Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/NWJECGfC12H7bPyGo6M-cMFYVew.roa
File: NWJECGfC12H7bPyGo6M-cMFYVew.roa (raw, json)
Hash identifier: g9D33ciP32/RNw+AShaUrxvfTS4lp+zNNLoBNcFlIKM=
Subject key identifier: 35:62:44:08:67:C2:D7:61:FB:6C:FC:86:A3:A3:3E:70:C1:58:55:EC
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 018CC3B71D318890B9E1EE8025E1EEF49B7E
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/NWJECGfC12H7bPyGo6M-cMFYVew.roa
Signing time: Mon 01 Jan 2024 06:30:06 +0000
ROA not before: Mon 01 Jan 2024 06:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14061
IP address blocks: 167.172.0.0/16 maxlen: 22
146.185.128.0/19 maxlen: 22
5.101.96.0/20 maxlen: 24
146.185.160.0/19 maxlen: 22
185.14.184.0/22 maxlen: 22
178.128.0.0/17 maxlen: 22
37.139.0.0/19 maxlen: 22
188.166.0.0/16 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
46.101.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
80.240.128.0/20 maxlen: 22
178.62.0.0/16 maxlen: 22
2a03:b0c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 May 2024 10:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1d:31:88:90:b9:e1:ee:80:25:e1:ee:f4:9b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Jan 1 06:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3562440867c2d761fb6cfc86a3a33e70c15855ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:86:59:2c:83:83:25:2f:9a:bd:77:42:77:2d:
64:84:95:e0:c6:7f:38:bd:58:66:d2:7c:10:8a:61:
a6:83:55:7b:3e:ed:73:e1:2c:38:6a:b1:14:cc:9d:
26:0c:dc:b5:27:e3:18:9e:fa:32:8c:44:6d:64:af:
54:a0:4a:ec:d3:78:0e:9e:55:36:da:5f:94:90:b8:
af:21:66:c0:a5:26:d8:0f:ec:72:5f:9a:cf:8d:ee:
6d:88:66:fe:7f:3f:94:cc:eb:8f:04:14:15:1d:7d:
e7:af:f5:07:42:7a:45:17:2d:bc:95:f7:0a:82:42:
45:6d:50:1a:79:c8:53:03:f7:c3:b6:17:3e:25:b1:
ef:18:20:ae:fc:17:0c:3d:fa:76:1d:5e:e1:4f:5f:
dc:4b:22:0c:84:91:b9:5a:1d:3b:97:03:0e:34:c1:
c1:0c:be:cb:ce:ac:8a:38:c3:f6:08:61:ed:75:b2:
e9:77:11:40:06:cb:6b:f9:89:c5:0a:db:74:52:8c:
87:7f:a2:2f:d7:2c:30:51:d3:4a:88:cf:9b:d0:6a:
57:9e:5a:31:d2:92:28:cf:b8:c7:df:c9:8a:c3:17:
f9:92:46:42:f1:05:9d:1b:b6:e6:ec:c6:2c:04:93:
22:f1:14:5d:66:a2:d0:a2:7d:55:0c:15:a7:1b:6a:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:62:44:08:67:C2:D7:61:FB:6C:FC:86:A3:A3:3E:70:C1:58:55:EC
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/NWJECGfC12H7bPyGo6M-cMFYVew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:eb:37:31:0e:9c:15:36:31:5e:3f:ef:a5:a8:00:c1:40:a2:
ff:43:16:2f:bb:c8:b1:d1:8a:e6:63:c2:6a:09:b3:0c:bf:33:
64:98:01:91:90:ad:1d:b0:16:75:f4:9d:72:2d:a6:18:43:3a:
16:c9:69:21:bd:1a:1d:2b:c5:98:d0:75:0a:76:ff:2e:b6:36:
d4:00:97:6d:ab:15:7b:5a:f1:ca:f6:52:b2:c2:5d:40:a4:65:
a9:c5:f4:60:27:40:bf:b0:e0:85:ad:ed:22:d7:9a:49:2a:c9:
39:b2:72:20:6a:ed:78:b4:2e:e4:01:c1:fa:a3:e5:c1:e0:07:
c0:f3:0a:16:7a:65:46:f4:ee:b9:5d:1a:d5:59:6f:af:89:bf:
45:2b:c9:bb:06:39:df:4e:a7:2f:76:94:4c:8e:8d:30:ab:db:
f8:18:bf:73:21:c3:4a:d8:b9:26:8f:e6:11:4d:b8:e1:cd:a4:
3c:73:a6:da:14:58:aa:62:3e:9b:63:29:eb:47:64:40:3c:59:
b9:27:40:83:a9:9a:27:29:24:ee:e4:30:ac:51:71:48:e1:72:
f9:1e:b1:62:45:f7:c5:60:b7:4e:06:85:63:96:03:f0:81:ee:
63:28:b2:b5:2c:83:21:2a:2a:cc:ec:11:8c:8c:06:b8:1b:94:
cc:33:5e:73
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzDtx0xiJC54e6AJeHu9Jt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjQwMTAxMDYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTYyNDQwODY3YzJkNzYxZmI2Y2ZjODZhM2EzM2U3MGMxNTg1NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4ZZLIODJS+avXdCdy1khJXgxn84
vVhm0nwQimGmg1V7Pu1z4Sw4arEUzJ0mDNy1J+MYnvoyjERtZK9UoErs03gOnlU2
2l+UkLivIWbApSbYD+xyX5rPje5tiGb+fz+UzOuPBBQVHX3nr/UHQnpFFy28lfcK
gkJFbVAaechTA/fDthc+JbHvGCCu/BcMPfp2HV7hT1/cSyIMhJG5Wh07lwMONMHB
DL7LzqyKOMP2CGHtdbLpdxFABstr+YnFCtt0UoyHf6Iv1ywwUdNKiM+b0GpXnlox
0pIoz7jH38mKwxf5kkZC8QWdG7bm7MYsBJMi8RRdZqLQon1VDBWnG2o08QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDViRAhnwtdh+2z8hqOjPnDBWFXsMB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvTldKRUNHZkMxMkg3YlB5R282TS1jTUZZVmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQEBWVgAwQF
JYsAAwMALmUDBARQ8IADBARSxAADBAZfVQADBAaSuYADAwCnrAMDALI+AwMAsoAD
BAK5DrgDAwC8pgMEB7zigDANBAIAAjAHAwUAKgOwwDANBgkqhkiG9w0BAQsFAAOC
AQEAfOs3MQ6cFTYxXj/vpagAwUCi/0MWL7vIsdGK5mPCagmzDL8zZJgBkZCtHbAW
dfSdci2mGEM6FslpIb0aHSvFmNB1Cnb/LrY21ACXbasVe1rxyvZSssJdQKRlqcX0
YCdAv7Dgha3tIteaSSrJObJyIGrteLQu5AHB+qPlweAHwPMKFnplRvTuuV0a1Vlv
r4m/RSvJuwY5306nL3aUTI6NMKvb+Bi/cyHDSti5Jo/mEU244c2kPHOm2hRYqmI+
m2Mp60dkQDxZuSdAg6maJykk7uQwrFFxSOFy+R6xYkX3xWC3TgaFY5YD8IHuYyiy
tSyDISoqzOwRjIwGuBuUzDNecw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:06 2024 by rpki-client on console-fra.rpki-client.org