Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/NX_AZtuFKyaG3fxjsW2fmazQurg.roa
File: NX_AZtuFKyaG3fxjsW2fmazQurg.roa (raw, json)
Hash identifier: /6s9rQp4frjFD6jG/P1szrooUIeDNftsFBb3nYtrtoY=
Subject key identifier: 35:7F:C0:66:DB:85:2B:26:86:DD:FC:63:B1:6D:9F:99:AC:D0:BA:B8
Certificate issuer: /CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Certificate serial: 01857315E93B722F97D5A50B54FDCDA45012
Authority key identifier: 3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/NX_AZtuFKyaG3fxjsW2fmazQurg.roa
Signing time: Mon 02 Jan 2023 15:24:53 +0000
ROA not before: Mon 02 Jan 2023 15:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 109.237.176.0/20 maxlen: 20
80.187.160.0/20 maxlen: 20
193.254.160.0/20 maxlen: 20
31.224.0.0/11 maxlen: 11
193.254.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:e9:3b:72:2f:97:d5:a5:0b:54:fd:cd:a4:50:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Validity
Not Before: Jan 2 15:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357fc066db852b2686ddfc63b16d9f99acd0bab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:7f:6b:5c:33:7b:43:80:af:72:8f:eb:65:
b2:10:3f:da:17:1e:3e:ad:c1:d9:b8:62:88:b8:65:
cd:ec:24:41:9a:d2:8b:df:c2:e3:a7:0f:25:78:2d:
7d:83:77:35:b4:0b:5f:06:0b:b7:8e:67:a2:08:45:
4f:c0:16:cf:ad:60:48:24:c7:d7:7c:ff:eb:e7:4f:
7f:ca:ad:d2:da:0e:8a:1e:00:bb:97:ae:ea:56:23:
af:ac:8f:a8:e3:ce:ce:cf:e6:91:48:1f:9c:8a:e5:
bb:14:1e:79:91:19:27:ab:84:f6:ac:58:5e:4c:3d:
f9:0e:e9:33:a1:68:4a:d3:69:01:c3:e7:47:0a:12:
53:ec:76:76:83:56:1d:6b:bc:fd:68:a5:ab:7c:29:
37:be:9a:b1:92:2e:2d:81:8a:3c:4e:03:e6:08:ed:
5a:ef:1c:91:84:35:76:62:6e:34:85:ff:68:be:a5:
91:6a:a2:b7:ca:e3:c4:e1:cf:0b:a9:ac:c8:19:96:
29:c5:50:c0:58:0f:77:cc:af:32:6c:e1:1c:00:93:
24:9f:d5:5b:70:82:4c:9e:28:b9:2e:b3:71:97:68:
5f:98:83:6b:4e:4f:25:31:89:c5:7d:e6:81:28:83:
5c:73:1a:9c:5e:84:d5:61:f8:13:95:20:a4:b6:b2:
1e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7F:C0:66:DB:85:2B:26:86:DD:FC:63:B1:6D:9F:99:AC:D0:BA:B8
X509v3 Authority Key Identifier:
keyid:3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/NX_AZtuFKyaG3fxjsW2fmazQurg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.224.0.0/11
80.187.160.0/20
109.237.176.0/20
193.254.128.0-193.254.175.255
Signature Algorithm: sha256WithRSAEncryption
9c:54:dd:d7:cb:ea:ef:ef:e3:62:98:e6:d7:c7:f2:22:49:24:
57:3b:f2:d0:00:00:b9:fd:a5:54:5d:c1:83:a4:3a:b1:2a:1d:
2a:9b:24:dd:e8:a1:2f:00:97:11:4e:27:35:2a:2e:85:d5:a9:
1e:f2:b7:7a:21:d9:0e:e4:0b:86:86:23:39:f7:5f:3c:a2:29:
fa:13:2e:fe:06:11:a2:3b:59:13:72:87:bf:81:d1:78:47:fc:
0a:42:7a:8c:1e:2a:f7:a9:cc:4b:0a:7a:1f:d7:e9:ce:82:54:
da:c3:1f:5d:59:7c:20:a5:b0:f6:62:59:35:b5:56:16:a5:73:
94:da:ae:d6:05:f6:96:85:d0:73:d4:38:02:b7:66:48:0d:68:
c7:9d:22:2f:d6:3f:a9:51:eb:9e:60:61:10:df:8e:68:71:e3:
32:6f:1c:12:21:54:da:23:cd:82:55:58:35:1f:17:41:79:88:
4a:d6:f3:15:6c:18:df:bb:07:59:db:50:84:36:19:92:15:47:
23:84:1e:19:47:29:c8:c5:25:c5:ab:35:c8:a7:69:ba:f7:43:
2c:a3:79:41:b4:3c:78:6f:60:8f:00:14:b9:32:a2:d6:3c:93:
35:b8:d5:43:1b:b5:f3:79:ae:90:69:a0:3d:88:65:a7:fc:bc:
ca:94:54:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVzFek7ci+X1aULVP3NpFASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMjMwNDQyZmVhZTlmYzI2YjhiZDg4N2ZhYTBlZDAyNzU4
MjdhNTgwHhcNMjMwMTAyMTUyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdmYzA2NmRiODUyYjI2ODZkZGZjNjNiMTZkOWY5OWFjZDBiYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPt/a1wze0OAr3KP62WyED/aFx4+
rcHZuGKIuGXN7CRBmtKL38Ljpw8leC19g3c1tAtfBgu3jmeiCEVPwBbPrWBIJMfX
fP/r509/yq3S2g6KHgC7l67qViOvrI+o487Oz+aRSB+ciuW7FB55kRknq4T2rFhe
TD35DukzoWhK02kBw+dHChJT7HZ2g1Yda7z9aKWrfCk3vpqxki4tgYo8TgPmCO1a
7xyRhDV2Ym40hf9ovqWRaqK3yuPE4c8LqazIGZYpxVDAWA93zK8ybOEcAJMkn9Vb
cIJMnii5LrNxl2hfmINrTk8lMYnFfeaBKINccxqcXoTVYfgTlSCktrIeBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDV/wGbbhSsmht38Y7Ftn5ms0Lq4MB8GA1UdIwQY
MBaAFDsjBEL+rp/Ca4vYh/qg7QJ1gnpYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYt
NzI2NzA3Mzc2MWQ0LzEvTlhfQVp0dUZLeWFHM2Z4anNXMmZtYXpRdXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYtNzI2NzA3Mzc2MWQ0
LzEvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwMFH+ADBARQ
u6ADBARt7bAwDAMEB8H+gAMEBMH+oDANBgkqhkiG9w0BAQsFAAOCAQEAnFTd18vq
7+/jYpjm18fyIkkkVzvy0AAAuf2lVF3Bg6Q6sSodKpsk3eihLwCXEU4nNSouhdWp
HvK3eiHZDuQLhoYjOfdfPKIp+hMu/gYRojtZE3KHv4HReEf8CkJ6jB4q96nMSwp6
H9fpzoJU2sMfXVl8IKWw9mJZNbVWFqVzlNqu1gX2loXQc9Q4ArdmSA1ox50iL9Y/
qVHrnmBhEN+OaHHjMm8cEiFU2iPNglVYNR8XQXmIStbzFWwY37sHWdtQhDYZkhVH
I4QeGUcpyMUlxas1yKdpuvdDLKN5QbQ8eG9gjwAUuTKi1jyTNbjVQxu183mukGmg
PYhlp/y8ypRUhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:00 2024 by rpki-client on console-fra.rpki-client.org