Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/nnNW5_G_2Sy1BhEiQ05Uj_OO6Ow.roa
File: nnNW5_G_2Sy1BhEiQ05Uj_OO6Ow.roa (raw, json)
Hash identifier: 7qQo3PI10BEjxJS+NcdLBAHe06O3qoU+VEMGjC8qp5w=
Subject key identifier: 9E:73:56:E7:F1:BF:D9:2C:B5:06:11:22:43:4E:54:8F:F3:8E:E8:EC
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 018CC49325EE6CC11E4D26B7CB26A453949A
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/nnNW5_G_2Sy1BhEiQ05Uj_OO6Ow.roa
Signing time: Mon 01 Jan 2024 10:30:26 +0000
ROA not before: Mon 01 Jan 2024 10:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39728
IP address blocks: 185.149.196.0/22 maxlen: 22
178.214.160.0/19 maxlen: 19
185.178.244.0/22 maxlen: 22
178.216.232.0/21 maxlen: 21
91.217.4.0/23 maxlen: 23
176.113.224.0/19 maxlen: 19
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Apr 2024 13:25:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:25:ee:6c:c1:1e:4d:26:b7:cb:26:a4:53:94:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Jan 1 10:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e7356e7f1bfd92cb5061122434e548ff38ee8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:32:ac:6a:0c:7e:0c:64:55:06:02:aa:b9:b3:
8f:c6:84:21:95:0f:47:60:4c:f7:2b:ba:a1:7d:43:
79:1e:5f:4e:5c:9d:c0:78:da:e5:94:f5:0f:2d:58:
3b:58:2d:7a:f6:38:f2:b4:b5:80:f9:d2:a0:ac:2a:
06:6a:12:bd:5f:5d:d3:2c:53:17:bb:27:04:85:5f:
b6:b9:8f:6c:31:3c:ec:a2:70:7e:12:9e:0b:af:4b:
af:7c:b5:e0:f7:c9:c6:a3:74:a4:6f:bc:ef:54:68:
42:36:a2:ae:92:4c:ea:cf:43:79:bc:be:97:11:0d:
4b:d5:f3:d9:16:0e:c1:56:5d:99:e8:7c:e2:ad:58:
c5:3d:c7:62:54:ef:55:2f:15:d3:24:d9:a9:bc:42:
75:94:67:65:57:c8:22:d0:1e:fa:c0:02:98:25:06:
3c:38:a8:fb:75:c2:02:29:d1:b9:6c:04:11:46:22:
8a:73:07:48:0e:75:9c:16:4e:b9:59:fd:1c:9f:db:
fb:28:64:8a:73:d9:67:2f:88:92:6f:db:98:37:93:
10:0c:6a:d0:7e:99:30:a3:65:02:b3:07:7a:a4:b0:
ec:34:45:79:de:37:69:e8:f2:0e:98:be:e8:3b:9c:
1d:eb:4c:46:90:66:c7:e7:db:2b:dd:ab:d2:b4:4f:
93:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:73:56:E7:F1:BF:D9:2C:B5:06:11:22:43:4E:54:8F:F3:8E:E8:EC
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/nnNW5_G_2Sy1BhEiQ05Uj_OO6Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
185.178.244.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
30:99:33:fe:c6:e5:3d:79:8a:41:cb:a4:69:dd:9d:d3:30:c7:
af:2b:d1:b1:65:fe:2b:13:b1:0c:12:16:b1:b1:e9:23:7a:f2:
79:35:e0:be:35:21:c8:71:9c:fc:15:55:0a:95:45:c1:cd:4a:
c3:a2:4d:cf:2c:98:80:7c:4c:9d:80:5e:ea:1b:31:ce:71:51:
eb:f2:5f:57:aa:74:7f:74:2d:64:d0:4e:00:70:46:e4:2d:50:
66:04:c8:75:12:29:5c:25:0c:68:45:7b:ea:7b:64:4b:8e:e0:
06:18:8a:d8:c2:4f:65:fd:dc:61:62:7c:34:9b:a6:86:e3:8d:
65:c1:7f:a0:13:42:b3:69:8e:42:33:62:38:cf:83:3a:1e:fe:
e6:5e:25:7b:22:a9:8b:51:7f:f7:54:b1:46:a8:41:25:5b:92:
11:86:09:d5:f6:d8:5b:73:14:5e:7a:ca:2e:8f:cf:00:c5:c7:
4f:b5:39:8d:45:52:f2:8a:1d:65:d7:03:43:0e:d8:6d:62:64:
55:4a:3f:e4:64:8b:2d:44:5b:39:70:bd:28:44:10:82:99:5f:
3e:18:3c:30:7d:d3:6e:83:9a:7e:3c:45:67:99:a1:43:47:44:
1e:08:d0:c2:02:6c:05:af:79:72:91:6f:a9:59:eb:80:9c:2f:
88:7a:9b:97
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEkyXubMEeTSa3yyakU5SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwMTAxMTAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTczNTZlN2YxYmZkOTJjYjUwNjExMjI0MzRlNTQ4ZmYzOGVlOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjKsagx+DGRVBgKqubOPxoQhlQ9H
YEz3K7qhfUN5Hl9OXJ3AeNrllPUPLVg7WC169jjytLWA+dKgrCoGahK9X13TLFMX
uycEhV+2uY9sMTzsonB+Ep4Lr0uvfLXg98nGo3Skb7zvVGhCNqKukkzqz0N5vL6X
EQ1L1fPZFg7BVl2Z6HzirVjFPcdiVO9VLxXTJNmpvEJ1lGdlV8gi0B76wAKYJQY8
OKj7dcICKdG5bAQRRiKKcwdIDnWcFk65Wf0cn9v7KGSKc9lnL4iSb9uYN5MQDGrQ
fpkwo2UCswd6pLDsNEV53jdp6PIOmL7oO5wd60xGkGbH59sr3avStE+TkQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJ5zVufxv9kstQYRIkNOVI/zjujsMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvbm5OVzVfR18yU3kxQmhFaVEwNVVqX09PNk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEAwQCubL0MA8EAgACMAkDBwEqB2kAAAAwDQYJ
KoZIhvcNAQELBQADggEBADCZM/7G5T15ikHLpGndndMwx68r0bFl/isTsQwSFrGx
6SN68nk14L41IchxnPwVVQqVRcHNSsOiTc8smIB8TJ2AXuobMc5xUevyX1eqdH90
LWTQTgBwRuQtUGYEyHUSKVwlDGhFe+p7ZEuO4AYYitjCT2X93GFifDSbpobjjWXB
f6ATQrNpjkIzYjjPgzoe/uZeJXsiqYtRf/dUsUaoQSVbkhGGCdX22FtzFF56yi6P
zwDFx0+1OY1FUvKKHWXXA0MO2G1iZFVKP+Rkiy1EWzlwvShEEIKZXz4YPDB9026D
mn48RWeZoUNHRB4I0MICbAWveXKRb6lZ64CcL4h6m5c=
-----END CERTIFICATE-----
Generated at Mon Apr 1 16:41:06 2024 by rpki-client on console-ams.rpki-client.org