Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/NpaWD0mL5L-ULAVTdrjn7hTzL6g.roa
File: NpaWD0mL5L-ULAVTdrjn7hTzL6g.roa (raw, json)
Hash identifier: 57DguUlSVz4CkL6vzYW8ey9ftJ9r5A7n6Mcz18TZwIM=
Subject key identifier: 36:96:96:0F:49:8B:E4:BF:94:2C:05:53:76:B8:E7:EE:14:F3:2F:A8
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0190E8C68CE25F63BCCCB8D15DE3C9054FBB
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/NpaWD0mL5L-ULAVTdrjn7hTzL6g.roa
Signing time: Thu 25 Jul 2024 07:24:04 +0000
ROA not before: Thu 25 Jul 2024 07:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 13:59:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:c6:8c:e2:5f:63:bc:cc:b8:d1:5d:e3:c9:05:4f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jul 25 07:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3696960f498be4bf942c055376b8e7ee14f32fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:43:9c:bb:5a:af:30:1c:39:d9:7f:59:cc:
05:08:7e:2f:9f:31:6d:db:f6:95:15:32:f7:86:0e:
be:a1:70:da:1b:2c:36:fb:b2:c9:f0:89:dd:77:2f:
f8:5a:d6:0d:31:04:4b:06:d4:02:c7:14:7a:69:f1:
a5:39:b5:7a:b1:74:57:36:84:91:b8:aa:cc:37:eb:
b2:b7:7f:8c:2a:84:9a:83:a3:ce:ae:47:5b:dc:3e:
95:73:04:cb:cb:69:f3:8f:c4:85:41:d2:e1:a2:7a:
0a:b5:c8:54:a4:93:fb:13:63:61:9e:f9:9e:73:9d:
05:65:a6:c8:5e:21:a8:c2:5b:0f:39:a7:11:dc:df:
31:f9:3a:6d:fe:0d:2b:f9:b1:14:4a:e1:0a:b6:66:
88:64:e8:77:cb:4b:a0:47:76:05:64:1a:7d:d2:02:
1f:ab:ef:ac:af:ad:9c:f7:3b:e0:f5:c0:58:5b:e7:
db:75:bd:de:ce:48:21:f8:4f:74:6d:2c:3f:e9:9a:
2d:c9:be:aa:c7:68:48:29:f6:97:78:61:f0:6d:ce:
86:c2:0a:7a:4e:0d:6e:5a:24:b8:de:3b:32:53:36:
c5:45:e8:63:2e:8c:ee:5c:b4:5d:18:c2:e9:f5:2b:
d2:42:70:25:7c:ed:12:cd:9e:5b:5b:f8:94:39:ee:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:96:96:0F:49:8B:E4:BF:94:2C:05:53:76:B8:E7:EE:14:F3:2F:A8
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/NpaWD0mL5L-ULAVTdrjn7hTzL6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
78.143.252.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
41:d9:30:ac:c7:4d:09:cf:17:0d:2c:e8:e8:24:7b:a1:c8:45:
b1:d7:f6:c5:0b:f1:7e:ed:bb:5b:85:dc:55:df:73:ac:9b:af:
3b:16:1e:f6:48:77:24:85:c7:7c:9f:6c:7e:c8:81:05:64:54:
ab:85:a0:3b:51:21:55:fa:45:b2:f9:a7:17:1c:39:e5:58:30:
8e:c7:01:77:84:96:ee:94:cd:32:11:13:dc:c6:1d:c0:70:2d:
aa:5f:25:c0:0f:ff:5e:0e:13:b6:0b:db:5b:54:35:38:a0:24:
04:28:d3:bc:5e:46:c7:be:68:e2:d2:14:8e:be:bf:c2:d0:ab:
ff:ee:b9:65:5a:1b:3e:0e:ea:a9:cd:b9:65:bf:94:6c:f7:22:
49:e9:30:b4:f4:83:ac:56:e2:11:06:1d:0a:fc:2a:b7:4a:d9:
cd:8c:08:a8:39:d8:1b:ca:9d:4c:e5:2b:fc:3b:fb:5e:27:0d:
f6:fc:a9:ed:9c:02:43:e5:c1:31:68:3a:02:43:3e:eb:3a:a9:
ad:57:64:04:c0:34:66:7e:79:18:90:a0:0d:8d:15:00:6f:84:
bb:ac:5a:a8:f3:8b:e6:29:96:fb:24:51:62:bb:4a:87:64:55:
63:0e:6a:de:2c:d4:e3:d5:1c:45:09:11:97:7b:c9:8e:26:d1:
28:18:a3:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDoxoziX2O8zLjRXePJBU+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwNzI1MDcyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk2OTYwZjQ5OGJlNGJmOTQyYzA1NTM3NmI4ZTdlZTE0ZjMyZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXtDnLtarzAcOdl/WcwFCH4vnzFt
2/aVFTL3hg6+oXDaGyw2+7LJ8Inddy/4WtYNMQRLBtQCxxR6afGlObV6sXRXNoSR
uKrMN+uyt3+MKoSag6POrkdb3D6VcwTLy2nzj8SFQdLhonoKtchUpJP7E2Nhnvme
c50FZabIXiGowlsPOacR3N8x+Tpt/g0r+bEUSuEKtmaIZOh3y0ugR3YFZBp90gIf
q++sr62c9zvg9cBYW+fbdb3ezkgh+E90bSw/6Zotyb6qx2hIKfaXeGHwbc6Gwgp6
Tg1uWiS43jsyUzbFRehjLozuXLRdGMLp9SvSQnAlfO0SzZ5bW/iUOe4JqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDaWlg9Ji+S/lCwFU3a45+4U8y+oMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvTnBhV0QwbUw1TC1VTEFWVGRyam43aFR6TDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBZCaAwQB
To/8AwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQBB2TCsx00JzxcNLOjoJHuhyEWx
1/bFC/F+7btbhdxV33Osm687Fh72SHckhcd8n2x+yIEFZFSrhaA7USFV+kWy+acX
HDnlWDCOxwF3hJbulM0yERPcxh3AcC2qXyXAD/9eDhO2C9tbVDU4oCQEKNO8XkbH
vmji0hSOvr/C0Kv/7rllWhs+Duqpzbllv5Rs9yJJ6TC09IOsVuIRBh0K/Cq3StnN
jAioOdgbyp1M5Sv8O/teJw32/KntnAJD5cExaDoCQz7rOqmtV2QEwDRmfnkYkKAN
jRUAb4S7rFqo84vmKZb7JFFiu0qHZFVjDmreLNTj1RxFCRGXe8mOJtEoGKMF
-----END CERTIFICATE-----
Generated at Sun Aug 11 17:04:45 2024 by rpki-client on console-fra.rpki-client.org