Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/ndlFG3BrUzLOk559SDSfONWHeYU.roa
File: ndlFG3BrUzLOk559SDSfONWHeYU.roa (raw, json)
Hash identifier: 8mRRrhiXaz5VfaArxp4IzV2tKIn7XoJwWdk/HRtm880=
Subject key identifier: 9D:D9:45:1B:70:6B:53:32:CE:93:9E:7D:48:34:9F:38:D5:87:79:85
Certificate issuer: /CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Certificate serial: 0187C360E05121FD27AEE729BCEA5A477D6B
Authority key identifier: 9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/ndlFG3BrUzLOk559SDSfONWHeYU.roa
Signing time: Thu 27 Apr 2023 15:41:58 +0000
ROA not before: Thu 27 Apr 2023 15:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29170
IP address blocks: 185.67.177.201/32 maxlen: 32
178.132.216.0/24 maxlen: 24
82.114.81.0/24 maxlen: 24
178.132.217.0/24 maxlen: 24
82.114.84.0/24 maxlen: 24
82.114.79.0/24 maxlen: 24
178.132.216.0/21 maxlen: 21
178.132.220.0/24 maxlen: 24
82.114.88.0/24 maxlen: 24
46.19.224.0/21 maxlen: 24
46.19.224.0/24 maxlen: 24
46.19.225.0/24 maxlen: 24
46.19.230.0/24 maxlen: 24
82.114.64.0/19 maxlen: 19
82.114.64.0/24 maxlen: 24
82.114.70.0/24 maxlen: 24
82.114.65.0/24 maxlen: 24
82.114.66.0/24 maxlen: 24
82.114.74.0/24 maxlen: 24
82.114.77.0/24 maxlen: 24
82.114.78.0/24 maxlen: 24
82.114.85.19/32 maxlen: 32
185.67.176.0/22 maxlen: 22
185.67.176.0/24 maxlen: 24
185.67.177.0/24 maxlen: 24
185.67.178.0/24 maxlen: 24
185.67.179.0/24 maxlen: 24
185.67.177.175/32 maxlen: 32
185.190.132.0/22 maxlen: 22
185.190.132.0/24 maxlen: 24
185.67.177.176/32 maxlen: 32
2a04:3080::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 01 Jul 2023 22:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:60:e0:51:21:fd:27:ae:e7:29:bc:ea:5a:47:7d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Validity
Not Before: Apr 27 15:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd9451b706b5332ce939e7d48349f38d5877985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c3:7a:90:89:01:49:9d:2a:20:e2:03:2c:b9:
7f:3b:20:9d:12:30:71:4f:25:0d:23:18:30:5d:8c:
df:ba:dc:52:e0:36:7e:d6:bc:06:ef:1d:82:5d:fa:
b1:ea:05:0c:31:1e:21:43:cf:d8:df:4a:cb:c7:ce:
44:71:ff:65:b2:c5:3c:df:10:0b:7e:40:f2:dc:99:
23:8f:6f:ce:c7:69:c3:d7:44:4e:43:30:cb:4c:c6:
d9:65:2b:c2:d4:a9:e8:c9:20:6e:87:9d:80:d7:3e:
dd:13:0e:60:4f:dc:63:8e:12:84:6c:e7:72:fc:f8:
6d:47:0b:04:80:1c:6e:d5:e6:8a:60:32:f0:a0:66:
40:11:e0:88:1c:b4:eb:ff:1e:66:f2:01:05:5c:a5:
76:8b:1d:fa:91:89:81:33:06:f9:b8:c2:b2:d8:64:
ba:be:56:d8:7a:20:f3:37:11:4e:e6:a7:f9:33:06:
59:17:86:e9:2b:6b:ef:91:ec:5d:ab:58:28:61:ce:
8e:80:91:14:fb:ff:0f:5b:96:be:f3:57:ea:b3:14:
02:90:7f:68:29:af:fe:67:d3:92:df:7e:ea:ad:88:
94:bd:a5:9f:7c:2b:b7:e0:f6:f4:0f:2a:4b:a9:87:
d4:24:75:c1:a8:fa:97:3b:2e:21:61:3a:c5:95:f4:
ec:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D9:45:1B:70:6B:53:32:CE:93:9E:7D:48:34:9F:38:D5:87:79:85
X509v3 Authority Key Identifier:
keyid:9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/ndlFG3BrUzLOk559SDSfONWHeYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.224.0/21
82.114.64.0/19
178.132.216.0/21
185.67.176.0/22
185.190.132.0/22
IPv6:
2a04:3080::/29
Signature Algorithm: sha256WithRSAEncryption
0e:ae:cf:a7:34:8b:3e:ee:c0:7d:5b:cf:77:93:9c:d9:dc:45:
d2:5f:69:17:32:69:c3:33:e1:9f:cb:a6:20:ef:6f:2f:e4:fd:
76:35:cb:0e:d6:4f:ba:9c:59:01:7d:ed:69:42:ce:14:af:48:
57:24:29:f8:fd:03:5b:a7:2d:64:9e:01:86:c6:db:4f:0e:a8:
6f:3c:80:32:2b:44:8b:27:7d:5b:7d:1b:42:23:b7:32:45:c3:
5f:06:8f:47:24:80:51:3f:e3:b2:e8:47:b5:4a:0a:91:c3:26:
6d:41:24:af:97:42:9a:ff:82:59:8a:7a:03:7e:37:6b:aa:91:
24:11:61:c3:bf:10:74:51:8a:6b:db:4e:73:84:05:98:83:6a:
be:1d:d3:f4:fc:31:10:c0:79:5c:77:fa:de:48:74:5c:34:51:
00:77:8d:f7:35:a4:8e:44:f4:f4:1f:ce:e7:69:c1:32:a8:a6:
6e:63:1e:47:03:22:b4:2d:a0:c2:8a:e8:4d:83:b7:5e:04:37:
f6:be:3c:c0:ae:4e:5d:40:27:70:9b:ac:8e:6b:6a:64:09:28:
c8:e1:0f:15:40:c8:13:78:2c:b6:bc:70:af:ae:a1:60:04:3d:
0a:b8:40:57:42:d5:4d:bc:f7:a6:84:48:30:50:27:7c:9e:fe:
69:ba:d8:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfDYOBRIf0nrucpvOpaR31rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTJkMzA3MDhiOWQ0ZThjN2MyOGM5N2Y4MDM3YzgwMjcx
NDRjNDcwHhcNMjMwNDI3MTU0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ5NDUxYjcwNmI1MzMyY2U5MzllN2Q0ODM0OWYzOGQ1ODc3OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cN6kIkBSZ0qIOIDLLl/OyCdEjBx
TyUNIxgwXYzfutxS4DZ+1rwG7x2CXfqx6gUMMR4hQ8/Y30rLx85Ecf9lssU83xAL
fkDy3Jkjj2/Ox2nD10ROQzDLTMbZZSvC1KnoySBuh52A1z7dEw5gT9xjjhKEbOdy
/PhtRwsEgBxu1eaKYDLwoGZAEeCIHLTr/x5m8gEFXKV2ix36kYmBMwb5uMKy2GS6
vlbYeiDzNxFO5qf5MwZZF4bpK2vvkexdq1goYc6OgJEU+/8PW5a+81fqsxQCkH9o
Ka/+Z9OS337qrYiUvaWffCu34Pb0DypLqYfUJHXBqPqXOy4hYTrFlfTsGwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ3ZRRtwa1MyzpOefUg0nzjVh3mFMB8GA1UdIwQY
MBaAFJqS0wcIudTox8KMl/gDfIAnFExHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODct
NGUwNjYyMWJkOThhLzEvbmRsRkczQnJVekxPazU1OVNEU2ZPTldIZVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODctNGUwNjYyMWJkOThh
LzEvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLhPgAwQF
UnJAAwQDsoTYAwQCuUOwAwQCub6EMA0EAgACMAcDBQMqBDCAMA0GCSqGSIb3DQEB
CwUAA4IBAQAOrs+nNIs+7sB9W893k5zZ3EXSX2kXMmnDM+Gfy6Yg728v5P12NcsO
1k+6nFkBfe1pQs4Ur0hXJCn4/QNbpy1kngGGxttPDqhvPIAyK0SLJ31bfRtCI7cy
RcNfBo9HJIBRP+Oy6Ee1SgqRwyZtQSSvl0Ka/4JZinoDfjdrqpEkEWHDvxB0UYpr
205zhAWYg2q+HdP0/DEQwHlcd/reSHRcNFEAd433NaSORPT0H87nacEyqKZuYx5H
AyK0LaDCiuhNg7deBDf2vjzArk5dQCdwm6yOa2pkCSjI4Q8VQMgTeCy2vHCvrqFg
BD0KuEBXQtVNvPemhEgwUCd8nv5putiq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:56 2024 by rpki-client on console-ams.rpki-client.org