Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/NgF3oxEk4ooFpHM-mLQAr32f2zo.roa
File: NgF3oxEk4ooFpHM-mLQAr32f2zo.roa (raw, json)
Hash identifier: Na+T5PXy7TSiTBCbof8taLXR6msOtAvNS/OXS8Ojg4M=
Subject key identifier: 36:01:77:A3:11:24:E2:8A:05:A4:73:3E:98:B4:00:AF:7D:9F:DB:3A
Certificate issuer: /CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
Certificate serial: 0185725586E93B802FEFDF28C633752FA6C8
Authority key identifier: A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/NgF3oxEk4ooFpHM-mLQAr32f2zo.roa
Signing time: Mon 02 Jan 2023 11:54:45 +0000
ROA not before: Mon 02 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57670
IP address blocks: 176.105.164.0/24 maxlen: 24
176.105.166.0/24 maxlen: 24
176.105.160.0/19 maxlen: 19
176.105.162.0/24 maxlen: 24
176.105.161.0/24 maxlen: 24
176.105.171.0/24 maxlen: 24
176.105.170.0/24 maxlen: 24
176.105.172.0/24 maxlen: 24
176.105.169.0/24 maxlen: 24
176.105.168.0/24 maxlen: 24
176.105.173.0/24 maxlen: 24
176.105.178.0/24 maxlen: 24
176.105.177.0/24 maxlen: 24
176.105.179.0/24 maxlen: 24
176.105.174.0/24 maxlen: 24
176.105.176.0/24 maxlen: 24
176.105.175.0/24 maxlen: 24
176.105.185.0/24 maxlen: 24
176.105.184.0/24 maxlen: 24
176.105.186.0/24 maxlen: 24
176.105.181.0/24 maxlen: 24
176.105.183.0/24 maxlen: 24
176.105.182.0/24 maxlen: 24
176.105.180.0/24 maxlen: 24
176.105.187.0/24 maxlen: 24
176.105.191.0/24 maxlen: 24
176.105.188.0/24 maxlen: 24
176.105.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:86:e9:3b:80:2f:ef:df:28:c6:33:75:2f:a6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
Validity
Not Before: Jan 2 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=360177a31124e28a05a4733e98b400af7d9fdb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:85:c4:42:87:a8:af:59:59:a5:7b:84:fc:e0:
b5:78:48:49:6f:f5:08:b1:99:69:ec:b0:36:92:be:
d9:29:d3:44:34:ba:7d:15:69:d2:55:09:a7:b6:7e:
03:56:39:34:83:2e:e2:d4:77:13:3c:70:4a:ed:4f:
44:b0:f7:45:e5:d0:12:b9:b0:3a:f1:6d:21:3a:78:
f3:c5:2b:d1:21:3f:7d:ef:ee:21:31:d9:76:22:67:
aa:9a:ab:a6:8f:2c:22:7f:b8:1d:63:e8:ac:85:46:
3d:3d:b8:c0:fc:1f:57:69:fc:93:44:76:2c:d2:c6:
a7:f8:02:77:7e:18:71:83:38:da:9c:3f:3e:da:c4:
e3:b9:3f:d4:da:00:93:79:fb:a9:ba:29:1f:e6:0b:
5f:9d:75:fc:d9:e3:87:37:9a:c5:1a:6c:90:4b:eb:
31:1e:30:e6:57:c5:f5:bb:cd:ca:cf:48:bc:cd:fe:
0f:9f:40:92:31:f5:68:58:4f:14:4e:fd:31:c5:c3:
6f:86:85:4b:2e:7a:62:a1:ad:a6:69:ad:be:5d:c0:
f6:f4:9c:f8:f8:8f:04:d1:41:87:01:77:b5:73:55:
b3:f8:90:17:71:4e:dc:fe:fe:a1:72:09:66:94:2d:
d1:af:65:af:68:bb:82:89:fe:fe:f4:2f:9b:63:79:
b6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:01:77:A3:11:24:E2:8A:05:A4:73:3E:98:B4:00:AF:7D:9F:DB:3A
X509v3 Authority Key Identifier:
keyid:A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/NgF3oxEk4ooFpHM-mLQAr32f2zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.160.0/19
Signature Algorithm: sha256WithRSAEncryption
ab:cb:ae:ab:df:d9:b1:50:26:ce:33:f9:3a:58:10:bb:dd:5c:
c0:74:20:21:25:fc:ad:d5:ef:4f:8c:14:73:e0:18:b5:6b:d7:
5e:28:b5:41:b5:f2:24:6e:4c:7d:d3:a1:dc:60:e5:32:7a:54:
2a:08:dd:40:42:f1:e9:c9:bd:f9:78:12:70:cd:31:cf:64:36:
d9:0d:92:ff:06:69:ac:4f:cd:d7:26:55:ec:c0:76:fa:3d:82:
6d:9f:05:19:1d:49:4e:10:a1:4a:1a:da:14:c7:34:80:9c:fd:
ab:4b:f4:c0:26:99:f9:5b:76:4b:18:0e:81:3c:a7:aa:ee:08:
78:71:c9:67:f8:a1:da:62:7a:fc:91:16:ec:bf:28:2c:b5:98:
ae:63:9d:d6:36:9f:19:85:57:c5:c8:f4:af:51:1c:99:e6:4a:
45:f6:d2:a3:ea:2c:3e:01:da:eb:18:26:83:60:aa:ef:82:a1:
e3:96:a7:91:d0:87:90:7c:44:c3:19:8c:d5:84:d9:89:a6:38:
d7:bd:7b:9c:64:c6:fa:57:08:9f:a3:98:c7:79:38:18:9a:65:
ea:d1:0b:a2:e8:66:ab:42:7a:e1:cb:ad:c1:5c:6e:91:32:da:
01:d6:c9:9d:4d:c2:4a:2a:69:3d:e8:68:e0:f7:9c:60:3b:e8:
aa:21:c6:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVYbpO4Av798oxjN1L6bIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTY1ODhiZDFjY2IyZGQyMjFjNmY4NzgzODU2NzQ3NWQ3
ZWYyOWIwHhcNMjMwMTAyMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjAxNzdhMzExMjRlMjhhMDVhNDczM2U5OGI0MDBhZjdkOWZkYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4XEQoeor1lZpXuE/OC1eEhJb/UI
sZlp7LA2kr7ZKdNENLp9FWnSVQmntn4DVjk0gy7i1HcTPHBK7U9EsPdF5dASubA6
8W0hOnjzxSvRIT997+4hMdl2Imeqmqumjywif7gdY+ishUY9PbjA/B9XafyTRHYs
0san+AJ3fhhxgzjanD8+2sTjuT/U2gCTefupuikf5gtfnXX82eOHN5rFGmyQS+sx
HjDmV8X1u83Kz0i8zf4Pn0CSMfVoWE8UTv0xxcNvhoVLLnpioa2maa2+XcD29Jz4
+I8E0UGHAXe1c1Wz+JAXcU7c/v6hcglmlC3Rr2WvaLuCif7+9C+bY3m2DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYBd6MRJOKKBaRzPpi0AK99n9s6MB8GA1UdIwQY
MBaAFKAWWIvRzLLdIhxvh4OFZ0ddfvKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEt
NzczMTIwZmY3YzBmLzEvTmdGM294RWs0b29GcEhNLW1MUUFyMzJmMnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEtNzczMTIwZmY3YzBm
LzEvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGmgMA0G
CSqGSIb3DQEBCwUAA4IBAQCry66r39mxUCbOM/k6WBC73VzAdCAhJfyt1e9PjBRz
4Bi1a9deKLVBtfIkbkx906HcYOUyelQqCN1AQvHpyb35eBJwzTHPZDbZDZL/Bmms
T83XJlXswHb6PYJtnwUZHUlOEKFKGtoUxzSAnP2rS/TAJpn5W3ZLGA6BPKeq7gh4
ccln+KHaYnr8kRbsvygstZiuY53WNp8ZhVfFyPSvURyZ5kpF9tKj6iw+AdrrGCaD
YKrvgqHjlqeR0IeQfETDGYzVhNmJpjjXvXucZMb6Vwifo5jHeTgYmmXq0Qui6Gar
Qnrhy63BXG6RMtoB1smdTcJKKmk96Gjg95xgO+iqIcaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:28 2024 by rpki-client on console-ams.rpki-client.org