Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/NRokMT2TAiRW3jNO7x8A7GBH29s.roa
File: NRokMT2TAiRW3jNO7x8A7GBH29s.roa (raw, json)
Hash identifier: 8PERfAtkEWRmqSnopilPgMc6seQcrr7P87nzZ6Bd11M=
Subject key identifier: 35:1A:24:31:3D:93:02:24:56:DE:33:4E:EF:1F:00:EC:60:47:DB:DB
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 019006C1AD3D79D5D8DBB2C8BBA6CAD73169
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/NRokMT2TAiRW3jNO7x8A7GBH29s.roa
Signing time: Tue 11 Jun 2024 10:04:34 +0000
ROA not before: Tue 11 Jun 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21107
IP address blocks: 62.101.144.0/21 maxlen: 21
81.93.92.0/24 maxlen: 24
89.111.225.0/24 maxlen: 24
94.250.48.0/21 maxlen: 24
94.250.56.0/22 maxlen: 24
94.250.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 07:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:c1:ad:3d:79:d5:d8:db:b2:c8:bb:a6:ca:d7:31:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jun 11 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=351a24313d93022456de334eef1f00ec6047dbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:25:4a:81:d4:fc:ab:2f:e9:0d:c6:87:ea:
26:b5:e0:da:43:24:83:38:0c:c0:10:73:f4:1f:00:
da:5f:07:fa:0a:0f:23:55:e3:bc:1c:ac:8c:24:51:
9d:7e:0b:c6:2b:55:b7:72:8b:3b:22:b6:c0:e1:64:
d8:9b:91:0f:b3:45:43:80:71:84:37:6b:12:fa:33:
e6:6c:04:2a:f0:c6:8f:ad:a8:ea:cb:b8:9a:04:3f:
58:f3:69:56:24:8c:59:77:1c:9a:b4:b6:43:86:fd:
c2:bb:24:28:ec:cb:db:5e:76:1b:c0:e6:a0:4e:dc:
42:08:97:c7:db:5d:06:f9:6a:71:7c:fb:76:ee:b6:
19:9a:d9:3d:44:70:71:2f:fe:a0:51:14:c8:2c:0f:
0d:4c:ab:94:3e:03:1c:e8:3d:de:b3:85:b7:f3:c7:
70:4f:a3:26:6a:66:54:ca:a0:68:2c:cf:92:cb:21:
a3:74:a5:8f:c9:f3:4f:21:d8:2a:3e:35:c3:0e:c2:
5d:52:ea:36:13:50:0d:e0:fc:e4:73:fa:ab:f2:26:
33:51:ac:87:e3:0a:f6:f8:74:09:a4:92:a0:58:53:
fc:73:0c:9c:fb:02:44:f5:58:30:e3:08:14:c4:82:
cc:8e:fe:86:ab:28:8d:73:15:e4:86:f6:a9:7a:58:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:24:31:3D:93:02:24:56:DE:33:4E:EF:1F:00:EC:60:47:DB:DB
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/NRokMT2TAiRW3jNO7x8A7GBH29s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.101.144.0/21
81.93.92.0/24
89.111.225.0/24
94.250.48.0-94.250.59.255
94.250.88.0/21
Signature Algorithm: sha256WithRSAEncryption
38:2b:4c:89:89:66:84:f6:71:05:d8:60:b0:ba:ea:f6:c2:55:
79:87:16:76:51:87:cb:ac:de:b0:4a:ba:e8:eb:56:c1:b1:47:
c7:3d:47:ac:f5:80:f0:e9:bf:2a:63:83:8b:f4:0a:32:a5:a8:
f6:98:8d:2b:63:ae:0b:b4:db:3b:3a:da:2c:3d:da:f4:ba:93:
fc:46:3c:55:7d:4f:6c:e1:63:3c:1a:a4:f0:01:21:a2:59:72:
83:bc:ff:53:f7:ea:45:ca:23:72:cc:0f:26:89:e9:09:13:25:
2f:72:fd:f1:9b:a8:0f:68:a9:52:54:54:8f:52:80:e7:53:4c:
e3:13:e4:47:b4:f6:0d:bf:c3:06:7c:fe:c8:25:17:15:d7:b2:
0d:68:e6:2e:f4:9f:16:10:4d:20:f0:87:31:05:2a:5b:f8:f5:
33:c9:71:00:0a:7f:6e:52:c0:5f:49:d9:ab:4d:a2:23:79:29:
68:40:96:c7:79:92:d4:f3:b0:7d:d9:c7:77:8b:79:c5:6e:04:
c8:f0:b1:06:ef:54:2a:18:37:6c:9a:6c:a2:88:b3:3f:7e:39:
c5:63:46:26:d3:32:a0:f7:99:18:94:0e:f6:f9:02:b6:64:64:
09:7c:af:31:44:1a:ee:fe:e7:7c:72:92:ce:0c:50:23:32:12:
31:20:90:d9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZAGwa09edXY27LIu6bK1zFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwNjExMTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFhMjQzMTNkOTMwMjI0NTZkZTMzNGVlZjFmMDBlYzYwNDdkYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9MlSoHU/Ksv6Q3Gh+omteDaQySD
OAzAEHP0HwDaXwf6Cg8jVeO8HKyMJFGdfgvGK1W3cos7IrbA4WTYm5EPs0VDgHGE
N2sS+jPmbAQq8MaPrajqy7iaBD9Y82lWJIxZdxyatLZDhv3CuyQo7MvbXnYbwOag
TtxCCJfH210G+WpxfPt27rYZmtk9RHBxL/6gURTILA8NTKuUPgMc6D3es4W388dw
T6MmamZUyqBoLM+SyyGjdKWPyfNPIdgqPjXDDsJdUuo2E1AN4Pzkc/qr8iYzUayH
4wr2+HQJpJKgWFP8cwyc+wJE9Vgw4wgUxILMjv6GqyiNcxXkhvapeljzMQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDUaJDE9kwIkVt4zTu8fAOxgR9vbMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvTlJva01UMlRBaVJXM2pOTzd4OEE3R0JIMjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDPmWQAwQA
UV1cAwQAWW/hMAwDBARe+jADBAJe+jgDBANe+lgwDQYJKoZIhvcNAQELBQADggEB
ADgrTImJZoT2cQXYYLC66vbCVXmHFnZRh8us3rBKuujrVsGxR8c9R6z1gPDpvypj
g4v0CjKlqPaYjStjrgu02zs62iw92vS6k/xGPFV9T2zhYzwapPABIaJZcoO8/1P3
6kXKI3LMDyaJ6QkTJS9y/fGbqA9oqVJUVI9SgOdTTOMT5Ee09g2/wwZ8/sglFxXX
sg1o5i70nxYQTSDwhzEFKlv49TPJcQAKf25SwF9J2atNoiN5KWhAlsd5ktTzsH3Z
x3eLecVuBMjwsQbvVCoYN2yabKKIsz9+OcVjRibTMqD3mRiUDvb5ArZkZAl8rzFE
Gu7+53xyks4MUCMyEjEgkNk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:27 2025 by rpki-client