cd:79:65:a0:6c:
9a:15:56:35:d9:58:76:7e:10:55:6a:67:ad:e3:83:0c:00:70:
ec:f4:c9:15:2f:0d:61:2c:d6:0c:2b:4d:ae:a2:46:b2:08:8b:
e3:bb:06:59:55:5e:fd:16:21:b7:89:bb:54:f8:7d:fc:b9:68:
d1:19:68:4a:19:38:df:91:a8:ea:4e:8f:99:a7:67:f0:f9:8e:
49:14:d8:f5:51:d8:53:7f:8b:09:47:af:55:ce:a6:49:dc:9f:
2d:f5:a7:7a:a9:45:80:01:db:ab:bd:23:ea:14:d9:8e:f0:13:
47:32:30:80:10:3f:e0:32:c8:11:e6:6d:24:33:89:1e:5f:d4:
a1:2e:54:ce:67:d4:9e:56:ad:00:c2:28:15:05:b6:52:f4:68:
6e:ea:35:72
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY48X/VOXEmGYVLtQmz1Kt5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzE0MDk1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ0ZjU4MGYxNTJlZGNhODMyOGVkNWY4NmY2YTY2NDY3NGExOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMdyHwOkmG8r//AHnDaLBfQN3oRd
knwCFi5ILd8/gOhFj89B2SV3e0jp5j+iAFQBMhrIMXD9BS3r8sRRpG+Or6MsTyTE
dEGGIDKdWK+SB+54uYFNBrz2PxB5u2thng7l+U1iJv19XS54U14Fd5fKG+Ikz4n+
CMNilTcaS1Scpors5tDa4BrhAN63jZw0FuPyWQwRLVO84ZrbZDrs4NmP134PmSck
0bgKN396ji7B+hF24OvnhWTavkCa7MmdyNPKdr7pU0EO0OpuQ05LM+6Ql+Z3S17v
zDv83h2HivmREhFa81fEYmGpNKhduRRwhg2Gam39LwlDmy/rkHh6nqLaSwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJ3U9YDxUu3KgyjtX4b2pmRnShjbMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbmRUMWdQRlM3Y3FES08xZmh2YW1aR2RLR05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQASuKK3uPj1xaGVr2Uz3X7R6O/WiBbks5EYX7Bf5Awxua/pJs7nqoV7ZwYBzfSB
/gYmuRpclUs35wsiXxBiHKh0/EvbFdBInm/Gm7pJp/WXJOhY1Hk2dWm1GzJ1eEc4
4qVszzyNNb+rzXlloGyaFVY12Vh2fhBVamet44MMAHDs9MkVLw1hLNYMK02uokay
CIvjuwZZVV79FiG3ibtU+H38uWjRGWhKGTjfkajqTo+Zp2fw+Y5JFNj1UdhTf4sJ
R69VzqZJ3J8t9ad6qUWAAdurvSPqFNmO8BNHMjCAED/gMsgR5m0kM4keX9ShLlTO
Z9SeVq0AwigVBbZS9Ghu6jVy
-----END CERTIFICATE-----
Generated at Mon Mar 25 21:05:25 2024 by rpki-client on console-fra.rpki-client.org