Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NreCZpXZiwV-TIa8-5IQeou0lio.roa
File: NreCZpXZiwV-TIa8-5IQeou0lio.roa (raw, json)
Hash identifier: 6IVO8nsNZecR2ltQjFhHUWSuSFnEyzC2WQrdrzi1c0c=
Subject key identifier: 36:B7:82:66:95:D9:8B:05:7E:4C:86:BC:FB:92:10:7A:8B:B4:96:2A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AB38ED6D23EC31FFC6A02A63FB8A8B172
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NreCZpXZiwV-TIa8-5IQeou0lio.roa
Signing time: Wed 20 Sep 2023 17:06:37 +0000
ROA not before: Wed 20 Sep 2023 17:06:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
2.57.241.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 17:18:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:8e:d6:d2:3e:c3:1f:fc:6a:02:a6:3f:b8:a8:b1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 20 17:06:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36b7826695d98b057e4c86bcfb92107a8bb4962a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:49:d6:1b:3b:9a:4c:6d:54:97:e0:2e:46:c0:
d1:dd:73:7a:b4:b2:9f:f6:32:21:be:62:2d:1a:d6:
e3:d7:bb:ba:a8:c7:e2:c2:98:7b:74:6b:12:2d:fe:
f9:a0:d3:75:4b:03:51:65:37:36:39:1a:e5:f1:29:
fb:1b:42:fa:27:41:b2:aa:05:be:ca:2b:55:5d:96:
d8:11:01:89:7f:4b:9c:8c:d6:96:a4:19:2c:eb:12:
68:08:eb:cd:ce:b0:f4:11:ce:e9:98:4c:de:93:61:
a5:32:e7:5d:aa:e5:39:b7:f3:5e:41:14:d4:43:78:
e0:7b:6e:29:76:34:93:1c:d5:23:c7:93:52:71:22:
22:8e:86:0b:90:f6:3b:12:ff:f7:39:f9:02:57:eb:
0c:3d:03:4c:38:b3:cc:2e:e3:c4:55:26:55:8c:6f:
74:59:81:7e:69:94:5e:37:0d:5b:04:92:c6:90:fd:
22:20:76:2e:02:b3:82:db:3b:90:a0:5c:19:35:37:
e2:30:4e:56:37:71:86:35:c3:b5:5b:c2:17:df:fe:
1b:4c:c0:ce:b5:6a:09:d4:54:bd:10:b4:9c:4f:a7:
0d:84:b3:82:fd:98:03:9e:d4:84:31:a9:f5:46:07:
71:f3:14:74:86:ba:67:a6:4a:1e:4c:62:08:a4:26:
5e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B7:82:66:95:D9:8B:05:7E:4C:86:BC:FB:92:10:7A:8B:B4:96:2A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NreCZpXZiwV-TIa8-5IQeou0lio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/23
62.192.152.0/24
89.37.192.0/24
89.47.55.0/24
93.90.75.0/24
94.177.51.0/24
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9e:23:a5:c4:67:67:a7:64:63:08:cd:c1:75:63:fc:06:fc:
83:27:58:55:9d:2d:3b:95:0e:43:7d:5b:f5:eb:72:9c:74:9f:
c0:86:58:ab:ab:80:80:0f:65:8d:87:77:30:7f:3c:e9:22:8e:
88:fe:1b:4e:3b:34:75:9f:5b:7d:96:1a:34:ed:f9:3b:8b:84:
04:6f:ce:4a:56:05:50:8e:68:cc:8e:d0:c4:cf:2d:62:f4:89:
e5:a2:2c:f5:28:eb:77:38:9d:8c:e7:e5:6f:44:8e:e0:9d:67:
39:af:db:63:1a:c9:2b:1c:4c:ce:86:66:51:e3:10:f4:52:d0:
9c:f5:69:e8:43:19:93:8e:39:9c:0c:bc:9e:c1:77:3e:ff:03:
cc:2d:e9:8c:ce:b6:bf:0f:54:9b:43:b3:56:ba:9a:4a:5b:12:
76:a6:51:31:44:b8:86:a6:4b:89:21:47:24:5c:e8:8c:db:78:
b2:52:e7:59:9c:a8:8d:9a:4a:ae:a4:3d:9a:e1:0a:09:c9:44:
3c:39:cf:a1:4e:4a:a6:70:21:1e:45:a5:d2:71:15:72:3f:1c:
40:63:45:d9:f3:17:99:5e:08:ab:ab:c8:c3:83:4a:9a:47:8f:
25:ea:7a:c8:51:76:ec:48:28:0a:68:9d:bc:fc:fb:90:c5:24:
2d:b2:9f:93
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqzjtbSPsMf/GoCpj+4qLFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTIwMTcwNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI3ODI2Njk1ZDk4YjA1N2U0Yzg2YmNmYjkyMTA3YThiYjQ5NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsknWGzuaTG1Ul+AuRsDR3XN6tLKf
9jIhvmItGtbj17u6qMfiwph7dGsSLf75oNN1SwNRZTc2ORrl8Sn7G0L6J0GyqgW+
yitVXZbYEQGJf0ucjNaWpBks6xJoCOvNzrD0Ec7pmEzek2GlMuddquU5t/NeQRTU
Q3jge24pdjSTHNUjx5NScSIijoYLkPY7Ev/3OfkCV+sMPQNMOLPMLuPEVSZVjG90
WYF+aZReNw1bBJLGkP0iIHYuArOC2zuQoFwZNTfiME5WN3GGNcO1W8IX3/4bTMDO
tWoJ1FS9ELScT6cNhLOC/ZgDntSEMan1Rgdx8xR0hrpnpkoeTGIIpCZe+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDa3gmaV2YsFfkyGvPuSEHqLtJYqMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTnJlQ1pwWFppd1YtVElhOC01SVFlb3UwbGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBAjnwAwQA
PsCYAwQAWSXAAwQAWS83AwQAXVpLAwQAXrEzAwQAsH6uMA0GCSqGSIb3DQEBCwUA
A4IBAQCZniOlxGdnp2RjCM3BdWP8BvyDJ1hVnS07lQ5DfVv163KcdJ/Ahlirq4CA
D2WNh3cwfzzpIo6I/htOOzR1n1t9lho07fk7i4QEb85KVgVQjmjMjtDEzy1i9Inl
oiz1KOt3OJ2M5+VvRI7gnWc5r9tjGskrHEzOhmZR4xD0UtCc9WnoQxmTjjmcDLye
wXc+/wPMLemMzra/D1SbQ7NWuppKWxJ2plExRLiGpkuJIUckXOiM23iyUudZnKiN
mkqupD2a4QoJyUQ8Oc+hTkqmcCEeRaXScRVyPxxAY0XZ8xeZXgirq8jDg0qaR48l
6nrIUXbsSCgKaJ28/PuQxSQtsp+T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org