Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlcfDLCtJCxZJhT3Uo1JbnL9NUY.roa
File: NlcfDLCtJCxZJhT3Uo1JbnL9NUY.roa (raw, json)
Hash identifier: CxxsJFBkX54gDqBOGjtA4Ndgh/jCD0smstbXOZ+SmT4=
Subject key identifier: 36:57:1F:0C:B0:AD:24:2C:59:26:14:F7:52:8D:49:6E:72:FD:35:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186C52270A3217418A11CF830D45955B0EF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlcfDLCtJCxZJhT3Uo1JbnL9NUY.roa
Signing time: Thu 09 Mar 2023 06:50:13 +0000
ROA not before: Thu 09 Mar 2023 06:50:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:6f0::/44 maxlen: 44
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:22:70:a3:21:74:18:a1:1c:f8:30:d4:59:55:b0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 9 06:50:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36571f0cb0ad242c592614f7528d496e72fd3546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:57:c8:82:5a:9c:bc:b4:f8:a7:5c:a0:77:
61:0f:87:22:1d:79:11:5d:23:35:da:3a:16:03:89:
c2:1f:4f:60:82:5f:ff:3a:84:50:32:c5:e4:c8:b2:
c2:79:e2:8e:ff:e5:c4:8f:32:9c:02:7c:1e:6d:1f:
5b:f0:e4:ff:17:7e:16:10:5d:03:79:78:72:c7:2e:
ad:5b:6f:c9:23:90:e5:34:f6:1d:e3:e2:7d:21:15:
d7:9f:bf:80:66:8f:71:66:16:0f:44:a8:98:c2:16:
39:42:0f:e3:55:e3:d4:f0:51:09:de:d2:fc:8e:74:
7b:3b:62:3d:89:60:f4:0a:31:27:08:f4:4e:08:8c:
7b:27:8a:82:14:a6:d1:fd:17:08:87:13:36:54:ad:
fe:fa:7e:47:e5:84:95:c2:b4:fa:a4:ce:69:cb:42:
23:e9:59:97:28:a8:25:34:fc:ea:a1:f8:24:51:70:
8b:d7:0b:83:81:10:fd:a0:14:7d:6b:10:94:34:ee:
40:aa:59:69:d6:5b:07:35:6a:21:12:00:f6:c6:55:
cb:9e:9e:df:f2:da:12:e3:b9:a7:2a:de:5d:2e:af:
9e:9a:02:e2:67:47:19:e2:14:fc:7e:0b:a7:cd:ae:
5c:bd:b7:36:25:d4:ec:c4:4d:93:8c:ff:87:a1:51:
9d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:57:1F:0C:B0:AD:24:2C:59:26:14:F7:52:8D:49:6E:72:FD:35:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NlcfDLCtJCxZJhT3Uo1JbnL9NUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:6f0::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
Signature Algorithm: sha256WithRSAEncryption
67:bd:fc:e0:aa:5f:ff:05:a3:0f:cf:e5:56:2d:00:0a:0b:ba:
e6:2a:7f:73:78:ac:b0:09:8c:07:be:f9:2d:4d:1d:7c:05:bb:
0b:fa:15:d4:40:04:78:a4:ca:b2:c5:23:6f:92:f9:55:84:1f:
47:f8:84:bb:b0:ba:36:8c:19:99:e8:cf:b9:e8:82:50:4e:5a:
d3:7a:5b:f6:a5:ff:20:cd:45:bb:22:a3:1b:2e:3f:a7:a3:d3:
00:f1:6d:eb:5b:66:b2:b2:f4:90:91:6c:8f:c5:bb:dc:a1:7c:
b7:0e:17:81:af:83:4f:cf:be:2c:55:02:aa:9c:68:7e:6d:f1:
b4:ea:51:b8:ac:97:3f:e2:a9:99:91:4a:f9:14:b9:99:17:5a:
74:78:68:0a:9e:25:fa:c8:65:f2:43:0f:57:b7:af:0f:50:af:
30:75:91:94:73:6a:3b:b5:78:8b:96:ec:bd:c6:ca:43:7c:c9:
ca:75:2f:8d:d9:ff:14:b2:0e:c8:72:a7:21:b2:51:95:87:bb:
e1:8e:c3:e2:0c:a8:f0:36:0c:ec:fd:0f:92:06:4d:2c:5a:28:
7e:47:66:ca:b7:1a:8e:de:49:92:cb:06:77:b9:57:f0:e3:ea:
f3:04:33:b4:25:e5:8e:ed:3f:de:32:45:09:3e:34:94:26:21:
0f:2c:ea:0e
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAYbFInCjIXQYoRz4MNRZVbDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzA5MDY1MDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjU3MWYwY2IwYWQyNDJjNTkyNjE0Zjc1MjhkNDk2ZTcyZmQzNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPZXyIJanLy0+KdcoHdhD4ciHXkR
XSM12joWA4nCH09ggl//OoRQMsXkyLLCeeKO/+XEjzKcAnwebR9b8OT/F34WEF0D
eXhyxy6tW2/JI5DlNPYd4+J9IRXXn7+AZo9xZhYPRKiYwhY5Qg/jVePU8FEJ3tL8
jnR7O2I9iWD0CjEnCPROCIx7J4qCFKbR/RcIhxM2VK3++n5H5YSVwrT6pM5py0Ij
6VmXKKglNPzqofgkUXCL1wuDgRD9oBR9axCUNO5Aqllp1lsHNWohEgD2xlXLnp7f
8toS47mnKt5dLq+emgLiZ0cZ4hT8fgunza5cvbc2JdTsxE2TjP+HoVGdeQIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFDZXHwywrSQsWSYU91KNSW5y/TVGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTmxjZkRMQ3RKQ3haSmhUM1VvMUpibkw5TlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TBCBAIAATA8AwQAHyq3
AwQCLQxEAwQCLYO4AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAueh1AwQAwjJc
AwQAwjJeMIGSBAIAAjCBiwMHACABB/gBGQMFAyoJBMAwDgMFByoMO4ADBQAqDDuG
AwcAKg6XwAFwAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfEAQADBwQqDrEHBvADBwAq
DrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAqD+QEAQIDBwAqEC8AAY0DBwAqEC8A
AY8DBwQqEMxAAlAwDQYJKoZIhvcNAQELBQADggEBAGe9/OCqX/8Fow/P5VYtAAoL
uuYqf3N4rLAJjAe++S1NHXwFuwv6FdRABHikyrLFI2+S+VWEH0f4hLuwujaMGZno
z7noglBOWtN6W/al/yDNRbsioxsuP6ej0wDxbetbZrKy9JCRbI/Fu9yhfLcOF4Gv
g0/PvixVAqqcaH5t8bTqUbislz/iqZmRSvkUuZkXWnR4aAqeJfrIZfJDD1e3rw9Q
rzB1kZRzaju1eIuW7L3GykN8ycp1L43Z/xSyDshypyGyUZWHu+GOw+IMqPA2DOz9
D5IGTSxaKH5HZsq3Go7eSZLLBne5V/Dj6vMEM7Ql5Y7tP94yRQk+NJQmIQ8s6g4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org