Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/NkuU6B5Zpp0dHHsSdxs_CTDeO8I.roa
File: NkuU6B5Zpp0dHHsSdxs_CTDeO8I.roa (raw, json)
Hash identifier: mdYnShq8LgxZEDFzOPpq8ebBlJblzrtNhR+jUref2d4=
Subject key identifier: 36:4B:94:E8:1E:59:A6:9D:1D:1C:7B:12:77:1B:3F:09:30:DE:3B:C2
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 018F045BAFC05FD42FE57A7BDA3B2C721D42
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/NkuU6B5Zpp0dHHsSdxs_CTDeO8I.roa
Signing time: Mon 22 Apr 2024 05:51:08 +0000
ROA not before: Mon 22 Apr 2024 05:51:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30962
IP address blocks: 45.129.240.0/22 maxlen: 22
45.129.241.0/24 maxlen: 24
62.108.32.0/20 maxlen: 20
62.108.32.0/24 maxlen: 24
62.108.48.0/20 maxlen: 20
84.19.0.0/19 maxlen: 19
89.107.64.0/21 maxlen: 21
91.190.144.0/21 maxlen: 21
91.230.27.0/24 maxlen: 24
91.230.47.0/24 maxlen: 24
93.190.88.0/21 maxlen: 21
93.190.95.0/24 maxlen: 24
185.147.216.0/22 maxlen: 22
194.113.216.0/23 maxlen: 23
195.62.20.0/23 maxlen: 23
195.191.114.0/23 maxlen: 23
195.225.240.0/22 maxlen: 22
2a00:f70::/32 maxlen: 32
2a03:f200::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Apr 2024 07:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:04:5b:af:c0:5f:d4:2f:e5:7a:7b:da:3b:2c:72:1d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Apr 22 05:51:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=364b94e81e59a69d1d1c7b12771b3f0930de3bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:ed:6e:d2:98:1d:99:04:80:94:bd:ae:1f:
61:26:3d:76:e6:b1:01:da:05:69:a4:ff:7c:53:5e:
80:aa:ba:9f:f9:dd:ad:9d:39:e1:69:91:f7:58:fd:
fd:5e:b7:1c:e4:e3:15:6f:dd:f0:0f:ed:da:da:40:
51:0c:90:52:c9:3b:22:8f:c3:95:24:8f:8b:80:c3:
4c:73:30:28:ca:87:da:dd:60:97:8c:84:a1:b6:0f:
85:67:ec:7d:98:79:5d:24:82:97:9a:22:9f:b1:a5:
16:36:1c:ad:1c:7c:9c:89:c8:ed:02:cd:c4:92:34:
5b:fe:e4:ab:63:da:2e:37:df:27:83:d4:58:fb:d4:
b8:23:37:57:cb:e1:96:9d:24:54:8c:fd:0c:af:c0:
8e:32:88:4f:f4:81:a8:74:31:82:f5:09:ef:f4:b4:
01:50:6a:09:94:b5:ac:73:62:61:f1:a3:6c:87:07:
11:51:e2:6f:9d:08:a6:1d:26:2b:48:8c:a1:f2:56:
18:ea:0d:62:5a:45:18:33:65:ea:79:e4:51:91:94:
91:e6:8c:bb:56:55:f2:cb:16:20:12:01:af:40:29:
1f:9d:17:b6:51:1a:38:c3:ec:83:22:96:80:d6:94:
26:a3:80:29:17:0f:eb:6d:ef:fe:c4:95:42:52:cb:
75:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4B:94:E8:1E:59:A6:9D:1D:1C:7B:12:77:1B:3F:09:30:DE:3B:C2
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/NkuU6B5Zpp0dHHsSdxs_CTDeO8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.240.0/22
62.108.32.0/19
84.19.0.0/19
89.107.64.0/21
91.190.144.0/21
91.230.27.0/24
91.230.47.0/24
93.190.88.0/21
185.147.216.0/22
194.113.216.0/23
195.62.20.0/23
195.191.114.0/23
195.225.240.0/22
IPv6:
2a00:f70::/32
2a03:f200::/32
Signature Algorithm: sha256WithRSAEncryption
60:44:86:50:2f:6f:82:80:4d:fb:13:e0:11:01:2b:c7:9a:48:
3e:b1:be:46:c6:eb:24:15:0c:97:19:52:d6:76:1d:bc:a5:ac:
ee:86:2b:c7:60:65:04:ae:2d:85:18:ae:2a:20:83:ea:42:8e:
24:48:3a:26:b6:ca:34:27:b8:64:16:02:cb:e6:99:f1:de:ca:
f3:30:c9:af:55:23:aa:0b:d1:9f:d9:3a:74:ae:5d:8a:4e:4e:
38:48:aa:ff:e4:c5:76:12:af:6f:68:1b:f7:34:7d:d5:ad:78:
47:2c:6c:7e:be:14:b2:25:2d:ac:4c:f2:ac:fd:96:9a:b6:d5:
66:3f:38:84:8b:08:58:41:4d:1c:1f:d7:f2:0f:23:da:f1:33:
ca:c1:e7:dc:19:8d:5f:e8:6f:70:46:ee:5f:27:5e:88:bb:19:
de:9a:91:a4:e0:93:1f:de:36:e0:27:5c:25:bf:0a:fc:57:a8:
95:31:4a:90:eb:2e:db:cb:12:c4:67:05:e4:c6:04:58:11:a7:
fe:54:09:21:bf:da:09:24:a2:a4:2e:bd:aa:ed:a7:db:96:b3:
d8:9e:d3:c9:3b:75:ae:b8:93:80:a6:45:97:6a:e9:01:66:7d:
c4:f7:42:65:a0:29:56:74:23:af:de:77:d6:51:83:04:1c:d5:
3b:20:a4:17
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY8EW6/AX9Qv5Xp72jssch1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjQwNDIyMDU1MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRiOTRlODFlNTlhNjlkMWQxYzdiMTI3NzFiM2YwOTMwZGUzYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUHtbtKYHZkEgJS9rh9hJj125rEB
2gVppP98U16Aqrqf+d2tnTnhaZH3WP39Xrcc5OMVb93wD+3a2kBRDJBSyTsij8OV
JI+LgMNMczAoyofa3WCXjIShtg+FZ+x9mHldJIKXmiKfsaUWNhytHHycicjtAs3E
kjRb/uSrY9ouN98ng9RY+9S4IzdXy+GWnSRUjP0Mr8COMohP9IGodDGC9Qnv9LQB
UGoJlLWsc2Jh8aNshwcRUeJvnQimHSYrSIyh8lYY6g1iWkUYM2XqeeRRkZSR5oy7
VlXyyxYgEgGvQCkfnRe2URo4w+yDIpaA1pQmo4ApFw/rbe/+xJVCUst1QwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFDZLlOgeWaadHRx7EncbPwkw3jvCMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvTmt1VTZCNVpwcDBkSEhzU2R4c19DVERlTzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQCLYHwAwQF
PmwgAwQFVBMAAwQDWWtAAwQDW76QAwQAW+YbAwQAW+YvAwQDXb5YAwQCuZPYAwQB
wnHYAwQBwz4UAwQBw79yAwQCw+HwMBQEAgACMA4DBQAqAA9wAwUAKgPyADANBgkq
hkiG9w0BAQsFAAOCAQEAYESGUC9vgoBN+xPgEQErx5pIPrG+RsbrJBUMlxlS1nYd
vKWs7oYrx2BlBK4thRiuKiCD6kKOJEg6JrbKNCe4ZBYCy+aZ8d7K8zDJr1UjqgvR
n9k6dK5dik5OOEiq/+TFdhKvb2gb9zR91a14Ryxsfr4UsiUtrEzyrP2WmrbVZj84
hIsIWEFNHB/X8g8j2vEzysHn3BmNX+hvcEbuXydeiLsZ3pqRpOCTH9424CdcJb8K
/FeolTFKkOsu28sSxGcF5MYEWBGn/lQJIb/aCSSipC69qu2n25az2J7TyTt1rriT
gKZFl2rpAWZ9xPdCZaApVnQjr9531lGDBBzVOyCkFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:29 2024 by rpki-client on console-ams.rpki-client.org