Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NOsFPFdJ64GbYXLverDc1rpcvLs.roa
File: NOsFPFdJ64GbYXLverDc1rpcvLs.roa (raw, json)
Hash identifier: +cjCB55V2q0xS9PgbRqtC+ud4TTiWGD8PABcLkMAKZo=
Subject key identifier: 34:EB:05:3C:57:49:EB:81:9B:61:72:EF:7A:B0:DC:D6:BA:5C:BC:BB
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018AC12C409C7ECABE656B59771F91C6F7F5
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NOsFPFdJ64GbYXLverDc1rpcvLs.roa
Signing time: Sat 23 Sep 2023 08:33:37 +0000
ROA not before: Sat 23 Sep 2023 08:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41944
IP address blocks: 185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:2c:40:9c:7e:ca:be:65:6b:59:77:1f:91:c6:f7:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Sep 23 08:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34eb053c5749eb819b6172ef7ab0dcd6ba5cbcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:31:7b:ca:38:25:fd:a9:d9:e0:9c:29:a4:a1:
af:09:17:6d:34:4f:30:a1:8e:b8:0f:2a:ed:9c:e2:
3a:a0:be:0a:09:82:8b:a5:92:81:60:a6:d7:af:4d:
58:dc:3b:8f:31:49:ef:c0:9e:39:7c:c5:cf:a7:5f:
8d:45:a0:31:f0:4b:01:fb:c4:d2:6c:48:0a:43:55:
1c:0d:02:7a:86:67:ff:18:06:20:91:c9:64:0b:d0:
00:97:95:de:53:2c:f4:9d:d3:a4:44:d3:51:6f:f1:
d1:3a:cb:fa:de:3b:42:b5:24:d3:11:e9:2a:f9:72:
bc:9c:64:d4:d8:fd:7c:2f:21:0d:82:f1:3d:6b:f7:
cc:21:96:18:bc:7e:79:16:62:63:ed:21:1d:dc:4d:
b0:af:ad:6e:5e:5d:1a:7c:c6:fd:c6:7c:8e:74:e2:
f9:a4:49:29:bf:f7:77:ec:73:d5:da:62:3a:09:a7:
0b:0a:d6:d0:4c:68:29:26:a3:b5:c8:56:71:48:f4:
84:35:7e:91:2c:8b:ad:4d:86:54:9a:c8:1b:02:2d:
00:db:5e:45:ea:35:56:ae:2d:e2:06:24:a4:5f:05:
03:56:85:ad:e2:46:21:0e:26:c0:19:e0:2f:f8:69:
d0:3a:ba:6f:2e:18:bd:df:b9:f2:bc:15:66:3f:7a:
90:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EB:05:3C:57:49:EB:81:9B:61:72:EF:7A:B0:DC:D6:BA:5C:BC:BB
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NOsFPFdJ64GbYXLverDc1rpcvLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.43.0/24
37.114.48.0/22
37.114.55.0/24
37.114.63.0/24
43.251.161.0/24
176.100.36.0-176.100.38.255
185.14.92.0/23
Signature Algorithm: sha256WithRSAEncryption
36:f6:c4:3b:0b:57:dd:3a:df:d4:f6:da:cb:7a:56:9f:7c:07:
95:7a:3f:8a:62:9e:a9:71:0a:9f:81:55:5e:a3:82:0e:40:13:
6d:17:88:41:46:c5:32:b8:b6:dd:b9:6c:b5:53:54:8c:93:a3:
e9:0f:7c:e4:a2:20:26:20:8a:9d:fe:c1:bf:92:fa:31:1b:de:
a5:f3:a5:d6:4f:c5:d2:04:e2:b9:16:04:bf:ca:23:1d:56:6d:
d1:81:35:be:cd:54:57:fa:a8:08:29:75:e8:df:9a:c2:ab:9d:
b9:34:ed:ec:9e:c8:d4:14:a9:19:81:07:7f:25:2a:1c:31:c1:
31:6d:0c:89:85:63:fc:f0:7c:40:c7:34:d1:62:c1:d1:73:5a:
f2:42:3b:85:85:ba:fb:d0:aa:f4:4c:36:dc:50:3b:8c:ee:82:
ed:66:80:b0:25:e4:4d:fd:a9:da:62:2f:c8:39:24:db:52:3f:
10:cf:17:ae:49:74:f2:b2:15:7d:93:ec:3b:88:e3:e9:a1:08:
51:a0:d2:64:f9:d9:ad:5c:87:52:d4:65:a4:68:e1:e3:26:ea:
8b:f5:19:ee:b0:57:b1:28:11:3e:b5:ce:75:79:06:1d:4c:03:
71:11:87:0c:56:db:2e:c0:f2:f3:84:9a:25:95:b4:c9:5b:b2:
63:4f:68:4b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYrBLECcfsq+ZWtZdx+Rxvf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwOTIzMDgzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGViMDUzYzU3NDllYjgxOWI2MTcyZWY3YWIwZGNkNmJhNWNiY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjF7yjgl/anZ4JwppKGvCRdtNE8w
oY64DyrtnOI6oL4KCYKLpZKBYKbXr01Y3DuPMUnvwJ45fMXPp1+NRaAx8EsB+8TS
bEgKQ1UcDQJ6hmf/GAYgkclkC9AAl5XeUyz0ndOkRNNRb/HROsv63jtCtSTTEekq
+XK8nGTU2P18LyENgvE9a/fMIZYYvH55FmJj7SEd3E2wr61uXl0afMb9xnyOdOL5
pEkpv/d37HPV2mI6CacLCtbQTGgpJqO1yFZxSPSENX6RLIutTYZUmsgbAi0A215F
6jVWri3iBiSkXwUDVoWt4kYhDibAGeAv+GnQOrpvLhi937nyvBVmP3qQGwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDTrBTxXSeuBm2Fy73qw3Na6XLy7MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvTk9zRlBGZEo2NEdiWVhMdmVyRGMxcnBjdkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAJXIhAwQA
JXIrAwQCJXIwAwQAJXI3AwQAJXI/AwQAK/uhMAwDBAKwZCQDBACwZCYDBAG5Dlww
DQYJKoZIhvcNAQELBQADggEBADb2xDsLV90639T22st6Vp98B5V6P4pinqlxCp+B
VV6jgg5AE20XiEFGxTK4tt25bLVTVIyTo+kPfOSiICYgip3+wb+S+jEb3qXzpdZP
xdIE4rkWBL/KIx1WbdGBNb7NVFf6qAgpdejfmsKrnbk07eyeyNQUqRmBB38lKhwx
wTFtDImFY/zwfEDHNNFiwdFzWvJCO4WFuvvQqvRMNtxQO4zugu1mgLAl5E39qdpi
L8g5JNtSPxDPF65JdPKyFX2T7DuI4+mhCFGg0mT52a1ch1LUZaRo4eMm6ov1Ge6w
V7EoET61znV5Bh1MA3ERhwxW2y7A8vOEmiWVtMlbsmNPaEs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:51 2024 by rpki-client on console-ams.rpki-client.org