Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/NnaXohATsLl8TaMMF0oIqPdfOyo.roa
File: NnaXohATsLl8TaMMF0oIqPdfOyo.roa (raw, json)
Hash identifier: VGu1OivioSGgSEaRBeZhpGcS+somBMrezA7QNh4w9E0=
Subject key identifier: 36:76:97:A2:10:13:B0:B9:7C:4D:A3:0C:17:4A:08:A8:F7:5F:3B:2A
Certificate issuer: /CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Certificate serial: 01856FDDC1AEC98FF226E9FD4834ACBA1F93
Authority key identifier: BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/NnaXohATsLl8TaMMF0oIqPdfOyo.roa
Signing time: Mon 02 Jan 2023 00:24:42 +0000
ROA not before: Mon 02 Jan 2023 00:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1756
IP address blocks: 178.173.178.0/24 maxlen: 24
178.173.179.0/24 maxlen: 24
178.173.176.0/24 maxlen: 24
178.173.177.0/24 maxlen: 24
178.173.173.0/24 maxlen: 24
178.173.186.0/24 maxlen: 24
178.173.192.0/24 maxlen: 24
178.173.199.0/24 maxlen: 24
178.173.197.0/24 maxlen: 24
178.173.198.0/24 maxlen: 24
178.173.193.0/24 maxlen: 24
178.173.195.0/24 maxlen: 24
178.173.196.0/24 maxlen: 24
178.173.194.0/24 maxlen: 24
178.173.206.0/24 maxlen: 24
178.173.204.0/24 maxlen: 24
178.173.205.0/24 maxlen: 24
178.173.200.0/24 maxlen: 24
178.173.202.0/24 maxlen: 24
178.173.203.0/24 maxlen: 24
178.173.201.0/24 maxlen: 24
178.173.207.0/24 maxlen: 24
178.173.209.0/24 maxlen: 24
178.173.210.0/24 maxlen: 24
178.173.208.0/24 maxlen: 24
178.173.213.0/24 maxlen: 24
178.173.211.0/24 maxlen: 24
178.173.212.0/24 maxlen: 24
178.173.218.0/24 maxlen: 24
178.173.219.0/24 maxlen: 24
178.173.216.0/24 maxlen: 24
178.173.217.0/24 maxlen: 24
178.173.214.0/24 maxlen: 24
178.173.215.0/24 maxlen: 24
178.173.220.0/24 maxlen: 24
178.173.223.0/24 maxlen: 24
178.173.221.0/24 maxlen: 24
178.173.222.0/24 maxlen: 24
178.173.129.0/24 maxlen: 24
178.173.130.0/24 maxlen: 24
178.173.128.0/24 maxlen: 24
178.173.131.0/24 maxlen: 24
178.173.132.0/24 maxlen: 24
178.173.135.0/24 maxlen: 24
178.173.133.0/24 maxlen: 24
178.173.134.0/24 maxlen: 24
178.173.143.0/24 maxlen: 24
178.173.144.0/24 maxlen: 24
178.173.141.0/24 maxlen: 24
178.173.142.0/24 maxlen: 24
178.173.145.0/24 maxlen: 24
178.173.150.0/24 maxlen: 24
178.173.151.0/24 maxlen: 24
178.173.148.0/24 maxlen: 24
178.173.149.0/24 maxlen: 24
178.173.152.0/24 maxlen: 24
178.173.147.0/24 maxlen: 24
178.173.146.0/24 maxlen: 24
178.173.154.0/24 maxlen: 24
178.173.153.0/24 maxlen: 24
178.173.157.0/24 maxlen: 24
178.173.158.0/24 maxlen: 24
178.173.155.0/24 maxlen: 24
178.173.156.0/24 maxlen: 24
178.173.159.0/24 maxlen: 24
178.173.164.0/24 maxlen: 24
178.173.165.0/24 maxlen: 24
178.173.162.0/24 maxlen: 24
178.173.163.0/24 maxlen: 24
178.173.166.0/24 maxlen: 24
178.173.161.0/24 maxlen: 24
178.173.160.0/24 maxlen: 24
178.173.171.0/24 maxlen: 24
178.173.172.0/24 maxlen: 24
178.173.170.0/24 maxlen: 24
178.173.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:c1:ae:c9:8f:f2:26:e9:fd:48:34:ac:ba:1f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Validity
Not Before: Jan 2 00:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=367697a21013b0b97c4da30c174a08a8f75f3b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ab:20:1d:df:60:59:2b:19:02:99:5f:6d:ab:
ac:8c:32:44:2b:89:17:f3:92:58:b4:69:30:0b:38:
05:6d:28:c6:6e:a6:05:3e:82:dc:cc:4a:d1:e5:cb:
36:81:c6:64:56:d3:b5:22:8f:b2:5d:d5:55:3f:5c:
27:95:56:89:e5:7e:75:d9:55:59:bd:32:a8:e3:75:
a7:17:c8:60:61:a1:20:44:7f:b3:4c:47:d8:ef:92:
f6:57:dc:ab:11:a3:f9:46:10:60:06:00:3d:8d:ef:
41:20:38:cd:60:73:da:58:5a:15:94:0e:34:a3:c7:
0f:09:a8:01:91:f8:78:b6:cc:e9:4d:7c:62:8e:42:
a4:b1:16:24:4e:75:38:33:64:54:b6:20:98:a2:02:
85:a8:6b:11:d2:c7:9b:8a:19:f7:1a:fe:da:07:da:
01:70:de:9a:b3:f5:f8:9b:88:1e:36:92:c7:14:67:
c8:87:8e:d8:d2:ec:c7:12:dc:f3:cb:05:2b:66:15:
4f:f6:e6:db:81:7a:49:f7:64:74:1e:80:e9:af:d1:
fc:22:29:c2:e0:54:a1:68:42:61:f9:df:d8:c9:20:
f5:0f:a2:09:20:84:ba:d5:8c:c4:b2:b4:d1:b3:4a:
6e:23:c3:e2:ec:8c:81:a5:64:e3:c3:95:9c:85:9a:
50:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:76:97:A2:10:13:B0:B9:7C:4D:A3:0C:17:4A:08:A8:F7:5F:3B:2A
X509v3 Authority Key Identifier:
keyid:BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/NnaXohATsLl8TaMMF0oIqPdfOyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.128.0/21
178.173.141.0-178.173.167.255
178.173.170.0-178.173.173.255
178.173.176.0/22
178.173.186.0/24
178.173.192.0/19
Signature Algorithm: sha256WithRSAEncryption
43:75:a6:9f:56:e9:a8:18:4d:65:12:16:91:dd:ca:72:01:d1:
0a:81:98:1f:10:ee:13:f6:c5:32:c2:21:b7:9d:78:d6:1a:99:
2c:99:3e:6b:a0:83:f4:09:22:45:0f:99:21:e9:32:d7:19:98:
02:6e:2c:72:4f:85:2a:43:19:ae:d5:36:c8:3d:ec:54:c2:62:
71:7a:1a:08:96:cf:11:b1:71:95:d7:71:c4:56:81:5d:c1:c7:
37:39:06:3a:fa:a3:15:99:a5:7f:af:50:2b:52:fc:3e:8f:c4:
c6:86:17:cb:fe:41:55:0a:74:e2:23:a2:85:f0:47:96:29:98:
03:05:85:44:0f:27:db:94:e5:48:be:a9:e1:91:bc:63:84:d7:
ec:02:6b:7b:7b:92:4b:7b:23:29:e7:8a:b8:2e:6f:d3:b2:82:
1c:94:f1:cd:17:2a:c8:54:0c:ee:0d:d8:5d:39:6f:7d:d7:cf:
b5:ae:11:3c:db:24:5a:93:e8:e1:7b:f4:df:2a:54:7e:b6:e3:
85:4c:eb:68:1e:3d:ad:30:7a:a4:f9:d1:5f:72:36:c2:d3:11:
e2:21:30:e8:75:ad:70:e3:9e:13:eb:b1:06:2d:12:3b:d1:09:
73:96:cd:73:de:81:ba:5d:c1:c6:58:a3:ea:30:b0:a1:3f:2d:
ce:90:e4:22
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVv3cGuyY/yJun9SDSsuh+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTU5MjFmNWJhNmJkMTQ3ZmY0MDAxMTdhYTk3Mzg2MzNm
MTU4N2QwHhcNMjMwMTAyMDAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc2OTdhMjEwMTNiMGI5N2M0ZGEzMGMxNzRhMDhhOGY3NWYzYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6sgHd9gWSsZAplfbausjDJEK4kX
85JYtGkwCzgFbSjGbqYFPoLczErR5cs2gcZkVtO1Io+yXdVVP1wnlVaJ5X512VVZ
vTKo43WnF8hgYaEgRH+zTEfY75L2V9yrEaP5RhBgBgA9je9BIDjNYHPaWFoVlA40
o8cPCagBkfh4tszpTXxijkKksRYkTnU4M2RUtiCYogKFqGsR0sebihn3Gv7aB9oB
cN6as/X4m4geNpLHFGfIh47Y0uzHEtzzywUrZhVP9ubbgXpJ92R0HoDpr9H8IinC
4FShaEJh+d/YySD1D6IJIIS61YzEsrTRs0puI8Pi7IyBpWTjw5WchZpQcQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDZ2l6IQE7C5fE2jDBdKCKj3XzsqMB8GA1UdIwQY
MBaAFLwVkh9bpr0Uf/QAEXqpc4Yz8Vh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAt
MDk5MGNlNzQ4MWU3LzEvTm5hWG9oQVRzTGw4VGFNTUYwb0lxUGRmT3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAtMDk5MGNlNzQ4MWU3
LzEvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQDsq2AMAwD
BACyrY0DBAOyraAwDAMEAbKtqgMEAbKtrAMEArKtsAMEALKtugMEBbKtwDANBgkq
hkiG9w0BAQsFAAOCAQEAQ3Wmn1bpqBhNZRIWkd3KcgHRCoGYHxDuE/bFMsIht514
1hqZLJk+a6CD9AkiRQ+ZIeky1xmYAm4sck+FKkMZrtU2yD3sVMJicXoaCJbPEbFx
lddxxFaBXcHHNzkGOvqjFZmlf69QK1L8Po/ExoYXy/5BVQp04iOihfBHlimYAwWF
RA8n25TlSL6p4ZG8Y4TX7AJre3uSS3sjKeeKuC5v07KCHJTxzRcqyFQM7g3YXTlv
fdfPta4RPNskWpPo4Xv03ypUfrbjhUzraB49rTB6pPnRX3I2wtMR4iEw6HWtcOOe
E+uxBi0SO9EJc5bNc96Bul3Bxlij6jCwoT8tzpDkIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:47 2024 by rpki-client on console-ams.rpki-client.org