Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa
File: NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa (raw, json)
Hash identifier: WyDkBGNdqW1JhEvq6Gv/CrWPAA3oZuLtAiWA9ur1ctU=
Subject key identifier: 35:81:00:48:7C:EF:01:0C:6E:08:68:18:CB:B0:63:78:35:59:C7:76
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 018EA2DEF8107C5C4C932ABCDD3F48289CE8
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa
Signing time: Wed 03 Apr 2024 07:31:45 +0000
ROA not before: Wed 03 Apr 2024 07:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.96.0/19 maxlen: 19
94.185.97.0/24 maxlen: 24
94.185.98.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.103.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.105.0/24 maxlen: 24
94.185.106.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.110.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
94.185.113.0/24 maxlen: 24
94.185.123.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Apr 2024 15:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:de:f8:10:7c:5c:4c:93:2a:bc:dd:3f:48:28:9c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Apr 3 07:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=358100487cef010c6e086818cbb063783559c776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:fb:b8:c0:67:51:85:12:85:6f:c0:7f:99:
bf:e7:a9:fb:8c:d7:07:b7:5a:31:aa:fb:77:d8:7a:
bb:22:57:33:bb:7f:8f:fc:21:99:a2:f3:cd:00:d0:
fe:f2:f3:24:f9:41:5a:0d:73:a6:fe:f3:1b:9f:cf:
29:e7:52:45:25:1c:be:f2:e1:54:5f:2c:4f:8c:37:
6c:30:9f:e5:5d:5c:7c:eb:11:53:d9:32:a8:18:6c:
cc:81:70:2a:5e:13:bf:e1:1c:e3:f9:47:f0:0f:5e:
4b:f4:50:3f:e5:74:f3:40:2e:33:99:7c:7b:8f:cf:
76:4b:a3:f7:39:c3:5d:26:03:f6:94:44:11:d8:3a:
1e:9d:46:af:63:b0:5e:9b:b2:62:cc:14:30:67:3c:
47:66:20:b3:21:72:41:3d:a1:58:48:da:45:70:8f:
e6:03:df:ed:f0:b4:17:74:36:85:53:fa:ca:30:03:
6e:69:b8:c8:ed:40:a6:0c:e7:97:f6:5c:ed:87:52:
39:53:c7:97:d0:8a:04:be:4b:ad:21:6d:df:93:53:
f6:5e:cd:cf:76:15:14:f7:26:08:4d:b7:b8:d8:39:
b7:99:51:60:f8:28:b1:56:4f:5e:8d:b0:26:68:a8:
89:3c:56:6b:8c:f8:2f:70:43:96:f5:b8:ab:53:87:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:81:00:48:7C:EF:01:0C:6E:08:68:18:CB:B0:63:78:35:59:C7:76
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/NYEASHzvAQxuCGgYy7BjeDVZx3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
aa:be:eb:a7:7d:70:af:2b:53:e9:55:14:d3:39:e5:d9:b8:f7:
5e:12:36:18:85:cb:c8:cc:0a:e2:d8:78:f2:d3:8b:80:9a:7d:
27:3f:80:3f:23:89:b7:44:33:96:a5:89:b9:b5:05:a2:87:6e:
1b:8a:f2:af:1e:40:fe:a7:00:6d:66:1f:1a:bf:89:f2:8e:1f:
3d:6f:13:35:ed:f0:c1:45:6c:d7:07:19:cc:90:ff:e6:d1:db:
2e:9a:89:b4:84:69:9c:35:72:cc:50:69:45:05:64:1e:f5:93:
db:30:aa:c3:66:c3:8a:5f:0e:21:4b:8b:cc:d9:65:e8:3c:e1:
95:8a:82:3d:19:48:c6:02:75:31:03:f0:d0:4d:e6:44:61:97:
35:d7:37:53:d8:e7:95:57:93:d3:f4:55:61:8d:87:29:67:78:
1b:32:c1:69:4f:f4:cb:81:e5:4f:76:e6:20:49:84:f7:4f:36:
b6:28:e8:1a:0c:a5:64:a1:db:56:8a:b4:2b:7b:37:ad:97:d0:
c2:c8:ca:20:8a:ff:7c:8c:46:1b:53:77:de:c8:40:31:1f:31:
07:59:a1:a9:d0:de:80:5e:3a:56:96:84:9b:ea:95:ac:1a:bc:
81:53:a5:1a:fc:a3:ac:b7:ed:6e:3f:f1:a9:44:34:1e:c4:3c:
e0:e4:ca:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6i3vgQfFxMkyq83T9IKJzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjQwNDAzMDczMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgxMDA0ODdjZWYwMTBjNmUwODY4MThjYmIwNjM3ODM1NTljNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVn7uMBnUYUShW/Af5m/56n7jNcH
t1oxqvt32Hq7Ilczu3+P/CGZovPNAND+8vMk+UFaDXOm/vMbn88p51JFJRy+8uFU
XyxPjDdsMJ/lXVx86xFT2TKoGGzMgXAqXhO/4Rzj+UfwD15L9FA/5XTzQC4zmXx7
j892S6P3OcNdJgP2lEQR2DoenUavY7Bem7JizBQwZzxHZiCzIXJBPaFYSNpFcI/m
A9/t8LQXdDaFU/rKMANuabjI7UCmDOeX9lzth1I5U8eX0IoEvkutIW3fk1P2Xs3P
dhUU9yYITbe42Dm3mVFg+CixVk9ejbAmaKiJPFZrjPgvcEOW9birU4d9uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDWBAEh87wEMbghoGMuwY3g1Wcd2MB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvTllFQVNIenZBUXh1Q0dnWXk3QmplRFZaeDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFXrlgMA0E
AgACMAcDBQAqA0WAMA0GCSqGSIb3DQEBCwUAA4IBAQCqvuunfXCvK1PpVRTTOeXZ
uPdeEjYYhcvIzAri2Hjy04uAmn0nP4A/I4m3RDOWpYm5tQWih24bivKvHkD+pwBt
Zh8av4nyjh89bxM17fDBRWzXBxnMkP/m0dsumom0hGmcNXLMUGlFBWQe9ZPbMKrD
ZsOKXw4hS4vM2WXoPOGVioI9GUjGAnUxA/DQTeZEYZc11zdT2OeVV5PT9FVhjYcp
Z3gbMsFpT/TLgeVPduYgSYT3Tza2KOgaDKVkodtWirQrezetl9DCyMogiv98jEYb
U3feyEAxHzEHWaGp0N6AXjpWloSb6pWsGryBU6Ua/KOst+1uP/GpRDQexDzg5Mp6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:01 2025 by rpki-client