Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ng_ec6y11iHxwlRr4Tm01S-PXGo.roa
File: ng_ec6y11iHxwlRr4Tm01S-PXGo.roa (raw, json)
Hash identifier: DW96qxOTOBjVO76Oyr9PS+cao59bFICxSlhf+7y8e+I=
Subject key identifier: 9E:0F:DE:73:AC:B5:D6:21:F1:C2:54:6B:E1:39:B4:D5:2F:8F:5C:6A
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA9FCAE423B0AC2D1C93915B65DFD359C
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ng_ec6y11iHxwlRr4Tm01S-PXGo.roa
Signing time: Wed 27 Dec 2023 06:35:58 +0000
ROA not before: Wed 27 Dec 2023 06:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/22 maxlen: 22
2.59.155.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a9:fc:ae:42:3b:0a:c2:d1:c9:39:15:b6:5d:fd:35:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 27 06:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e0fde73acb5d621f1c2546be139b4d52f8f5c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:5a:a8:7d:70:f0:65:6c:ed:8e:22:29:c0:
4f:86:e5:97:0e:0d:41:c1:08:81:c8:ca:3a:83:db:
3a:a7:db:61:9d:bc:29:2c:74:64:ee:ce:be:5e:63:
d1:04:fc:68:db:38:9f:fb:3b:13:5f:6e:c9:19:71:
79:60:dd:7a:65:95:98:f2:b2:76:4c:6e:44:c6:bc:
8e:65:51:75:34:8e:38:80:24:e1:23:70:3c:41:f5:
ac:53:cc:93:e3:2f:04:c7:c0:95:e4:d6:92:4f:01:
8c:fc:d8:83:df:ff:cc:e5:f1:84:f1:9f:f2:89:f4:
7d:c9:55:3e:dc:a5:cf:48:3d:06:11:b4:14:4d:07:
b5:7b:17:a3:91:56:fd:95:f3:4c:3c:23:1b:c8:53:
c1:a6:bb:39:85:7c:aa:5a:8f:2b:41:3f:4b:98:4a:
90:48:72:4f:88:8f:a2:d9:2e:5e:98:31:ab:b1:e0:
79:c5:c1:4c:95:be:be:43:5b:b1:fb:91:0a:62:b5:
6f:ce:2e:f2:b5:62:6d:c5:b2:2d:28:f9:38:c3:28:
e2:6e:bd:85:d3:a5:72:b4:91:46:9f:0f:9b:73:6f:
f9:8d:67:fd:c5:11:ef:3a:d0:59:c6:50:9c:de:5a:
5b:61:8c:1c:2a:b7:5e:30:8b:16:05:ea:19:c8:44:
ac:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0F:DE:73:AC:B5:D6:21:F1:C2:54:6B:E1:39:B4:D5:2F:8F:5C:6A
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ng_ec6y11iHxwlRr4Tm01S-PXGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.226.0/24
45.142.152.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
32:bc:2d:00:48:b6:9e:60:80:f3:cb:da:47:a9:e9:65:3d:6c:
04:66:f6:06:d2:62:8c:47:39:dd:05:1b:48:ad:e1:37:7b:3d:
df:04:8f:1e:22:ea:ea:ae:6b:21:a3:72:36:e0:23:e9:11:62:
99:07:c6:fd:49:7a:00:c8:e2:4a:cf:a0:1b:f7:82:09:d4:d7:
3b:84:05:ac:9d:7f:a3:76:0c:08:b6:98:f1:a1:45:e9:5b:5d:
a6:58:30:68:18:33:0e:bf:0f:2f:59:0d:70:95:e0:57:57:0a:
38:60:25:59:fb:e0:2e:2d:9d:d5:bb:0c:8e:28:fb:2c:ba:d2:
15:e4:5f:43:31:2a:47:ff:84:b6:ce:bc:85:50:69:e8:14:6d:
32:76:52:b3:d6:a6:77:f5:6c:50:64:fe:94:1a:56:bd:94:92:
8e:bf:40:50:1f:d9:a7:1c:7f:31:ca:11:ae:9d:cb:ac:c8:9c:
32:65:c6:ac:3a:18:c8:e5:c4:da:3b:22:9c:2b:00:c4:60:2b:
46:4d:ab:a3:40:d2:31:e8:eb:56:8f:09:f6:2a:0d:97:70:34:
76:1d:92:45:c6:30:dc:d6:e3:f9:d6:be:60:df:fb:61:f7:40:
f0:11:8d:84:71:42:e1:27:79:78:54:63:93:b4:11:4f:09:fd:
81:61:ec:1d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyp/K5COwrC0ck5FbZd/TWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI3MDYzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTBmZGU3M2FjYjVkNjIxZjFjMjU0NmJlMTM5YjRkNTJmOGY1YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCtaqH1w8GVs7Y4iKcBPhuWXDg1B
wQiByMo6g9s6p9thnbwpLHRk7s6+XmPRBPxo2zif+zsTX27JGXF5YN16ZZWY8rJ2
TG5ExryOZVF1NI44gCThI3A8QfWsU8yT4y8Ex8CV5NaSTwGM/NiD3//M5fGE8Z/y
ifR9yVU+3KXPSD0GEbQUTQe1exejkVb9lfNMPCMbyFPBprs5hXyqWo8rQT9LmEqQ
SHJPiI+i2S5emDGrseB5xcFMlb6+Q1ux+5EKYrVvzi7ytWJtxbItKPk4wyjibr2F
06VytJFGnw+bc2/5jWf9xRHvOtBZxlCc3lpbYYwcKrdeMIsWBeoZyESsBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ4P3nOstdYh8cJUa+E5tNUvj1xqMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvbmdfZWM2eTExaUh4d2xScjRUbTAxUy1QWEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjuYAwQA
LVviAwQALY6YAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUAA4IBAQAyvC0ASLae
YIDzy9pHqellPWwEZvYG0mKMRzndBRtIreE3ez3fBI8eIurqrmsho3I24CPpEWKZ
B8b9SXoAyOJKz6Ab94IJ1Nc7hAWsnX+jdgwItpjxoUXpW12mWDBoGDMOvw8vWQ1w
leBXVwo4YCVZ++AuLZ3VuwyOKPssutIV5F9DMSpH/4S2zryFUGnoFG0ydlKz1qZ3
9WxQZP6UGla9lJKOv0BQH9mnHH8xyhGuncusyJwyZcasOhjI5cTaOyKcKwDEYCtG
TaujQNIx6OtWjwn2Kg2XcDR2HZJFxjDc1uP51r5g3/th90DwEY2EcULhJ3l4VGOT
tBFPCf2BYewd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org