Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/NkTeTWTBj2lfjLC-mD4TC1S1zQk.roa
File: NkTeTWTBj2lfjLC-mD4TC1S1zQk.roa (raw, json)
Hash identifier: iT1qUUDj0z8Di141fD8KTD0hBrdG8uscT0tfD/OoyJs=
Subject key identifier: 36:44:DE:4D:64:C1:8F:69:5F:8C:B0:BE:98:3E:13:0B:54:B5:CD:09
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0190399956C7EA5F956FD91FF4E1A0B8648E
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/NkTeTWTBj2lfjLC-mD4TC1S1zQk.roa
Signing time: Fri 21 Jun 2024 07:01:08 +0000
ROA not before: Fri 21 Jun 2024 07:01:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:cac0::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:ec0::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
2a12:8ec0::/29 maxlen: 29
2a12:ccc0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
2a14:7e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jul 2024 20:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:99:56:c7:ea:5f:95:6f:d9:1f:f4:e1:a0:b8:64:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jun 21 07:01:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3644de4d64c18f695f8cb0be983e130b54b5cd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:cc:a0:2e:7e:f5:8c:83:cc:db:d0:94:8c:
91:70:76:6c:63:af:6e:39:fb:a9:df:32:a6:df:1a:
b7:a5:4d:79:ea:32:93:e1:d1:e8:98:60:25:e3:10:
31:b4:03:19:23:47:7d:7e:11:06:d3:d1:9a:4b:a6:
27:5c:1f:41:f0:de:88:d2:ea:9c:9d:97:2f:22:be:
3b:1a:6d:bb:fa:1d:24:84:41:1e:95:ba:80:ef:5a:
c3:59:37:41:80:d4:72:56:cc:4d:2e:15:f8:7b:b9:
a1:f1:25:b4:01:a6:8e:de:f7:8a:83:74:49:62:5a:
03:b5:a6:52:f4:90:ce:2e:58:ef:52:e1:51:0c:56:
50:00:c2:82:aa:bc:5e:fa:78:b1:2e:66:77:94:6f:
02:2c:94:6b:03:21:51:81:50:64:6e:d8:50:e9:3a:
cb:98:db:30:17:f0:29:3b:21:cb:42:a5:d3:87:d7:
65:84:d3:a0:d2:53:1f:0b:45:e8:a6:5a:d7:b0:a7:
0a:18:4a:6e:d4:5f:ae:2f:eb:7b:83:fa:b6:49:1b:
74:18:23:67:4e:fe:f5:ad:21:cc:33:84:92:f4:9d:
02:42:24:53:53:31:b6:5c:88:ee:29:5d:01:8d:65:
7e:79:a6:0d:99:9f:e0:0e:2b:28:2d:41:1e:e3:10:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:44:DE:4D:64:C1:8F:69:5F:8C:B0:BE:98:3E:13:0B:54:B5:CD:09
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/NkTeTWTBj2lfjLC-mD4TC1S1zQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:cac0::/29
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:d480::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a11:dcc0::/29
2a12:440::/29
2a12:ec0::/29
2a12:1900::/29
2a12:6640::/29
2a12:6740::/29
2a12:6f40::/29
2a12:7740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:e240::/29
2a12:f0c0::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
07:43:56:29:d2:0d:3e:c2:94:bb:cd:a2:a4:d9:45:00:ed:f9:
bd:0b:ce:0a:87:a3:70:70:07:3c:82:e4:35:64:33:25:f9:ea:
89:2b:5e:ea:0b:3e:79:be:93:29:90:ac:15:19:42:e1:0e:b7:
02:12:a8:3e:9f:cd:b4:b9:73:22:28:d0:23:04:8b:7e:36:92:
3e:f9:ea:3b:9d:94:4b:78:d8:f7:5a:0f:a4:93:fa:2e:0e:21:
c4:fa:36:11:28:8b:34:47:d7:d6:6a:a6:45:d2:7f:92:0a:53:
ac:f7:8a:d2:1b:57:0b:a4:28:d2:0a:a1:1e:f3:d1:e1:b9:5b:
63:fa:6a:fb:72:6e:3f:32:61:05:a5:c7:35:b0:03:ac:05:a8:
91:fd:d7:85:84:d4:8b:58:fa:26:d1:d2:59:a4:c0:d4:11:59:
45:55:cd:9d:ef:69:c8:89:60:2f:29:ac:30:61:98:8c:b9:d1:
3a:71:e2:8f:53:23:4e:0e:ee:27:8c:3a:77:34:05:15:a6:b3:
1a:34:b4:d8:ad:a8:63:72:11:b4:52:9a:d0:2d:3a:4b:33:bf:
35:2a:01:6e:63:0a:52:2a:24:51:ab:54:5f:1d:ee:8b:a6:3e:
c7:99:37:a9:10:07:a4:af:e6:f0:8b:75:9b:e5:73:15:40:dc:
ee:8f:0c:4a
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZA5mVbH6l+Vb9kf9OGguGSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjIxMDcwMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ0ZGU0ZDY0YzE4ZjY5NWY4Y2IwYmU5ODNlMTMwYjU0YjVjZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7rMoC5+9YyDzNvQlIyRcHZsY69u
Ofup3zKm3xq3pU156jKT4dHomGAl4xAxtAMZI0d9fhEG09GaS6YnXB9B8N6I0uqc
nZcvIr47Gm27+h0khEEelbqA71rDWTdBgNRyVsxNLhX4e7mh8SW0AaaO3veKg3RJ
YloDtaZS9JDOLljvUuFRDFZQAMKCqrxe+nixLmZ3lG8CLJRrAyFRgVBkbthQ6TrL
mNswF/ApOyHLQqXTh9dlhNOg0lMfC0XoplrXsKcKGEpu1F+uL+t7g/q2SRt0GCNn
Tv71rSHMM4SS9J0CQiRTUzG2XIjuKV0BjWV+eaYNmZ/gDisoLUEe4xCFaQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFDZE3k1kwY9pX4ywvpg+EwtUtc0JMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTmtUZVRXVEJqMmxmakxDLW1ENFRDMVMxelFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jASBAIAATAMAwQCuagc
AwQCucmIMIHLBAIAAjCBxAMFAyoGysADBQMqCuLAAwUDKg53gAMFAyoP1IADBQMq
ES9AAwUDKhE7QAMFAyoRckADBQMqEZYAAwUDKhHcwAMFAyoSBEADBQMqEg7AAwUD
KhIZAAMFAyoSZkADBQMqEmdAAwUDKhJvQAMFAyoSd0ADBQMqEo7AAwUDKhLMwAMF
AyoS4kADBQMqEvDAAwUDKhO6AAMFAyoT2sADBQMqFADAAwUDKhQBQAMFAyoUAcAD
BQMqFAgAAwUDKhQPQAMFAyoUfgAwDQYJKoZIhvcNAQELBQADggEBAAdDVinSDT7C
lLvNoqTZRQDt+b0LzgqHo3BwBzyC5DVkMyX56okrXuoLPnm+kymQrBUZQuEOtwIS
qD6fzbS5cyIo0CMEi342kj756judlEt42PdaD6ST+i4OIcT6NhEoizRH19ZqpkXS
f5IKU6z3itIbVwukKNIKoR7z0eG5W2P6avtybj8yYQWlxzWwA6wFqJH914WE1ItY
+ibR0lmkwNQRWUVVzZ3vaciJYC8prDBhmIy50Tpx4o9TI04O7ieMOnc0BRWmsxo0
tNitqGNyEbRSmtAtOkszvzUqAW5jClIqJFGrVF8d7oumPseZN6kQB6Sv5vCLdZvl
cxVA3O6PDEo=
-----END CERTIFICATE-----
Generated at Thu Jul 4 21:28:01 2024 by rpki-client on console-ams.rpki-client.org