Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/NGEu8vR47bLCcH5vyAlJ0xc3eMs.roa
File: NGEu8vR47bLCcH5vyAlJ0xc3eMs.roa (raw, json)
Hash identifier: E3AeEl5PZU1VROFgUhEE6ffNLDPm/JE4hcAeuylrtB4=
Subject key identifier: 34:61:2E:F2:F4:78:ED:B2:C2:70:7E:6F:C8:09:49:D3:17:37:78:CB
Certificate issuer: /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial: 01859636E95480D4C5995FAF099C17366B17
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/NGEu8vR47bLCcH5vyAlJ0xc3eMs.roa
Signing time: Mon 09 Jan 2023 11:07:39 +0000
ROA not before: Mon 09 Jan 2023 11:07:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50533
IP address blocks: 145.14.224.0/23 maxlen: 23
185.160.248.0/22 maxlen: 22
145.14.224.0/20 maxlen: 20
134.101.64.0/24 maxlen: 24
134.101.64.0/19 maxlen: 19
2a00:17f1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:36:e9:54:80:d4:c5:99:5f:af:09:9c:17:36:6b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
Validity
Not Before: Jan 9 11:07:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34612ef2f478edb2c2707e6fc80949d3173778cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6f:80:9f:95:e7:43:cb:49:26:fb:ee:1e:1c:
b9:c3:1e:eb:26:02:a7:0e:86:2b:1a:15:a4:e5:41:
d8:9b:38:72:ac:82:e0:e0:75:65:5e:fa:a6:d2:66:
e4:41:e8:1c:f6:09:4c:85:4d:e5:2c:6d:67:9f:86:
5f:9f:3d:8b:e0:7b:81:1e:96:ae:33:15:76:39:a1:
69:09:e3:11:79:50:49:51:c7:de:3a:fa:b1:f5:ff:
75:91:b5:ef:1f:8b:a1:96:91:96:b6:3a:70:87:3d:
0a:3e:c8:68:6e:5a:01:91:2c:7e:da:44:8c:0e:4f:
07:92:9b:80:e3:12:56:bf:92:f7:84:57:1c:9c:39:
61:ed:33:b4:92:e4:9f:d2:c7:c5:16:94:ad:34:b2:
af:15:f7:85:e7:8a:49:8d:0b:ee:4c:e9:ce:d5:9c:
91:63:3e:f3:5a:63:ca:fc:eb:bd:d3:50:42:a5:e4:
76:31:b1:c3:98:8f:01:bd:1f:31:08:4d:d5:19:7b:
f5:65:60:52:23:b4:8c:0b:ac:0f:06:d3:9c:f5:69:
f9:de:5c:b9:73:bc:b7:35:0d:b0:4f:06:82:fd:52:
00:ff:90:91:13:16:66:83:89:d1:30:c6:69:74:e3:
d7:fe:78:04:e4:d3:8a:54:d5:5c:4d:d2:72:4a:8f:
b1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:61:2E:F2:F4:78:ED:B2:C2:70:7E:6F:C8:09:49:D3:17:37:78:CB
X509v3 Authority Key Identifier:
keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/NGEu8vR47bLCcH5vyAlJ0xc3eMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.101.64.0/19
145.14.224.0/20
185.160.248.0/22
IPv6:
2a00:17f1::/32
Signature Algorithm: sha256WithRSAEncryption
76:ab:38:ab:76:0f:4d:e8:86:43:53:ea:4b:59:36:a2:1b:8e:
57:6d:da:a3:bc:80:18:f6:d7:70:e7:65:a4:a0:42:96:ea:03:
21:60:d3:d8:a8:52:4a:4a:10:51:f6:ac:de:cf:be:47:81:76:
74:b9:08:00:2b:86:e5:20:29:f4:62:cb:77:50:87:ed:63:fd:
ae:aa:11:fc:aa:50:39:1f:10:38:b0:95:56:d0:eb:8a:d9:a4:
15:3d:15:e5:d9:6f:e8:15:f2:0a:ff:be:fd:1e:6d:2c:68:19:
77:95:8d:03:2a:c2:2d:45:07:27:d0:6f:04:78:cb:78:75:ac:
f4:f6:59:85:93:e7:20:03:12:13:0f:9d:49:08:88:bd:e8:a3:
d9:5d:6d:51:0b:31:71:8d:4d:6e:b3:3d:97:f6:f4:44:49:bc:
35:f0:09:a6:79:8d:f1:35:5d:73:3f:7b:ab:8d:d1:84:99:75:
e8:58:53:18:d5:c9:a4:37:03:9d:df:df:6d:89:18:d1:c3:65:
c6:81:30:d8:36:e9:a3:de:47:f7:44:87:81:4d:32:a1:62:49:
b4:7b:ff:6b:05:ef:3a:11:fd:64:8a:cf:fd:a3:5e:bf:e3:4c:
8b:06:ec:a5:6f:f2:54:b1:fa:cc:b7:b1:84:fa:f2:b8:d7:7c:
f6:c0:4b:b7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYWWNulUgNTFmV+vCZwXNmsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTQ0MmM0ZmZlOWMxZDc2MWU3YzU2OTM2MGVhZDA0MjQz
OGY5MDMwHhcNMjMwMTA5MTEwNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDYxMmVmMmY0NzhlZGIyYzI3MDdlNmZjODA5NDlkMzE3Mzc3OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW+An5XnQ8tJJvvuHhy5wx7rJgKn
DoYrGhWk5UHYmzhyrILg4HVlXvqm0mbkQegc9glMhU3lLG1nn4Zfnz2L4HuBHpau
MxV2OaFpCeMReVBJUcfeOvqx9f91kbXvH4uhlpGWtjpwhz0KPshobloBkSx+2kSM
Dk8HkpuA4xJWv5L3hFccnDlh7TO0kuSf0sfFFpStNLKvFfeF54pJjQvuTOnO1ZyR
Yz7zWmPK/Ou901BCpeR2MbHDmI8BvR8xCE3VGXv1ZWBSI7SMC6wPBtOc9Wn53ly5
c7y3NQ2wTwaC/VIA/5CRExZmg4nRMMZpdOPX/ngE5NOKVNVcTdJySo+xxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDRhLvL0eO2ywnB+b8gJSdMXN3jLMB8GA1UdIwQY
MBaAFLBUQsT/6cHXYefFaTYOrQQkOPkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGIt
NmVkMzMxZjMxZTA5LzEvTkdFdTh2UjQ3YkxDY0g1dnlBbEoweGMzZU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGItNmVkMzMxZjMxZTA5
LzEvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFhmVAAwQE
kQ7gAwQCuaD4MA0EAgACMAcDBQAqABfxMA0GCSqGSIb3DQEBCwUAA4IBAQB2qzir
dg9N6IZDU+pLWTaiG45XbdqjvIAY9tdw52WkoEKW6gMhYNPYqFJKShBR9qzez75H
gXZ0uQgAK4blICn0Yst3UIftY/2uqhH8qlA5HxA4sJVW0OuK2aQVPRXl2W/oFfIK
/779Hm0saBl3lY0DKsItRQcn0G8EeMt4daz09lmFk+cgAxITD51JCIi96KPZXW1R
CzFxjU1usz2X9vRESbw18AmmeY3xNV1zP3urjdGEmXXoWFMY1cmkNwOd399tiRjR
w2XGgTDYNumj3kf3RIeBTTKhYkm0e/9rBe86Ef1kis/9o16/40yLBuylb/JUsfrM
t7GE+vK413z2wEu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:00 2024 by rpki-client on console-fra.rpki-client.org