Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/NgmUCYaVSJrJJMOYdmNAPU8024w.roa
File: NgmUCYaVSJrJJMOYdmNAPU8024w.roa (raw, json)
Hash identifier: wpPxSkFzI9msdxNYaxe/Kg6Zg7oZndO4YStUZsf09gI=
Subject key identifier: 36:09:94:09:86:95:48:9A:C9:24:C3:98:76:63:40:3D:4F:34:DB:8C
Certificate issuer: /CN=c4eb34dda2f8094968494892063351ee0f10e91a
Certificate serial: 01899BCBB7FC9EB65EE5A6B12A0B646AB475
Authority key identifier: C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/NgmUCYaVSJrJJMOYdmNAPU8024w.roa
Signing time: Fri 28 Jul 2023 09:19:26 +0000
ROA not before: Fri 28 Jul 2023 09:19:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 152.89.228.0/22 maxlen: 23
45.80.250.0/23 maxlen: 23
2.58.176.0/22 maxlen: 23
Validation: Failed, certificate revoked on Mon 18 Dec 2023 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:cb:b7:fc:9e:b6:5e:e5:a6:b1:2a:0b:64:6a:b4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eb34dda2f8094968494892063351ee0f10e91a
Validity
Not Before: Jul 28 09:19:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=360994098695489ac924c3987663403d4f34db8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:a4:3a:07:5c:04:38:60:33:f0:fd:a7:9d:
bc:15:b4:a0:6c:7e:d9:a7:25:e6:f1:40:14:2a:cb:
20:ce:d4:23:02:f6:c5:f8:37:0a:b7:9a:b6:d0:d5:
29:92:b8:71:af:22:d4:df:42:d5:47:40:4d:b9:47:
66:e0:db:56:3d:f0:67:fe:ab:72:97:4e:7d:ff:b8:
b6:c6:a4:1d:57:c8:df:8d:a8:20:58:b4:be:8d:3d:
2a:ac:bf:fb:a2:31:e8:f1:f8:45:3b:9b:ef:af:b8:
2f:8c:70:74:d7:0d:f8:60:59:73:46:02:6d:b3:dd:
de:6b:e5:7f:ca:dd:24:ce:05:49:87:ea:05:8a:7a:
cb:17:27:50:c9:74:29:44:76:6f:37:a8:1c:e4:62:
2a:57:49:08:55:22:81:d3:b1:ea:b3:7b:74:26:99:
c2:e5:d7:13:99:27:e6:68:bc:2b:0c:2b:60:4e:f3:
36:36:a0:ee:2d:18:79:0e:bc:13:0e:cd:15:61:ad:
cf:ac:50:c9:50:99:28:cd:d9:48:9a:6e:bf:22:c0:
70:e6:72:83:c1:2e:4f:1f:89:c7:13:7d:00:8e:da:
cb:a6:37:01:76:cb:d1:ae:15:6d:d6:50:d1:28:dd:
b2:3e:23:a6:a7:47:82:48:11:db:52:fb:c1:ad:c8:
2c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:09:94:09:86:95:48:9A:C9:24:C3:98:76:63:40:3D:4F:34:DB:8C
X509v3 Authority Key Identifier:
keyid:C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/NgmUCYaVSJrJJMOYdmNAPU8024w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.176.0/22
45.80.250.0/23
152.89.228.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:fb:ee:2a:e1:71:80:62:6e:5a:86:c9:31:db:c3:fc:11:69:
04:d9:22:89:8b:2c:e4:98:f4:26:cc:42:9b:c5:bb:7d:a8:ff:
c4:a6:73:04:0c:43:b3:60:c6:e1:e4:6d:2a:e1:d7:53:01:92:
70:46:ee:71:b4:17:1d:54:5e:1f:db:de:74:a3:e8:c6:93:7c:
b7:73:f1:6b:cd:ca:be:de:3d:93:42:2d:87:3d:37:d8:d9:69:
b7:cf:da:01:8d:1d:93:6c:e7:d3:14:85:65:36:0c:cf:77:4f:
86:95:73:e7:10:81:76:ae:38:90:cf:2d:aa:fa:71:a7:2b:45:
24:72:72:bd:7b:ae:b4:6a:cd:6d:60:1c:cc:17:92:3a:d5:ad:
04:9b:76:23:9c:96:58:87:08:d7:e4:35:d5:9d:a8:d8:f0:de:
63:05:f7:a5:f1:ba:f9:d0:a2:b6:39:ae:6f:ce:18:a9:a5:1f:
b9:11:56:d3:59:62:ea:48:e7:68:43:56:2d:02:a5:fa:8d:ff:
ad:54:59:df:62:6f:9e:29:50:15:6b:0e:e8:11:9e:12:8e:f3:
fd:3e:8e:0e:c7:34:1b:04:d4:a8:0d:35:72:eb:fb:28:11:fa:
9b:b3:7f:81:ac:5d:e1:01:e6:68:f9:99:53:2b:f7:cc:9f:ba:
e3:dd:06:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmby7f8nrZe5aaxKgtkarR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWIzNGRkYTJmODA5NDk2ODQ5NDg5MjA2MzM1MWVlMGYx
MGU5MWEwHhcNMjMwNzI4MDkxOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA5OTQwOTg2OTU0ODlhYzkyNGMzOTg3NjYzNDAzZDRmMzRkYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/2kOgdcBDhgM/D9p528FbSgbH7Z
pyXm8UAUKssgztQjAvbF+DcKt5q20NUpkrhxryLU30LVR0BNuUdm4NtWPfBn/qty
l059/7i2xqQdV8jfjaggWLS+jT0qrL/7ojHo8fhFO5vvr7gvjHB01w34YFlzRgJt
s93ea+V/yt0kzgVJh+oFinrLFydQyXQpRHZvN6gc5GIqV0kIVSKB07Hqs3t0JpnC
5dcTmSfmaLwrDCtgTvM2NqDuLRh5DrwTDs0VYa3PrFDJUJkozdlImm6/IsBw5nKD
wS5PH4nHE30AjtrLpjcBdsvRrhVt1lDRKN2yPiOmp0eCSBHbUvvBrcgsywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDYJlAmGlUiaySTDmHZjQD1PNNuMMB8GA1UdIwQY
MBaAFMTrNN2i+AlJaElIkgYzUe4PEOkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEt
YTM0N2I1NmYzYjlhLzEvTmdtVUNZYVZTSnJKSk1PWWRtTkFQVTgwMjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEtYTM0N2I1NmYzYjlh
LzEveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjqwAwQB
LVD6AwQCmFnkMA0GCSqGSIb3DQEBCwUAA4IBAQCi++4q4XGAYm5ahskx28P8EWkE
2SKJiyzkmPQmzEKbxbt9qP/EpnMEDEOzYMbh5G0q4ddTAZJwRu5xtBcdVF4f2950
o+jGk3y3c/Frzcq+3j2TQi2HPTfY2Wm3z9oBjR2TbOfTFIVlNgzPd0+GlXPnEIF2
rjiQzy2q+nGnK0UkcnK9e660as1tYBzMF5I61a0Em3YjnJZYhwjX5DXVnajY8N5j
Bfel8br50KK2Oa5vzhippR+5EVbTWWLqSOdoQ1YtAqX6jf+tVFnfYm+eKVAVaw7o
EZ4SjvP9Po4OxzQbBNSoDTVy6/soEfqbs3+BrF3hAeZo+ZlTK/fMn7rj3QYX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:01 2024 by rpki-client on console-fra.rpki-client.org