Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/NpiGkfuh_hWSBlv7P0Dy5Af3f7k.roa
File: NpiGkfuh_hWSBlv7P0Dy5Af3f7k.roa (raw, json)
Hash identifier: DJJMPsvFrSakOvzyjZJbdaqgsa/bk2aVMfdBsTZyLA4=
Subject key identifier: 36:98:86:91:FB:A1:FE:15:92:06:5B:FB:3F:40:F2:E4:07:F7:7F:B9
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 018CCA2A649786D22AF99AE93A657DA61A10
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/NpiGkfuh_hWSBlv7P0Dy5Af3f7k.roa
Signing time: Tue 02 Jan 2024 12:33:44 +0000
ROA not before: Tue 02 Jan 2024 12:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51531
IP address blocks: 185.176.192.0/22 maxlen: 24
46.31.120.0/21 maxlen: 24
45.129.80.0/22 maxlen: 24
81.89.88.0/21 maxlen: 24
185.70.20.0/22 maxlen: 24
2a02:c50::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jun 2024 12:41:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:64:97:86:d2:2a:f9:9a:e9:3a:65:7d:a6:1a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 12:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36988691fba1fe1592065bfb3f40f2e407f77fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2b:59:ad:0b:2b:9f:b6:86:49:2a:b6:6a:25:
76:ab:be:3c:28:2c:6b:33:94:b1:87:e9:08:93:72:
00:a8:9a:a9:5c:59:09:23:33:a3:ac:7b:c9:0c:77:
ba:44:a8:8f:44:97:f1:ee:5b:0b:0a:4a:f2:7a:99:
1b:83:ea:92:24:c7:5c:b6:ea:10:98:f2:06:ce:56:
54:4a:94:3a:a2:ac:17:1b:fa:2a:e4:77:ca:7c:d3:
a7:c8:78:7a:29:72:6b:7b:13:a8:ba:62:44:97:c0:
20:4a:4d:39:e9:0d:63:36:9c:cf:9d:57:41:07:b1:
ee:83:60:ca:36:92:69:e7:86:8a:8d:87:00:ad:2e:
b3:53:e6:ee:79:84:56:93:32:7d:33:fc:04:7c:37:
51:15:30:a9:6a:b4:97:eb:ce:26:d6:44:5f:fa:f7:
56:26:0e:9f:64:df:c3:59:94:f3:4f:af:cd:3d:21:
b4:d4:6a:5c:07:ba:80:b3:b9:18:a4:56:83:05:76:
55:1c:88:9e:bb:4f:8b:83:40:21:0b:6f:ff:3b:b1:
2d:72:1a:97:e8:05:74:98:5b:95:84:42:44:91:ea:
6e:6e:8d:94:75:61:60:f4:a2:ff:fb:5b:15:ec:54:
b8:dd:f6:fb:46:79:7c:a8:93:98:7b:09:48:ce:a1:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:98:86:91:FB:A1:FE:15:92:06:5B:FB:3F:40:F2:E4:07:F7:7F:B9
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/NpiGkfuh_hWSBlv7P0Dy5Af3f7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.80.0/22
46.31.120.0/21
81.89.88.0/21
185.70.20.0/22
185.176.192.0/22
IPv6:
2a02:c50::/32
Signature Algorithm: sha256WithRSAEncryption
41:d0:6e:ca:ab:ab:cb:92:4f:1f:61:e4:ef:ef:e8:65:40:1f:
16:20:44:d0:d2:2c:b5:09:be:e6:3f:04:46:cf:2c:7f:b6:dd:
03:d8:e2:00:d4:68:ff:81:72:a2:9d:9c:eb:aa:e4:d3:8e:dc:
27:ca:65:af:21:bb:ad:38:e2:9a:4b:9c:11:8b:e9:63:20:ac:
80:1f:ab:e4:c9:9d:2e:58:4f:a2:51:fc:93:35:a8:57:0f:fe:
4a:a4:de:12:eb:2d:78:db:0d:81:69:b5:39:7f:61:c7:46:6b:
54:ba:53:4e:a0:b3:0c:dc:27:b3:a4:92:98:da:74:24:15:93:
78:ef:1c:d9:f1:68:c1:44:60:f9:d6:b7:30:d8:a2:7e:fe:15:
68:64:54:c3:ee:de:ab:9f:fa:ca:ab:0f:11:33:be:40:77:ac:
4a:74:76:60:21:5d:b4:6e:49:7f:be:48:84:b7:39:14:62:3c:
ed:1b:bb:ff:72:18:4d:78:1e:11:ec:ee:c2:e9:3a:95:8f:73:
9c:e3:00:57:44:2b:af:45:0e:01:e4:82:88:1b:2d:ca:ce:32:
c4:41:4f:ee:3b:96:13:1f:75:b0:bd:89:fa:e8:3a:12:c1:d2:
91:e1:11:da:05:09:02:f1:63:75:36:bd:9e:75:6a:53:7c:5b:
1c:7b:73:cd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKmSXhtIq+ZrpOmV9phoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQwMTAyMTIzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk4ODY5MWZiYTFmZTE1OTIwNjViZmIzZjQwZjJlNDA3Zjc3ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCtZrQsrn7aGSSq2aiV2q748KCxr
M5Sxh+kIk3IAqJqpXFkJIzOjrHvJDHe6RKiPRJfx7lsLCkryepkbg+qSJMdctuoQ
mPIGzlZUSpQ6oqwXG/oq5HfKfNOnyHh6KXJrexOoumJEl8AgSk056Q1jNpzPnVdB
B7Hug2DKNpJp54aKjYcArS6zU+bueYRWkzJ9M/wEfDdRFTCparSX684m1kRf+vdW
Jg6fZN/DWZTzT6/NPSG01GpcB7qAs7kYpFaDBXZVHIieu0+Lg0AhC2//O7EtchqX
6AV0mFuVhEJEkepubo2UdWFg9KL/+1sV7FS43fb7Rnl8qJOYewlIzqFnNwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDaYhpH7of4VkgZb+z9A8uQH93+5MB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvTnBpR2tmdWhfaFdTQmx2N1AwRHk1QWYzZjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYFQAwQD
Lh94AwQDUVlYAwQCuUYUAwQCubDAMA0EAgACMAcDBQAqAgxQMA0GCSqGSIb3DQEB
CwUAA4IBAQBB0G7Kq6vLkk8fYeTv7+hlQB8WIETQ0iy1Cb7mPwRGzyx/tt0D2OIA
1Gj/gXKinZzrquTTjtwnymWvIbutOOKaS5wRi+ljIKyAH6vkyZ0uWE+iUfyTNahX
D/5KpN4S6y142w2BabU5f2HHRmtUulNOoLMM3CezpJKY2nQkFZN47xzZ8WjBRGD5
1rcw2KJ+/hVoZFTD7t6rn/rKqw8RM75Ad6xKdHZgIV20bkl/vkiEtzkUYjztG7v/
chhNeB4R7O7C6TqVj3Oc4wBXRCuvRQ4B5IKIGy3KzjLEQU/uO5YTH3WwvYn66DoS
wdKR4RHaBQkC8WN1Nr2edWpTfFsce3PN
-----END CERTIFICATE-----
Generated at Thu Jun 27 16:07:26 2024 by rpki-client on console-ams.rpki-client.org