Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NfWmauNFpb2-x6lZ0pn8SeCY5Yk.roa
File: NfWmauNFpb2-x6lZ0pn8SeCY5Yk.roa (raw, json)
Hash identifier: 8T9DpZqdviXQeXRb7odTpr/cm/1g+amWu1nzsuJCgvc=
Subject key identifier: 35:F5:A6:6A:E3:45:A5:BD:BE:C7:A9:59:D2:99:FC:49:E0:98:E5:89
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018B29A6BF7DD7C032988230279E00E10FA6
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NfWmauNFpb2-x6lZ0pn8SeCY5Yk.roa
Signing time: Fri 13 Oct 2023 15:27:55 +0000
ROA not before: Fri 13 Oct 2023 15:27:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.95.16.0/22 maxlen: 22
185.93.222.0/23 maxlen: 24
213.139.204.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
2a0d:9ec2::/48 maxlen: 48
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
2a0d:d8c0:1::/48 maxlen: 48
2a0d:9ec1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:a6:bf:7d:d7:c0:32:98:82:30:27:9e:00:e1:0f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Oct 13 15:27:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35f5a66ae345a5bdbec7a959d299fc49e098e589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:44:40:8f:e2:4f:9e:b6:66:68:e0:a8:5d:66:
1b:bd:4c:b0:c5:65:0b:1a:bb:d2:7c:c9:4c:8c:94:
81:59:a3:27:30:de:ef:38:94:b6:f6:db:32:c1:cc:
fc:de:60:46:12:af:23:89:db:08:63:f2:68:8a:26:
46:f0:93:61:be:41:10:2d:d6:3a:08:aa:ff:b2:73:
16:50:f4:5a:50:13:16:a1:d7:3f:03:74:12:8e:32:
cd:79:37:2f:f5:15:ec:37:d4:fe:0c:40:e1:1c:f7:
0a:66:3a:25:8a:92:4e:75:4c:c4:4f:18:60:37:3e:
30:d2:75:51:4a:e3:93:ea:0f:ec:68:76:bf:79:d5:
66:a0:a5:60:99:90:a8:d0:34:5c:69:e3:bf:33:6d:
3a:d5:35:b9:78:c2:c5:3e:1f:9e:9e:d7:f5:29:10:
85:6d:63:39:a4:d6:9e:4b:ce:b1:66:d7:89:84:a5:
34:51:f5:03:fa:fa:b3:c6:28:06:54:ec:29:dd:d9:
d3:4e:c3:61:72:2a:1a:b9:05:dd:91:67:45:0c:63:
5f:13:3d:a3:b5:25:c0:72:3c:5a:cb:b1:3a:2e:c9:
dc:20:d4:df:11:95:d4:dc:81:d6:dc:29:62:eb:cf:
e4:92:9b:d5:5e:af:aa:b4:46:bf:f3:1c:4b:86:81:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F5:A6:6A:E3:45:A5:BD:BE:C7:A9:59:D2:99:FC:49:E0:98:E5:89
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NfWmauNFpb2-x6lZ0pn8SeCY5Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/22
45.155.36.0/22
185.93.222.0/23
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:9ec1::/48
2a0d:9ec2::/48
2a0d:d8c0::/47
Signature Algorithm: sha256WithRSAEncryption
28:d1:5e:ac:f3:f4:f3:08:33:ed:1d:0b:a6:fa:df:31:b3:49:
9c:20:4f:fc:5d:d4:9f:bd:1c:1e:5b:d9:f7:28:88:c8:a4:0f:
a5:37:92:13:36:a6:e1:02:0d:ca:35:05:d3:e5:f7:ef:19:db:
25:78:64:5c:c2:7c:2c:0f:83:83:bb:5a:1e:36:23:0a:61:7e:
32:4d:79:c2:e3:f6:97:80:2c:33:42:49:b8:c4:16:49:76:c1:
8d:ba:06:ac:09:e2:27:a7:c1:51:27:28:15:ce:96:fb:e5:bc:
f0:03:d3:46:18:ff:eb:ea:0c:f4:a4:a8:63:4a:34:f9:63:f7:
be:e8:ae:34:9a:88:14:81:b5:22:69:47:3f:3b:06:2f:72:0e:
eb:64:86:97:97:ce:33:c2:32:80:08:ec:af:64:6d:6d:77:2c:
56:f4:4f:95:22:95:e5:dd:94:f6:c1:0d:08:64:2d:ae:78:46:
7e:e2:10:8d:c8:35:0d:8b:d6:29:8b:41:21:2c:70:db:07:3e:
6c:84:ac:40:6e:00:c4:3f:62:ab:62:5b:2d:23:c1:e6:00:63:
eb:4e:c0:ad:96:ff:22:ee:68:d6:d0:29:17:41:c9:f3:4a:8f:
9c:48:13:cb:c9:dd:97:62:0f:0e:04:28:f4:5d:99:f6:3f:b6:
b1:cc:e4:a1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYsppr9918AymIIwJ54A4Q+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjMxMDEzMTUyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY1YTY2YWUzNDVhNWJkYmVjN2E5NTlkMjk5ZmM0OWUwOThlNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlERAj+JPnrZmaOCoXWYbvUywxWUL
GrvSfMlMjJSBWaMnMN7vOJS29tsywcz83mBGEq8jidsIY/JoiiZG8JNhvkEQLdY6
CKr/snMWUPRaUBMWodc/A3QSjjLNeTcv9RXsN9T+DEDhHPcKZjolipJOdUzETxhg
Nz4w0nVRSuOT6g/saHa/edVmoKVgmZCo0DRcaeO/M2061TW5eMLFPh+entf1KRCF
bWM5pNaeS86xZteJhKU0UfUD+vqzxigGVOwp3dnTTsNhcioauQXdkWdFDGNfEz2j
tSXAcjxay7E6LsncINTfEZXU3IHW3Cli68/kkpvVXq+qtEa/8xxLhoHR/wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDX1pmrjRaW9vsepWdKZ/EngmOWJMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvTmZXbWF1TkZwYjIteDZsWjBwbjhTZUNZNVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAqBAIAATAkAwQCLV8QAwQC
LZskAwQBuV3eAwQB1Wz2AwQC1YvMAwQC2cOYMCoEAgACMCQDBwAqDZ7AAAADBwAq
DZ7BAAADBwAqDZ7CAAADBwEqDdjAAAAwDQYJKoZIhvcNAQELBQADggEBACjRXqzz
9PMIM+0dC6b63zGzSZwgT/xd1J+9HB5b2fcoiMikD6U3khM2puECDco1BdPl9+8Z
2yV4ZFzCfCwPg4O7Wh42IwphfjJNecLj9peALDNCSbjEFkl2wY26BqwJ4ienwVEn
KBXOlvvlvPAD00YY/+vqDPSkqGNKNPlj977orjSaiBSBtSJpRz87Bi9yDutkhpeX
zjPCMoAI7K9kbW13LFb0T5UileXdlPbBDQhkLa54Rn7iEI3INQ2L1imLQSEscNsH
PmyErEBuAMQ/YqtiWy0jweYAY+tOwK2W/yLuaNbQKRdByfNKj5xIE8vJ3ZdiDw4E
KPRdmfY/trHM5KE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org