Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NiCsZAHSFR0jDMZZPTWGqX3EI9A.roa
File: NiCsZAHSFR0jDMZZPTWGqX3EI9A.roa (raw, json)
Hash identifier: qV+YZhJUhjaUGvMvw+ETdkhLZEACkbD5x0FExp45HLc=
Subject key identifier: 36:20:AC:64:01:D2:15:1D:23:0C:C6:59:3D:35:86:A9:7D:C4:23:D0
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018A1D407FA10B238657EDD342AF30A54E01
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NiCsZAHSFR0jDMZZPTWGqX3EI9A.roa
Signing time: Tue 22 Aug 2023 12:38:00 +0000
ROA not before: Tue 22 Aug 2023 12:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 212.87.214.0/23 maxlen: 23
185.132.55.0/24 maxlen: 24
185.132.54.0/24 maxlen: 24
45.137.71.0/24 maxlen: 24
45.137.69.0/24 maxlen: 24
45.131.109.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.145.224.0/23 maxlen: 23
45.91.251.0/24 maxlen: 24
5.180.252.0/23 maxlen: 23
46.243.76.0/22 maxlen: 22
5.180.254.0/23 maxlen: 23
5.253.244.0/24 maxlen: 24
45.134.108.0/23 maxlen: 23
45.134.108.0/24 maxlen: 24
45.134.109.0/24 maxlen: 24
45.84.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:40:7f:a1:0b:23:86:57:ed:d3:42:af:30:a5:4e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 22 12:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3620ac6401d2151d230cc6593d3586a97dc423d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5f:47:fe:29:1e:92:65:81:3c:15:0c:a3:ff:
1d:21:d6:70:da:a2:3f:48:90:7a:60:d5:d2:1e:39:
79:32:ec:8f:a7:db:f4:d1:bd:b9:4f:d7:f7:bb:48:
6c:52:1b:57:a5:21:fb:30:07:06:38:fc:d0:20:8c:
fc:41:5b:b2:d0:00:2b:15:9c:f1:a9:95:1b:bc:3e:
2e:00:f1:31:9e:ac:ba:24:1d:ff:c3:64:3e:92:f0:
db:30:bf:c5:38:92:a1:d0:43:a7:b0:36:d9:19:6c:
56:5f:54:e3:0f:7a:c9:a7:40:dc:5e:05:36:9c:d8:
f7:bc:43:c0:be:41:5e:bf:9d:89:2c:6d:37:36:43:
3b:f7:17:f9:d3:52:3f:3c:f8:5a:f1:78:9f:75:96:
6f:f9:66:23:b0:94:bd:03:f1:a6:c8:f3:74:9f:a3:
23:35:d9:4f:4b:16:94:f8:8d:ce:58:49:dc:dc:b4:
41:07:82:d3:8f:e7:06:2c:98:51:d1:ee:4f:2a:d1:
9e:41:d3:98:a0:fe:7e:8e:cb:da:b3:6a:2b:ee:5c:
c5:7f:5a:62:4c:f7:e7:e5:7a:73:55:45:38:4c:93:
d5:4d:0a:26:f8:04:7c:7a:2a:47:83:f0:ec:d3:35:
2e:4f:1c:2a:28:e1:21:62:1d:e1:cb:bb:41:43:8e:
12:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:20:AC:64:01:D2:15:1D:23:0C:C6:59:3D:35:86:A9:7D:C4:23:D0
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NiCsZAHSFR0jDMZZPTWGqX3EI9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.252.0/22
5.253.244.0/24
45.67.136.0/24
45.84.199.0/24
45.91.251.0/24
45.131.109.0/24
45.134.108.0/23
45.137.69.0/24
45.137.71.0/24
45.145.224.0/23
46.243.76.0/22
185.132.54.0/23
212.87.214.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:18:3f:2e:d2:7a:9b:9d:14:dd:b1:cf:4d:db:3f:dc:76:2d:
47:91:70:4f:52:b4:2e:6d:e9:c3:64:81:d4:ae:f9:49:07:73:
75:a4:c0:06:76:94:40:9e:20:03:79:3f:55:e9:68:5e:7e:78:
26:45:15:3d:61:a1:f6:83:40:35:86:12:27:23:2c:64:61:8e:
bd:55:ab:2f:72:29:49:87:27:b8:cf:da:af:fc:33:33:fd:d2:
2a:87:41:06:22:ee:7e:21:1a:7d:1f:de:c4:49:a5:4a:5c:5c:
7b:7f:b2:54:09:ef:79:11:25:4f:f1:fd:9e:43:78:f4:bd:b6:
3d:fc:f4:ca:ce:a1:91:c8:6d:9b:cd:c3:a4:84:77:56:ff:24:
21:d6:b0:99:67:a4:05:b6:98:2d:ad:03:ad:d6:78:d3:d7:27:
1f:c0:25:f9:4b:ed:31:32:3e:ca:ed:3e:fc:4f:4c:a9:4a:73:
10:95:c5:89:23:01:1e:5d:c1:2b:93:4b:29:f5:ec:78:46:e9:
ef:d7:d3:fc:1a:34:67:25:59:0e:61:41:5e:49:21:c7:e2:50:
62:4b:ef:ca:8d:e5:51:78:ff:7d:b7:a4:b1:72:30:b6:de:20:
a5:11:5f:d0:80:65:2e:35:00:6a:58:42:55:3e:14:3d:75:c0:
d3:6c:cc:ec
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYodQH+hCyOGV+3TQq8wpU4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODIyMTIzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjIwYWM2NDAxZDIxNTFkMjMwY2M2NTkzZDM1ODZhOTdkYzQyM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl9H/ikekmWBPBUMo/8dIdZw2qI/
SJB6YNXSHjl5MuyPp9v00b25T9f3u0hsUhtXpSH7MAcGOPzQIIz8QVuy0AArFZzx
qZUbvD4uAPExnqy6JB3/w2Q+kvDbML/FOJKh0EOnsDbZGWxWX1TjD3rJp0DcXgU2
nNj3vEPAvkFev52JLG03NkM79xf501I/PPha8XifdZZv+WYjsJS9A/GmyPN0n6Mj
NdlPSxaU+I3OWEnc3LRBB4LTj+cGLJhR0e5PKtGeQdOYoP5+jsvas2or7lzFf1pi
TPfn5XpzVUU4TJPVTQom+AR8eipHg/Ds0zUuTxwqKOEhYh3hy7tBQ44S2wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDYgrGQB0hUdIwzGWT01hql9xCPQMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTmlDc1pBSFNGUjBqRE1aWlBUV0dxWDNFSTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBbT8AwQA
Bf30AwQALUOIAwQALVTHAwQALVv7AwQALYNtAwQBLYZsAwQALYlFAwQALYlHAwQB
LZHgAwQCLvNMAwQBuYQ2AwQB1FfWMA0GCSqGSIb3DQEBCwUAA4IBAQB9GD8u0nqb
nRTdsc9N2z/cdi1HkXBPUrQubenDZIHUrvlJB3N1pMAGdpRAniADeT9V6Whefngm
RRU9YaH2g0A1hhInIyxkYY69VasvcilJhye4z9qv/DMz/dIqh0EGIu5+IRp9H97E
SaVKXFx7f7JUCe95ESVP8f2eQ3j0vbY9/PTKzqGRyG2bzcOkhHdW/yQh1rCZZ6QF
tpgtrQOt1njT1ycfwCX5S+0xMj7K7T78T0ypSnMQlcWJIwEeXcErk0sp9ex4Runv
19P8GjRnJVkOYUFeSSHH4lBiS+/KjeVReP99t6SxcjC23iClEV/QgGUuNQBqWEJV
PhQ9dcDTbMzs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org