Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/Nl2kI7_41si6Jgc_36fozQLpM7k.roa
File: Nl2kI7_41si6Jgc_36fozQLpM7k.roa (raw, json)
Hash identifier: kwkck2SY7Nkm0XzmP2Gr9kbDRcXO2HHCAZb6xqjfPuk=
Subject key identifier: 36:5D:A4:23:BF:F8:D6:C8:BA:26:07:3F:DF:A7:E8:CD:02:E9:33:B9
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B8114A014E4EBA061FE498A786E5F8E
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/Nl2kI7_41si6Jgc_36fozQLpM7k.roa
Signing time: Sun 01 Jan 2023 04:04:59 +0000
ROA not before: Sun 01 Jan 2023 04:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29667
IP address blocks: 84.22.27.0/24 maxlen: 24
84.22.28.0/24 maxlen: 24
84.22.25.0/24 maxlen: 24
78.130.136.0/22 maxlen: 22
78.130.142.0/24 maxlen: 24
78.130.140.0/23 maxlen: 23
84.22.2.0/23 maxlen: 23
84.22.4.0/23 maxlen: 23
87.116.96.0/20 maxlen: 20
89.25.112.0/22 maxlen: 22
89.25.118.0/24 maxlen: 24
89.25.112.0/21 maxlen: 21
89.25.116.0/23 maxlen: 23
89.25.16.0/22 maxlen: 22
89.25.24.0/21 maxlen: 21
87.118.142.0/24 maxlen: 24
89.25.26.0/23 maxlen: 23
89.25.28.0/22 maxlen: 22
89.25.25.0/24 maxlen: 24
87.118.156.0/22 maxlen: 22
78.130.132.0/22 maxlen: 22
213.145.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:14:a0:14:e4:eb:a0:61:fe:49:8a:78:6e:5f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=365da423bff8d6c8ba26073fdfa7e8cd02e933b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:d4:39:c5:05:e0:b1:60:04:02:18:33:df:
28:44:26:94:f0:48:c6:c4:5a:30:5c:9e:ca:5e:9a:
d8:e1:08:3b:49:08:6c:be:77:55:d3:c9:fd:7c:ce:
6f:dd:97:d9:a0:23:88:63:63:8d:3d:b5:91:80:7d:
40:6a:cb:48:ca:a6:08:ec:a2:ce:71:37:4a:89:e6:
21:c0:d7:dd:df:93:2c:2d:10:43:ed:33:b7:65:5f:
ce:8d:ce:7c:54:5b:70:1b:3a:fa:1b:25:20:13:bc:
3f:6d:ba:21:db:1d:a1:a1:12:87:e3:28:5a:fd:06:
00:af:02:1d:cc:2e:13:2f:2c:7c:8c:c0:a4:52:df:
17:1e:e7:c4:c7:e6:96:f5:3d:6c:de:3a:c6:2a:bd:
bb:82:bd:b6:c2:7e:46:62:bc:23:dd:2e:2d:06:3f:
dc:35:0f:ce:07:f9:28:2f:e4:1b:67:3d:34:71:37:
bc:94:95:28:87:e2:89:a8:60:29:f5:12:fb:c0:02:
8f:d1:7d:7f:e8:f6:f0:70:86:37:f2:02:bc:83:cc:
6c:ac:b5:62:d7:34:06:6e:f5:f9:a5:5a:70:52:a0:
b7:93:8b:16:a5:7d:61:b8:c0:10:15:41:c5:7f:6f:
6a:50:89:35:22:b3:3a:13:e4:9b:e4:ca:9f:45:65:
10:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5D:A4:23:BF:F8:D6:C8:BA:26:07:3F:DF:A7:E8:CD:02:E9:33:B9
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/Nl2kI7_41si6Jgc_36fozQLpM7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.130.132.0-78.130.142.255
84.22.2.0-84.22.5.255
84.22.25.0/24
84.22.27.0-84.22.28.255
87.116.96.0/20
87.118.142.0/24
87.118.156.0/22
89.25.16.0/22
89.25.24.0/21
89.25.112.0/21
213.145.105.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:fe:f0:61:81:0d:f1:f7:a4:88:92:7c:73:cf:7c:02:b7:14:
71:19:b5:6c:c2:9f:59:0e:07:94:60:b6:ca:00:c1:0c:01:23:
47:e2:a6:81:42:0a:f5:30:0c:b3:17:59:f6:77:66:d7:7e:b4:
d0:cb:fa:a1:77:82:d8:f5:ab:5f:b1:e6:78:bb:50:a5:8b:96:
80:bb:cb:81:c9:48:fa:4c:a5:38:8c:40:69:30:cb:65:4a:d6:
69:15:33:55:a6:80:c3:bd:da:18:50:78:1c:17:a5:8f:42:58:
23:08:9d:5e:c7:32:f1:28:fe:ad:17:34:6e:a7:e1:99:9f:11:
71:e1:f5:d1:1b:00:7d:e4:9d:1b:cf:78:7b:02:d3:19:e9:f0:
9a:77:c1:73:68:5b:88:3c:7f:2c:f8:8c:f7:9e:4c:de:31:dc:
4c:70:fd:f5:56:d6:aa:50:ce:48:97:6f:4a:a2:b5:59:35:92:
38:f7:97:2b:24:33:24:cf:30:c5:d8:86:2e:8f:7d:e7:47:81:
19:bd:1d:73:85:e1:30:4e:c8:de:cd:3a:f0:5c:5e:1e:3a:3b:
20:dd:e2:c6:90:98:42:fb:75:ca:67:b5:51:5f:1f:e2:d0:e8:
ce:8c:a6:e2:90:86:08:9e:17:b5:dd:84:23:b7:bd:76:bc:33:
95:a2:24:14
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVrgRSgFOTroGH+SYp4bl+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjVkYTQyM2JmZjhkNmM4YmEyNjA3M2ZkZmE3ZThjZDAyZTkzM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMXUOcUF4LFgBAIYM98oRCaU8EjG
xFowXJ7KXprY4Qg7SQhsvndV08n9fM5v3ZfZoCOIY2ONPbWRgH1AastIyqYI7KLO
cTdKieYhwNfd35MsLRBD7TO3ZV/Ojc58VFtwGzr6GyUgE7w/bboh2x2hoRKH4yha
/QYArwIdzC4TLyx8jMCkUt8XHufEx+aW9T1s3jrGKr27gr22wn5GYrwj3S4tBj/c
NQ/OB/koL+QbZz00cTe8lJUoh+KJqGAp9RL7wAKP0X1/6PbwcIY38gK8g8xsrLVi
1zQGbvX5pVpwUqC3k4sWpX1huMAQFUHFf29qUIk1IrM6E+Sb5MqfRWUQCQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDZdpCO/+NbIuiYHP9+n6M0C6TO5MB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvTmwya0k3XzQxc2k2SmdjXzM2Zm96UUxwTTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBAJOgoQD
BABOgo4wDAMEAVQWAgMEAVQWBAMEAFQWGTAMAwQAVBYbAwQAVBYcAwQEV3RgAwQA
V3aOAwQCV3acAwQCWRkQAwQDWRkYAwQDWRlwAwQA1ZFpMA0GCSqGSIb3DQEBCwUA
A4IBAQDJ/vBhgQ3x96SIknxzz3wCtxRxGbVswp9ZDgeUYLbKAMEMASNH4qaBQgr1
MAyzF1n2d2bXfrTQy/qhd4LY9atfseZ4u1Cli5aAu8uByUj6TKU4jEBpMMtlStZp
FTNVpoDDvdoYUHgcF6WPQlgjCJ1exzLxKP6tFzRup+GZnxFx4fXRGwB95J0bz3h7
AtMZ6fCad8FzaFuIPH8s+Iz3nkzeMdxMcP31VtaqUM5Il29KorVZNZI495crJDMk
zzDF2IYuj33nR4EZvR1zheEwTsjezTrwXF4eOjsg3eLGkJhC+3XKZ7VRXx/i0OjO
jKbikIYInhe13YQjt712vDOVoiQU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:46 2024 by rpki-client on console-ams.rpki-client.org