Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/NdW79Sw6s9jnbAuQrmyij6QJnQk.roa
File: NdW79Sw6s9jnbAuQrmyij6QJnQk.roa (raw, json)
Hash identifier: Z24Fb5hpDtzLunQWMYyA8lw7mgSVD81p0pa7vqlSbKY=
Subject key identifier: 35:D5:BB:F5:2C:3A:B3:D8:E7:6C:0B:90:AE:6C:A2:8F:A4:09:9D:09
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019145585F2785B60B73FACB62CB3AB68E4D
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/NdW79Sw6s9jnbAuQrmyij6QJnQk.roa
Signing time: Mon 12 Aug 2024 06:48:25 +0000
ROA not before: Mon 12 Aug 2024 06:48:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.233.59.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.98.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 11:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:58:5f:27:85:b6:0b:73:fa:cb:62:cb:3a:b6:8e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Aug 12 06:48:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35d5bbf52c3ab3d8e76c0b90ae6ca28fa4099d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:53:30:cb:ce:3f:60:56:d2:d2:c2:06:e1:20:
a6:93:ab:a6:aa:ea:b3:91:32:ea:cc:a9:a9:4c:f7:
29:be:c4:31:a6:8d:23:47:0c:f6:fa:09:e1:64:07:
36:f5:85:23:20:6f:58:d4:6d:26:18:20:e6:cb:28:
f6:37:b2:1c:bb:1f:1f:e3:0a:55:fe:90:73:11:4b:
97:a7:70:44:22:79:86:80:5e:0c:0a:8c:cd:11:44:
02:43:62:b8:a9:03:dc:34:be:20:44:15:14:f3:19:
14:88:7d:95:f2:b6:72:4f:eb:24:28:9d:08:c7:02:
42:5b:e3:da:8e:58:49:a0:9c:24:d3:f8:f3:71:84:
1d:a7:8e:1f:c4:6a:06:a7:f9:5a:3f:ca:59:c7:c8:
62:6d:63:eb:13:8c:b3:94:3e:ee:79:86:c7:d8:51:
f6:ad:73:b7:88:70:c9:d2:f4:05:ed:b0:a5:69:52:
a5:06:37:98:32:43:b6:5f:0f:ab:02:60:6a:b0:bf:
9f:f2:34:68:1a:f9:df:11:b3:81:a4:03:be:b2:f1:
c0:67:3e:c1:8e:97:00:45:60:70:0e:73:98:5d:e0:
5a:fc:96:9d:bf:8c:09:a2:02:b3:f9:fc:72:df:26:
26:a4:79:42:05:e0:78:71:ea:b2:46:cd:eb:60:bf:
29:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D5:BB:F5:2C:3A:B3:D8:E7:6C:0B:90:AE:6C:A2:8F:A4:09:9D:09
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/NdW79Sw6s9jnbAuQrmyij6QJnQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
91.225.225.0-91.225.227.255
188.191.98.0/24
188.191.101.0/24
188.191.103.0/24
188.191.106.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
45:45:5e:a7:8e:64:4a:4f:8f:26:45:45:d6:29:61:ba:d2:e9:
51:9c:d3:84:41:fc:3b:5e:ba:14:11:4b:18:6a:13:3f:75:df:
47:61:87:57:ef:06:b9:09:c0:eb:07:d4:32:63:92:85:a3:32:
1a:b8:25:3a:62:b2:e0:10:18:5b:7f:64:39:b4:04:1e:89:52:
0c:06:4a:16:8d:c9:80:96:f1:4f:66:d3:02:3c:82:8a:2d:9f:
7c:67:24:e2:67:35:fa:03:c1:1f:27:36:d0:bc:25:ac:05:10:
0b:d7:3f:49:a3:4e:39:46:9e:c1:f2:8e:86:ed:31:6d:bd:4c:
d6:2d:85:94:80:4a:2f:f4:8e:06:75:ec:3d:c8:d7:84:d6:7a:
b2:7e:28:15:15:4a:31:c6:c1:f8:ec:15:4b:e5:58:ff:23:e7:
bf:36:b7:ad:32:1b:4d:48:a0:a9:15:0a:70:3e:f2:c6:8d:c1:
32:f0:9a:65:26:34:6c:da:96:44:b7:f2:d6:2f:c1:f6:51:d6:
e1:de:01:c1:0e:ce:1e:22:ea:32:3d:a3:17:be:ba:d8:88:12:
eb:66:96:fe:23:2c:c1:b6:7a:3c:58:2e:9a:aa:5e:f0:a2:6d:
60:2c:6f:db:4d:f8:52:65:90:59:cb:69:5d:62:c7:66:c6:d5:
ee:1e:70:ae
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZFFWF8nhbYLc/rLYss6to5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwODEyMDY0ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ1YmJmNTJjM2FiM2Q4ZTc2YzBiOTBhZTZjYTI4ZmE0MDk5ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FMwy84/YFbS0sIG4SCmk6umquqz
kTLqzKmpTPcpvsQxpo0jRwz2+gnhZAc29YUjIG9Y1G0mGCDmyyj2N7Icux8f4wpV
/pBzEUuXp3BEInmGgF4MCozNEUQCQ2K4qQPcNL4gRBUU8xkUiH2V8rZyT+skKJ0I
xwJCW+PajlhJoJwk0/jzcYQdp44fxGoGp/laP8pZx8hibWPrE4yzlD7ueYbH2FH2
rXO3iHDJ0vQF7bClaVKlBjeYMkO2Xw+rAmBqsL+f8jRoGvnfEbOBpAO+svHAZz7B
jpcARWBwDnOYXeBa/Jadv4wJogKz+fxy3yYmpHlCBeB4ceqyRs3rYL8pAQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDXVu/UsOrPY52wLkK5soo+kCZ0JMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvTmRXNzlTdzZzOWpuYkF1UXJteWlqNlFKblFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAPuk7MAwD
BABb4eEDBAJb4eADBAC8v2IDBAC8v2UDBAC8v2cDBAC8v2owDAMEALy/bQMEALy/
bjANBgkqhkiG9w0BAQsFAAOCAQEARUVep45kSk+PJkVF1ilhutLpUZzThEH8O166
FBFLGGoTP3XfR2GHV+8GuQnA6wfUMmOShaMyGrglOmKy4BAYW39kObQEHolSDAZK
Fo3JgJbxT2bTAjyCii2ffGck4mc1+gPBHyc20LwlrAUQC9c/SaNOOUaewfKOhu0x
bb1M1i2FlIBKL/SOBnXsPcjXhNZ6sn4oFRVKMcbB+OwVS+VY/yPnvza3rTIbTUig
qRUKcD7yxo3BMvCaZSY0bNqWRLfy1i/B9lHW4d4BwQ7OHiLqMj2jF7662IgS62aW
/iMswbZ6PFgumqpe8KJtYCxv2034UmWQWctpXWLHZsbV7h5wrg==
-----END CERTIFICATE-----
Generated at Wed Sep 18 14:49:15 2024 by rpki-client on console-ams.rpki-client.org