Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NnhuhrAl9gf9MTpI7EZj9RSWGRo.roa
File: NnhuhrAl9gf9MTpI7EZj9RSWGRo.roa (raw, json)
Hash identifier: X97xUcrVWdsauXzivGbFDZgpfMje4Z+WoUyHq1WqbTU=
Subject key identifier: 36:78:6E:86:B0:25:F6:07:FD:31:3A:48:EC:46:63:F5:14:96:19:1A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01907D9200CF0335A1621FDE848A26375E0F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NnhuhrAl9gf9MTpI7EZj9RSWGRo.roa
Signing time: Thu 04 Jul 2024 11:47:18 +0000
ROA not before: Thu 04 Jul 2024 11:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
77.90.20.0/24 maxlen: 24
185.13.158.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Jul 2024 04:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:92:00:cf:03:35:a1:62:1f:de:84:8a:26:37:5e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 4 11:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36786e86b025f607fd313a48ec4663f51496191a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6b:00:f4:18:32:54:fc:ee:6b:db:ce:03:fb:
e9:aa:ef:8b:83:f6:ca:12:57:ea:7e:0a:d2:e9:fa:
84:5f:31:92:59:b8:f4:0c:19:42:9f:3a:ce:c5:e1:
5f:0a:73:60:13:00:b6:52:37:46:97:8b:6a:66:7d:
28:08:68:d5:1e:98:19:53:5c:37:06:8e:99:56:a5:
43:a0:d8:84:f7:cb:ac:dd:bf:ad:e9:07:cd:b2:a8:
cc:06:b1:69:91:52:88:44:3e:cc:90:ab:ff:6e:25:
7a:1c:01:25:0e:66:b0:a1:fe:8f:47:a4:01:53:67:
71:0b:39:c3:95:8c:f4:11:21:33:c9:65:00:e1:f9:
d5:82:b3:49:92:9d:ec:bb:01:67:28:35:28:4c:e6:
12:5a:71:1e:c8:f7:04:ad:54:10:84:ed:08:d8:8c:
2b:90:a3:12:7c:db:28:d8:44:c6:d4:36:6e:75:af:
c6:3f:72:ca:6d:f3:df:a4:bd:59:1f:ca:d3:ff:cb:
52:2a:16:3d:40:cf:de:15:17:40:b8:64:cd:69:39:
90:7f:33:25:d3:a9:ac:cb:a6:52:ad:35:55:1a:db:
3a:1e:8c:7c:75:ea:2c:93:d3:c8:e5:48:d4:61:73:
d6:4f:4d:5b:03:d0:f3:b9:a5:ab:e6:20:1c:9d:19:
0d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:78:6E:86:B0:25:F6:07:FD:31:3A:48:EC:46:63:F5:14:96:19:1A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NnhuhrAl9gf9MTpI7EZj9RSWGRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
77.90.20.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:9c:13:b7:bb:84:66:b0:84:cd:6f:c8:06:20:64:f2:a8:ee:
ee:5f:d4:dc:7b:94:e6:2e:da:63:9e:e7:26:51:bd:da:22:9f:
0c:fd:cb:97:8f:a3:11:52:74:dd:45:28:fb:d1:c8:22:61:d0:
8a:11:99:9b:9a:75:d5:4f:6b:6b:f2:42:07:9e:e8:4b:92:f5:
8c:d8:26:5e:c1:c1:65:5d:05:50:e0:3f:fc:42:66:c7:87:6d:
65:1e:cf:25:b6:8f:0d:4c:3f:bb:10:77:44:14:7c:6f:a5:da:
da:21:e7:eb:73:bb:be:67:63:b5:f2:e8:b0:72:14:87:b4:ad:
53:8c:af:e0:91:20:dd:a8:43:bd:e5:84:11:d0:70:c3:66:12:
50:b4:7d:dd:24:f8:d8:3f:ca:48:be:83:e2:65:55:46:6d:26:
55:f1:fa:35:62:85:4c:1b:5a:9f:0b:32:99:e2:db:bb:5b:cf:
ce:2b:23:37:cf:da:e7:31:c3:19:b0:8c:10:d3:55:3f:c0:96:
a7:ea:bd:2a:de:83:02:41:91:4b:e0:f0:19:25:ce:2e:7d:0e:
37:db:ac:70:ab:83:12:76:bc:76:c3:f5:49:33:61:ec:06:c4:
73:ef:9b:bd:06:fd:02:10:fa:33:30:4f:0a:9b:76:5a:7f:c2:
7b:d0:bc:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZB9kgDPAzWhYh/ehIomN14PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNzA0MTE0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc4NmU4NmIwMjVmNjA3ZmQzMTNhNDhlYzQ2NjNmNTE0OTYxOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2sA9BgyVPzua9vOA/vpqu+Lg/bK
ElfqfgrS6fqEXzGSWbj0DBlCnzrOxeFfCnNgEwC2UjdGl4tqZn0oCGjVHpgZU1w3
Bo6ZVqVDoNiE98us3b+t6QfNsqjMBrFpkVKIRD7MkKv/biV6HAElDmawof6PR6QB
U2dxCznDlYz0ESEzyWUA4fnVgrNJkp3suwFnKDUoTOYSWnEeyPcErVQQhO0I2Iwr
kKMSfNso2ETG1DZuda/GP3LKbfPfpL1ZH8rT/8tSKhY9QM/eFRdAuGTNaTmQfzMl
06msy6ZSrTVVGts6Hox8deosk9PI5UjUYXPWT01bA9DzuaWr5iAcnRkNpQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDZ4boawJfYH/TE6SOxGY/UUlhkaMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTm5odWhyQWw5Z2Y5TVRwSTdFWmo5UlNXR1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABebOAwQA
BebcAwQABedXAwQABefIAwQATVoUAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQDV
nBO3u4RmsITNb8gGIGTyqO7uX9Tce5TmLtpjnucmUb3aIp8M/cuXj6MRUnTdRSj7
0cgiYdCKEZmbmnXVT2tr8kIHnuhLkvWM2CZewcFlXQVQ4D/8QmbHh21lHs8lto8N
TD+7EHdEFHxvpdraIefrc7u+Z2O18uiwchSHtK1TjK/gkSDdqEO95YQR0HDDZhJQ
tH3dJPjYP8pIvoPiZVVGbSZV8fo1YoVMG1qfCzKZ4tu7W8/OKyM3z9rnMcMZsIwQ
01U/wJan6r0q3oMCQZFL4PAZJc4ufQ4326xwq4MSdrx2w/VJM2HsBsRz75u9Bv0C
EPozME8Km3Zaf8J70Lwl
-----END CERTIFICATE-----
Generated at Mon Jul 8 05:05:53 2024 by rpki-client on console-fra.rpki-client.org