Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/NvwFxRZS8BN60Qo7PcJof82bFHw.roa
File: NvwFxRZS8BN60Qo7PcJof82bFHw.roa (raw, json)
Hash identifier: pmPuBRlEdZNwl/mTztgqoDB19GCsrXNVuYbPoMB+ttg=
Subject key identifier: 36:FC:05:C5:16:52:F0:13:7A:D1:0A:3B:3D:C2:68:7F:CD:9B:14:7C
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018CED4E4C00F795DF25CB2FE4A06AFF408B
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/NvwFxRZS8BN60Qo7PcJof82bFHw.roa
Signing time: Tue 09 Jan 2024 08:19:40 +0000
ROA not before: Tue 09 Jan 2024 08:19:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201642
IP address blocks: 194.164.0.0/23 maxlen: 23
194.164.0.0/24 maxlen: 24
194.164.1.0/24 maxlen: 24
121.127.36.0/24 maxlen: 24
185.249.103.0/24 maxlen: 24
185.249.100.0/23 maxlen: 23
185.249.100.0/24 maxlen: 24
185.249.101.0/24 maxlen: 24
185.249.102.0/24 maxlen: 24
185.249.102.0/23 maxlen: 23
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Apr 2024 18:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:4e:4c:00:f7:95:df:25:cb:2f:e4:a0:6a:ff:40:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Jan 9 08:19:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36fc05c51652f0137ad10a3b3dc2687fcd9b147c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:37:82:fb:de:69:f5:49:9e:3c:7f:7c:d7:
db:eb:f0:d8:cf:71:bd:00:97:24:0f:68:9d:c6:18:
5f:28:8e:7e:e3:4c:b7:22:05:a3:1f:0e:2a:ed:f9:
73:df:6f:52:7a:b3:f0:03:17:44:53:86:fd:80:fe:
d7:00:36:7a:86:a1:75:15:e0:fc:4e:f5:e4:75:cf:
21:e2:04:e0:e9:82:89:32:a2:7a:6c:d9:a3:c8:47:
31:fd:46:97:b7:f0:eb:80:a8:dc:a4:05:bd:d1:1f:
d6:0e:8d:61:61:a7:13:41:7d:6a:ac:f8:2e:d9:82:
dc:cf:62:8c:a0:7b:4a:51:bc:4a:65:69:0b:14:1b:
4d:d7:32:84:32:a6:32:21:a4:bf:58:46:72:d9:b5:
00:63:36:7c:28:ab:ad:48:77:e9:59:62:aa:d8:4d:
33:ad:ab:d6:30:74:a8:80:4b:19:4d:25:28:ce:1b:
60:78:18:7c:0e:24:02:32:56:de:8b:54:2a:e3:f4:
c7:5a:af:69:01:ce:25:72:94:3b:5f:80:ed:66:fc:
d3:94:e0:60:a9:68:39:0a:32:b3:b2:d4:ef:45:55:
a3:3b:52:0c:fd:73:c0:a3:e8:7c:e6:d8:f9:57:b8:
2c:e9:e4:91:d4:cc:19:40:87:2c:64:56:50:35:4d:
12:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FC:05:C5:16:52:F0:13:7A:D1:0A:3B:3D:C2:68:7F:CD:9B:14:7C
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/NvwFxRZS8BN60Qo7PcJof82bFHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.36.0/24
185.249.100.0/22
194.164.0.0/23
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
86:83:25:9f:27:24:13:01:9e:e0:e5:ba:d1:fd:cf:78:ef:28:
eb:36:3c:50:52:2f:2a:ea:6b:d8:52:e5:eb:c8:86:8c:4d:04:
e5:f7:f8:70:1b:5b:53:f0:02:53:18:1a:8f:45:bd:4a:26:fa:
e5:73:fa:9b:ae:aa:79:e4:1f:b0:c9:8f:75:26:c9:e9:05:49:
91:ad:2f:b8:7b:23:a3:ca:97:68:c4:5d:0e:c1:6e:c6:49:ca:
71:84:52:b3:6b:99:49:99:b3:08:9f:14:bb:cb:e1:2e:25:51:
2e:5f:b0:e3:58:3e:e9:53:d3:bd:19:0c:ac:c8:04:f0:61:77:
d7:27:7d:a6:f9:f1:db:b2:81:3b:50:b0:46:c7:5a:c5:7e:c2:
53:de:bb:7b:a3:50:0a:cb:53:82:59:cf:74:1a:0c:74:93:ea:
46:3d:ed:85:a9:81:32:f8:7c:50:e7:d4:77:12:27:a5:be:9f:
fe:99:db:d2:e3:84:70:c3:2b:59:ec:f7:88:a8:53:34:7f:79:
bc:04:78:33:5a:d1:3d:46:55:fc:3e:0e:ea:e9:92:62:8b:c1:
71:88:08:fe:4e:13:6f:42:52:6b:81:08:4d:fd:e2:82:55:08:
ee:dd:28:c4:d2:81:62:cc:48:45:1f:f0:e6:a2:81:27:5b:02:
2c:41:4f:ed
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYztTkwA95XfJcsv5KBq/0CLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjQwMTA5MDgxOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZjMDVjNTE2NTJmMDEzN2FkMTBhM2IzZGMyNjg3ZmNkOWIxNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH43gvveafVJnjx/fNfb6/DYz3G9
AJckD2idxhhfKI5+40y3IgWjHw4q7flz329SerPwAxdEU4b9gP7XADZ6hqF1FeD8
TvXkdc8h4gTg6YKJMqJ6bNmjyEcx/UaXt/DrgKjcpAW90R/WDo1hYacTQX1qrPgu
2YLcz2KMoHtKUbxKZWkLFBtN1zKEMqYyIaS/WEZy2bUAYzZ8KKutSHfpWWKq2E0z
ravWMHSogEsZTSUozhtgeBh8DiQCMlbei1Qq4/THWq9pAc4lcpQ7X4DtZvzTlOBg
qWg5CjKzstTvRVWjO1IM/XPAo+h85tj5V7gs6eSR1MwZQIcsZFZQNU0S4QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDb8BcUWUvATetEKOz3CaH/NmxR8MB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvTnZ3RnhSWlM4Qk42MFFvN1BjSm9mODJiRkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAeX8kAwQC
uflkAwQBwqQAMA0EAgACMAcDBQAqFDIAMA0GCSqGSIb3DQEBCwUAA4IBAQCGgyWf
JyQTAZ7g5brR/c947yjrNjxQUi8q6mvYUuXryIaMTQTl9/hwG1tT8AJTGBqPRb1K
Jvrlc/qbrqp55B+wyY91JsnpBUmRrS+4eyOjypdoxF0OwW7GScpxhFKza5lJmbMI
nxS7y+EuJVEuX7DjWD7pU9O9GQysyATwYXfXJ32m+fHbsoE7ULBGx1rFfsJT3rt7
o1AKy1OCWc90Ggx0k+pGPe2FqYEy+HxQ59R3Eielvp/+mdvS44RwwytZ7PeIqFM0
f3m8BHgzWtE9RlX8Pg7q6ZJii8FxiAj+ThNvQlJrgQhN/eKCVQju3SjE0oFizEhF
H/DmooEnWwIsQU/t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org