Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nkdx5yhTnCanSDSTCAlNYC4c1-I.roa
File: Nkdx5yhTnCanSDSTCAlNYC4c1-I.roa (raw, json)
Hash identifier: 5igLp45q0g8zKKdtR4wy3AFTgMkR57E+tZ9srj9qbF4=
Subject key identifier: 36:47:71:E7:28:53:9C:26:A7:48:34:93:08:09:4D:60:2E:1C:D7:E2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018B4B607ACE5FE94D42AB3851DB9835CC6D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nkdx5yhTnCanSDSTCAlNYC4c1-I.roa
Signing time: Fri 20 Oct 2023 04:38:15 +0000
ROA not before: Fri 20 Oct 2023 04:38:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 22 Nov 2023 12:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4b:60:7a:ce:5f:e9:4d:42:ab:38:51:db:98:35:cc:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 20 04:38:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=364771e728539c26a748349308094d602e1cd7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:41:fc:d4:6a:a4:0b:50:78:26:84:23:e5:23:
f2:0a:f1:f3:76:d0:8b:05:2e:9d:80:33:9b:76:d5:
c5:46:50:54:54:ec:bd:8d:bc:cf:eb:61:e4:42:8d:
cd:2c:20:77:97:9d:d2:16:6d:ed:8a:20:82:43:ad:
ca:81:6b:72:90:c1:d7:bf:60:bd:a2:29:87:c3:aa:
17:fe:0e:88:60:0d:de:a4:47:8a:7d:16:bf:36:a8:
b0:f2:f3:99:ba:5a:34:3a:c8:25:54:47:79:e7:fd:
db:b3:ab:50:97:ce:b1:6b:a5:46:aa:80:b5:83:df:
9e:df:1d:5c:89:02:69:a9:32:7a:5e:0d:65:bd:c9:
84:c5:0b:14:4f:d6:53:a3:02:ec:09:4c:8c:94:8a:
38:21:91:69:61:40:f8:f4:75:e2:26:4c:4a:73:44:
b1:3a:af:f5:c8:8a:55:2c:8a:00:82:fa:99:c9:7d:
06:f6:81:61:d9:06:d7:5f:db:16:c2:04:0f:b3:7d:
ff:14:92:ce:bd:8a:b0:bf:56:4f:be:25:4d:0a:05:
74:7f:29:57:76:3e:4c:fa:53:0a:71:35:dc:03:8e:
c5:35:14:62:07:bc:38:d1:c4:d5:09:35:eb:8c:25:
7d:cf:fb:23:cb:4c:3f:a2:62:f1:e2:95:5e:b5:07:
74:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:47:71:E7:28:53:9C:26:A7:48:34:93:08:09:4D:60:2E:1C:D7:E2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Nkdx5yhTnCanSDSTCAlNYC4c1-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0/24
86.107.51.0/24
89.35.119.0/24
89.35.130.0/23
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
98:fc:c6:5c:c1:f4:fe:07:33:61:7f:36:02:b2:ac:ea:f3:c3:
83:f8:18:68:de:a2:e0:a5:97:9d:04:aa:d2:55:d6:c8:4b:6e:
59:b6:97:7e:99:a5:92:36:97:ff:f0:96:64:93:30:42:eb:59:
44:49:f6:c0:df:28:e4:81:ba:04:50:03:02:c6:3c:ef:6c:a7:
40:89:64:5a:25:55:a1:77:7b:66:f6:c4:1a:62:5b:26:62:25:
61:e1:48:e6:e3:01:f6:01:73:bf:1b:d8:46:36:f6:0f:d9:e2:
69:b1:79:81:83:e3:a1:17:6a:26:95:0b:ae:28:96:8a:02:b8:
9a:45:18:00:db:91:65:dc:10:2b:11:6f:7e:31:46:f5:10:67:
f9:49:0f:c4:52:01:9e:c0:b9:a3:52:fa:6b:11:c7:0f:33:8b:
79:7c:fa:ca:f7:85:0d:94:d1:08:2c:a5:97:ac:09:06:e6:a9:
3d:c9:d9:54:00:7a:1a:99:d8:73:66:57:af:f2:7e:c0:28:a8:
50:d6:bf:45:a2:16:f9:91:2d:2b:34:18:5d:99:63:e6:a0:6f:
65:7c:00:c5:8b:5d:55:bb:24:7d:58:e6:ec:8c:db:4f:3e:6f:
03:5f:c8:bc:ff:ef:8a:44:5f:3f:59:c8:bd:b6:4c:9c:68:06:
25:59:05:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtLYHrOX+lNQqs4UduYNcxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDIwMDQzODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ3NzFlNzI4NTM5YzI2YTc0ODM0OTMwODA5NGQ2MDJlMWNkN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUH81GqkC1B4JoQj5SPyCvHzdtCL
BS6dgDObdtXFRlBUVOy9jbzP62HkQo3NLCB3l53SFm3tiiCCQ63KgWtykMHXv2C9
oimHw6oX/g6IYA3epEeKfRa/Nqiw8vOZulo0OsglVEd55/3bs6tQl86xa6VGqoC1
g9+e3x1ciQJpqTJ6Xg1lvcmExQsUT9ZTowLsCUyMlIo4IZFpYUD49HXiJkxKc0Sx
Oq/1yIpVLIoAgvqZyX0G9oFh2QbXX9sWwgQPs33/FJLOvYqwv1ZPviVNCgV0fylX
dj5M+lMKcTXcA47FNRRiB7w40cTVCTXrjCV9z/sjy0w/omLx4pVetQd0DwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDZHcecoU5wmp0g0kwgJTWAuHNfiMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTmtkeDV5aFRuQ2FuU0RTVENBbE5ZQzRjMS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVgNAwQA
VmszAwQAWSN3AwQBWSOCAwQAvNZrMA0GCSqGSIb3DQEBCwUAA4IBAQCY/MZcwfT+
BzNhfzYCsqzq88OD+Bho3qLgpZedBKrSVdbIS25Ztpd+maWSNpf/8JZkkzBC61lE
SfbA3yjkgboEUAMCxjzvbKdAiWRaJVWhd3tm9sQaYlsmYiVh4Ujm4wH2AXO/G9hG
NvYP2eJpsXmBg+OhF2omlQuuKJaKAriaRRgA25Fl3BArEW9+MUb1EGf5SQ/EUgGe
wLmjUvprEccPM4t5fPrK94UNlNEILKWXrAkG5qk9ydlUAHoamdhzZlev8n7AKKhQ
1r9Fohb5kS0rNBhdmWPmoG9lfADFi11VuyR9WObsjNtPPm8DX8i8/++KRF8/Wci9
tkycaAYlWQXZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org