Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/NWvmm21ZfPii1ZXsj34O3ePHb58.roa
File: NWvmm21ZfPii1ZXsj34O3ePHb58.roa (raw, json)
Hash identifier: W//inULd4bVkf7ITRkajQqan+cckJPSJytgqQh3eB4w=
Subject key identifier: 35:6B:E6:9B:6D:59:7C:F8:A2:D5:95:EC:8F:7E:0E:DD:E3:C7:6F:9F
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 018CC7947A7B686F02D14A9BB7ED9A29C0E6
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/NWvmm21ZfPii1ZXsj34O3ePHb58.roa
Signing time: Tue 02 Jan 2024 00:30:45 +0000
ROA not before: Tue 02 Jan 2024 00:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 31.214.240.0/21 maxlen: 32
95.156.226.0/23 maxlen: 32
95.156.225.0/24 maxlen: 32
109.230.252.0/22 maxlen: 32
95.156.228.0/22 maxlen: 32
95.156.232.0/24 maxlen: 32
185.87.20.0/22 maxlen: 32
109.230.195.0/24 maxlen: 32
46.251.225.0/24 maxlen: 32
46.251.227.0/24 maxlen: 32
109.230.224.0/20 maxlen: 32
31.214.149.0/24 maxlen: 32
134.255.220.0/22 maxlen: 32
134.255.224.0/22 maxlen: 32
134.255.228.0/23 maxlen: 32
134.255.230.0/24 maxlen: 32
134.255.235.0/24 maxlen: 32
134.255.236.0/22 maxlen: 32
134.255.252.0/22 maxlen: 32
193.25.201.0/24 maxlen: 32
2a05:bec0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 14 Feb 2024 10:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7a:7b:68:6f:02:d1:4a:9b:b7:ed:9a:29:c0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 00:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=356be69b6d597cf8a2d595ec8f7e0edde3c76f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:22:dd:0e:71:fc:cd:36:6a:f3:64:22:4a:f7:
54:60:ca:71:28:b5:84:46:2b:6b:88:7f:48:27:a0:
77:55:d4:e4:3c:4f:8c:dd:06:9a:5e:2d:96:89:9b:
fc:49:b7:1b:98:4f:3b:b8:3c:88:f5:6a:f6:b0:e2:
76:4a:f3:99:02:11:14:90:8f:75:35:9e:45:49:ed:
55:8b:bd:c4:6d:d9:c4:ec:96:2a:e9:36:9d:b5:10:
3a:a9:8e:d7:8e:77:39:5f:c3:07:a4:69:e1:64:0e:
62:1c:a7:ec:ea:1b:a2:5a:58:bf:30:96:3d:63:b9:
a4:8a:c4:42:be:1b:a2:20:cd:4a:25:f6:b3:b9:92:
68:6a:d9:2b:76:28:57:65:76:80:b7:de:c4:15:b1:
72:7f:fa:9a:b6:cc:11:f2:23:86:e8:01:e0:e6:b4:
55:f6:24:cf:fd:2f:5f:a9:17:57:8f:6f:97:fa:c6:
83:96:cf:16:a9:c1:5a:b7:9e:a7:c2:62:40:75:ba:
55:6a:56:cb:b0:d9:cd:ae:b1:9f:6e:3c:f3:12:55:
cc:d3:32:ac:6b:a0:ae:56:2a:6c:b7:fa:24:c6:0d:
f1:6b:53:05:3a:7c:13:33:8a:4b:23:04:35:3f:88:
e1:48:7b:78:cc:a1:e3:f3:14:45:92:69:94:da:77:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6B:E6:9B:6D:59:7C:F8:A2:D5:95:EC:8F:7E:0E:DD:E3:C7:6F:9F
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/NWvmm21ZfPii1ZXsj34O3ePHb58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.149.0/24
31.214.240.0/21
46.251.225.0/24
46.251.227.0/24
95.156.225.0-95.156.232.255
109.230.195.0/24
109.230.224.0/20
109.230.252.0/22
134.255.220.0-134.255.230.255
134.255.235.0-134.255.239.255
134.255.252.0/22
185.87.20.0/22
193.25.201.0/24
IPv6:
2a05:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
76:ea:e6:3d:87:0d:7d:50:66:9d:d3:a1:1e:7e:29:cd:3f:a4:
56:a6:87:19:5b:72:db:61:ab:2c:f5:86:42:95:39:5f:15:11:
8d:9c:87:b4:36:fb:7e:67:eb:d8:70:6e:5f:99:b5:2b:1e:e4:
32:d5:3a:81:48:d0:85:5a:fe:e3:d9:d5:80:9d:b1:76:b7:d4:
7b:e2:c1:3c:ee:49:a6:12:93:a3:8d:16:8c:e1:d9:59:69:d0:
8d:97:eb:8b:5a:bc:c1:84:1f:fa:b9:83:a6:8f:11:0c:9f:6f:
3c:86:45:2d:e8:3e:52:8b:09:a6:f9:da:95:6e:ab:27:25:95:
7c:a2:e2:ed:2f:f3:d5:35:72:b3:26:8f:6a:9e:d1:7d:44:17:
c3:f8:3e:b4:bb:94:c7:eb:a4:d4:3e:78:24:c5:0f:ee:d2:b5:
70:21:d9:56:e7:cf:66:7f:d8:3d:fa:20:6d:07:f8:d9:40:19:
93:e9:99:a3:99:d2:a0:3e:b5:39:96:92:e3:1e:b8:60:e6:3f:
2f:27:1e:7b:e0:87:a5:39:25:19:e4:76:a8:be:87:76:9e:60:
26:00:83:07:89:30:03:74:12:6d:8c:9e:1e:79:89:d9:94:f8:
ae:f2:09:64:4b:60:e5:d4:5c:04:78:07:e7:76:ce:29:c9:b6:
8d:2a:37:d6
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzHlHp7aG8C0Uqbt+2aKcDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjQwMTAyMDAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZiZTY5YjZkNTk3Y2Y4YTJkNTk1ZWM4ZjdlMGVkZGUzYzc2ZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CLdDnH8zTZq82QiSvdUYMpxKLWE
RitriH9IJ6B3VdTkPE+M3QaaXi2WiZv8SbcbmE87uDyI9Wr2sOJ2SvOZAhEUkI91
NZ5FSe1Vi73EbdnE7JYq6TadtRA6qY7Xjnc5X8MHpGnhZA5iHKfs6huiWli/MJY9
Y7mkisRCvhuiIM1KJfazuZJoatkrdihXZXaAt97EFbFyf/qatswR8iOG6AHg5rRV
9iTP/S9fqRdXj2+X+saDls8WqcFat56nwmJAdbpValbLsNnNrrGfbjzzElXM0zKs
a6CuVipst/okxg3xa1MFOnwTM4pLIwQ1P4jhSHt4zKHj8xRFkmmU2ncl1wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFDVr5pttWXz4otWV7I9+Dt3jx2+fMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvTld2bW0yMVpmUGlpMVpYc2ozNE8zZVBIYjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAB/WlQME
Ax/W8AMEAC774QMEAC774zAMAwQAX5zhAwQAX5zoAwQAbebDAwQEbebgAwQCbeb8
MAwDBAKG/9wDBACG/+YwDAMEAIb/6wMEBIb/4AMEAob//AMEArlXFAMEAMEZyTAN
BAIAAjAHAwUDKgW+wDANBgkqhkiG9w0BAQsFAAOCAQEAdurmPYcNfVBmndOhHn4p
zT+kVqaHGVty22GrLPWGQpU5XxURjZyHtDb7fmfr2HBuX5m1Kx7kMtU6gUjQhVr+
49nVgJ2xdrfUe+LBPO5JphKTo40WjOHZWWnQjZfri1q8wYQf+rmDpo8RDJ9vPIZF
Leg+UosJpvnalW6rJyWVfKLi7S/z1TVysyaPap7RfUQXw/g+tLuUx+uk1D54JMUP
7tK1cCHZVufPZn/YPfogbQf42UAZk+mZo5nSoD61OZaS4x64YOY/Lycee+CHpTkl
GeR2qL6Hdp5gJgCDB4kwA3QSbYyeHnmJ2ZT4rvIJZEtg5dRcBHgH53bOKcm2jSo3
1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:28 2024 by rpki-client on console-ams.rpki-client.org