Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/nBFTnlE44qijuR2q825F9756o9c.roa
File: nBFTnlE44qijuR2q825F9756o9c.roa (raw, json)
Hash identifier: NcQtgaT5en4iKF7C8wri5anFYlj6SNJkPWx1ReLDCd4=
Subject key identifier: 9C:11:53:9E:51:38:E2:A8:A3:B9:1D:AA:F3:6E:45:F7:BE:7A:A3:D7
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01857195781E302C06D1DFC0D6995B8F9225
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/nBFTnlE44qijuR2q825F9756o9c.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35077
IP address blocks: 166.108.128.0/19 maxlen: 24
45.13.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 07 Nov 2023 10:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:78:1e:30:2c:06:d1:df:c0:d6:99:5b:8f:92:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c11539e5138e2a8a3b91daaf36e45f7be7aa3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e3:ea:cb:46:26:88:b7:24:82:14:f3:92:d3:
62:6e:42:2e:a7:81:3a:21:73:31:45:9d:76:7f:f5:
e2:bd:6c:64:ec:2b:c1:65:a9:7d:3f:69:00:a8:f1:
0b:5f:82:23:c8:62:cc:01:67:b0:82:c2:7f:4f:65:
f5:05:3c:af:50:97:d0:36:d2:8a:b5:1f:a7:58:d8:
f7:dd:23:54:1e:0c:14:af:a2:fc:da:49:fa:82:2a:
b6:8d:8e:3e:fd:d2:c9:6e:7e:6a:2a:02:51:88:92:
89:91:c8:94:6e:54:47:40:09:1c:99:07:81:e2:f0:
0f:9a:70:ff:b2:a5:c8:23:ad:47:0c:c0:c4:86:79:
51:67:ff:4c:80:eb:b0:fd:98:ff:35:a4:40:93:df:
04:5b:41:a3:8b:7e:85:33:b1:e7:8d:90:77:1f:f3:
31:3a:e6:81:4d:eb:87:c4:f4:98:02:ea:c7:07:f2:
60:89:d1:ae:a0:bd:36:f0:34:30:d1:98:22:98:2f:
f4:14:97:10:db:f5:2c:64:95:e2:8d:e2:9c:d5:82:
66:6b:73:41:fa:22:bc:b4:78:15:b6:4d:a0:de:c8:
8b:db:8d:33:94:dc:35:f4:b3:3a:f9:f8:5a:00:0e:
e0:59:35:b6:95:7a:46:47:39:6e:ba:eb:d7:3e:df:
e6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:11:53:9E:51:38:E2:A8:A3:B9:1D:AA:F3:6E:45:F7:BE:7A:A3:D7
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/nBFTnlE44qijuR2q825F9756o9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.32.0/22
166.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
61:82:51:9b:01:13:3f:b4:5f:41:9c:4b:ad:db:a2:ea:34:b8:
6a:e2:22:4d:4a:78:c6:69:c1:eb:65:df:73:12:ae:92:d9:f5:
ce:16:21:c1:9a:7d:75:62:11:d8:ca:19:64:71:d3:f3:80:ed:
71:9b:b9:75:3a:05:2e:40:82:e4:ff:dc:af:92:ff:5c:64:d1:
d9:f5:a2:8d:f6:af:7d:5e:da:ed:1a:3a:d2:58:80:9c:c2:46:
04:21:da:bd:e6:bf:2f:3b:5e:31:74:08:9d:44:a7:20:c7:62:
f2:11:a5:7a:20:0b:16:7d:84:05:ef:5a:64:fd:9e:09:ba:18:
4f:19:bc:64:4f:14:d1:51:80:12:ac:0c:53:5b:5c:a7:60:d1:
98:9b:76:0e:9c:ec:81:6c:cb:47:17:fb:2f:d5:22:27:1f:3c:
72:57:ef:17:70:ee:ab:05:1a:f3:a7:0e:d0:94:28:f8:c3:b9:
e6:5f:2f:0f:28:cc:4d:e7:19:8f:06:4b:48:bf:49:26:a4:df:
3c:8f:07:bf:31:42:df:b3:0f:bb:df:f1:d1:3e:68:6a:0c:49:
f8:b0:64:18:bc:2e:87:8b:be:35:89:1c:2d:65:90:eb:a2:54:
f1:02:5c:18:ec:59:43:40:2b:3b:63:50:b2:de:d2:32:2c:cb:
2d:ce:dd:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxlXgeMCwG0d/A1plbj5IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzExNTM5ZTUxMzhlMmE4YTNiOTFkYWFmMzZlNDVmN2JlN2FhM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruPqy0YmiLckghTzktNibkIup4E6
IXMxRZ12f/XivWxk7CvBZal9P2kAqPELX4IjyGLMAWewgsJ/T2X1BTyvUJfQNtKK
tR+nWNj33SNUHgwUr6L82kn6giq2jY4+/dLJbn5qKgJRiJKJkciUblRHQAkcmQeB
4vAPmnD/sqXII61HDMDEhnlRZ/9MgOuw/Zj/NaRAk98EW0Gji36FM7HnjZB3H/Mx
OuaBTeuHxPSYAurHB/JgidGuoL028DQw0ZgimC/0FJcQ2/UsZJXijeKc1YJma3NB
+iK8tHgVtk2g3siL240zlNw19LM6+fhaAA7gWTW2lXpGRzluuuvXPt/mjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJwRU55ROOKoo7kdqvNuRfe+eqPXMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvbkJGVG5sRTQ0cWlqdVIycTgyNUY5NzU2bzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ0gAwQF
pmyAMA0GCSqGSIb3DQEBCwUAA4IBAQBhglGbARM/tF9BnEut26LqNLhq4iJNSnjG
acHrZd9zEq6S2fXOFiHBmn11YhHYyhlkcdPzgO1xm7l1OgUuQILk/9yvkv9cZNHZ
9aKN9q99XtrtGjrSWICcwkYEIdq95r8vO14xdAidRKcgx2LyEaV6IAsWfYQF71pk
/Z4JuhhPGbxkTxTRUYASrAxTW1ynYNGYm3YOnOyBbMtHF/sv1SInHzxyV+8XcO6r
BRrzpw7QlCj4w7nmXy8PKMxN5xmPBktIv0kmpN88jwe/MULfsw+73/HRPmhqDEn4
sGQYvC6Hi741iRwtZZDrolTxAlwY7FlDQCs7Y1Cy3tIyLMstzt2O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:46 2024 by rpki-client on console-fra.rpki-client.org