Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/nij5_l16JW-klq1IJrHISD1yndc.roa
File: nij5_l16JW-klq1IJrHISD1yndc.roa (raw, json)
Hash identifier: MgZa/1V4N7QPvAQpUqBU7CtyaymLus3EZVV8fTJ8MVI=
Subject key identifier: 9E:28:F9:FE:5D:7A:25:6F:A4:96:AD:48:26:B1:C8:48:3D:72:9D:D7
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 018577DA6D2731A43F32D7AC0F5F2D79A695
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/nij5_l16JW-klq1IJrHISD1yndc.roa
Signing time: Tue 03 Jan 2023 13:38:01 +0000
ROA not before: Tue 03 Jan 2023 13:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56902
IP address blocks: 45.142.138.0/24 maxlen: 24
45.142.137.0/24 maxlen: 24
45.142.139.0/24 maxlen: 24
45.142.136.0/24 maxlen: 24
5.100.240.0/24 maxlen: 24
5.100.243.0/24 maxlen: 24
5.100.242.0/24 maxlen: 24
5.100.241.0/24 maxlen: 24
185.128.125.0/24 maxlen: 24
185.128.124.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
185.187.128.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 15:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:da:6d:27:31:a4:3f:32:d7:ac:0f:5f:2d:79:a6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Jan 3 13:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e28f9fe5d7a256fa496ad4826b1c8483d729dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8b:36:8f:1d:dd:0d:22:a7:7d:6d:72:d3:c1:
1e:38:33:64:0c:3a:ca:36:b6:a8:92:70:32:cb:fb:
60:43:69:02:1b:b6:db:a1:4f:68:5e:a6:11:b6:79:
56:7d:7c:c8:d6:9d:ca:a7:db:ec:42:d6:c6:be:b6:
9b:bc:96:8c:0d:65:bc:5d:3f:d7:8d:81:14:9e:5b:
71:80:e0:27:e4:46:42:fa:d9:5e:8e:fb:86:68:05:
a5:c2:5d:75:d9:63:23:d3:4d:77:8f:4a:3f:6c:0c:
43:09:3c:53:d5:4c:3a:ba:20:10:9f:17:0a:c1:17:
1e:01:4a:34:d3:44:41:43:7a:6f:a1:d5:59:b4:7e:
e9:7b:e1:84:7f:1a:de:8f:7f:6b:e4:47:19:c8:95:
af:16:19:4e:2a:05:7c:83:4a:d7:14:d5:50:68:87:
59:1c:b8:73:44:0a:ae:30:b8:be:07:07:cb:e1:62:
fa:0f:18:24:d7:69:07:fd:78:5a:da:99:89:12:c4:
ac:70:bb:cf:35:ea:3c:65:a3:2a:e8:57:77:34:6e:
f8:c3:0b:af:e6:98:85:70:37:b9:81:bc:39:0f:e0:
61:ac:dd:24:14:6b:5d:a9:c8:2c:d1:51:53:2b:16:
8a:a3:83:f8:12:c5:49:19:58:d3:84:2f:11:f4:26:
03:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:28:F9:FE:5D:7A:25:6F:A4:96:AD:48:26:B1:C8:48:3D:72:9D:D7
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/nij5_l16JW-klq1IJrHISD1yndc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.240.0/22
45.142.136.0/22
185.128.124.0/23
185.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:07:ce:45:3f:64:f4:42:10:06:ad:f1:c1:c8:0e:9a:cf:fe:
d9:0a:d6:99:66:97:54:78:b8:7a:73:0e:fc:ab:a9:17:b7:cc:
2a:5b:33:de:33:6f:6d:99:c6:ca:49:b5:bc:c0:89:70:92:2e:
5a:e7:9e:89:5b:e6:04:43:0b:76:7a:64:30:67:b8:b5:64:e4:
05:3c:07:8b:9c:ba:68:9f:0f:21:c9:8f:41:ef:34:5c:c9:9c:
83:d6:ca:e9:e5:3b:36:3e:7d:1c:25:7b:d8:02:81:75:e7:94:
be:24:03:cc:99:f5:af:cc:6a:b4:f0:e2:85:b2:84:c2:c3:1c:
25:f7:b8:dd:26:47:3c:9b:2f:4a:2a:c7:f5:9b:e5:41:7b:2c:
0f:cd:d0:03:dc:c4:e1:da:5d:5a:d6:bb:9b:45:73:c1:62:13:
e4:34:0e:f2:b0:e2:dc:2e:e5:ab:54:1a:89:b0:3a:35:67:30:
7c:ff:7e:86:8b:98:03:3a:83:c0:b6:5a:23:a7:c7:f4:87:90:
b4:af:7c:35:42:3e:1e:52:f2:25:13:4b:40:74:6a:fb:9a:6d:
46:2f:9a:3d:66:92:84:6c:ed:c6:5e:08:c3:8d:f7:46:20:9e:
db:06:ed:23:3c:c6:70:48:3b:6e:59:6a:38:7c:45:fb:a9:81:
6b:56:94:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYV32m0nMaQ/MtesD18teaaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjMwMTAzMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI4ZjlmZTVkN2EyNTZmYTQ5NmFkNDgyNmIxYzg0ODNkNzI5ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhos2jx3dDSKnfW1y08EeODNkDDrK
NraoknAyy/tgQ2kCG7bboU9oXqYRtnlWfXzI1p3Kp9vsQtbGvrabvJaMDWW8XT/X
jYEUnltxgOAn5EZC+tlejvuGaAWlwl112WMj0013j0o/bAxDCTxT1Uw6uiAQnxcK
wRceAUo000RBQ3pvodVZtH7pe+GEfxrej39r5EcZyJWvFhlOKgV8g0rXFNVQaIdZ
HLhzRAquMLi+BwfL4WL6Dxgk12kH/Xha2pmJEsSscLvPNeo8ZaMq6Fd3NG74wwuv
5piFcDe5gbw5D+BhrN0kFGtdqcgs0VFTKxaKo4P4EsVJGVjThC8R9CYDuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ4o+f5deiVvpJatSCaxyEg9cp3XMB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvbmlqNV9sMTZKVy1rbHExSUpySElTRDF5bmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWTwAwQC
LY6IAwQBuYB8AwQCubuAMA0GCSqGSIb3DQEBCwUAA4IBAQA7B85FP2T0QhAGrfHB
yA6az/7ZCtaZZpdUeLh6cw78q6kXt8wqWzPeM29tmcbKSbW8wIlwki5a556JW+YE
Qwt2emQwZ7i1ZOQFPAeLnLponw8hyY9B7zRcyZyD1srp5Ts2Pn0cJXvYAoF155S+
JAPMmfWvzGq08OKFsoTCwxwl97jdJkc8my9KKsf1m+VBeywPzdAD3MTh2l1a1rub
RXPBYhPkNA7ysOLcLuWrVBqJsDo1ZzB8/36Gi5gDOoPAtlojp8f0h5C0r3w1Qj4e
UvIlE0tAdGr7mm1GL5o9ZpKEbO3GXgjDjfdGIJ7bBu0jPMZwSDtuWWo4fEX7qYFr
VpSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:14 2024 by rpki-client on console-fra.rpki-client.org